Version Description
- Added input elements with the type of 'image' to be filtered for insecure content.
Download this release
Release Info
| Developer | Mvied |
| Plugin |  WordPress HTTPS (SSL) |
| Version | 1.5.1 |
| Comparing to | |
| See all releases | |
Code changes from version 1.5 to 1.5.1
- readme.txt +3 -1
- wordpress-https.php +13 -15
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_i
|
|
| 4 |
Tags: encrypted, ssl, http, https
|
| 5 |
Requires at least: 2.7.0
|
| 6 |
Tested up to: 3.0.1
|
| 7 |
-
Stable tag: 1.5
|
| 8 |
|
| 9 |
Features: Force HTTPS on only certain pages. Fix partially encrypted errors. Disable WordPress from changing links to HTTPS. And more!
|
| 10 |
|
|
@@ -62,6 +62,8 @@ In most cases, yes. There are limitations to what this plugin can fix. Here are
|
|
| 62 |
|
| 63 |
== Changelog ==
|
| 64 |
|
|
|
|
|
|
|
| 65 |
= 1.5 =
|
| 66 |
* Added the ability to force SSL on certain pages.
|
| 67 |
* Also added the option to exclusively force SSL on certain pages. Pages not forced to HTTPS are forced to HTTP.
|
| 4 |
Tags: encrypted, ssl, http, https
|
| 5 |
Requires at least: 2.7.0
|
| 6 |
Tested up to: 3.0.1
|
| 7 |
+
Stable tag: 1.5.1
|
| 8 |
|
| 9 |
Features: Force HTTPS on only certain pages. Fix partially encrypted errors. Disable WordPress from changing links to HTTPS. And more!
|
| 10 |
|
| 62 |
|
| 63 |
== Changelog ==
|
| 64 |
|
| 65 |
+
= 1.5.1 =
|
| 66 |
+
* Added input elements with the type of 'image' to be filtered for insecure content.
|
| 67 |
= 1.5 =
|
| 68 |
* Added the ability to force SSL on certain pages.
|
| 69 |
* Also added the option to exclusively force SSL on certain pages. Pages not forced to HTTPS are forced to HTTP.
|
wordpress-https.php
CHANGED
|
@@ -4,7 +4,7 @@ Plugin Name: WordPress HTTPS
|
|
| 4 |
Plugin URI: http://mvied.com/projects/wordpress-https/
|
| 5 |
Description: Prevents HTTPS pages from loading non-HTTPS elements. Also gives the option to disable WordPress 3.0+ from changing links to HTTPS.
|
| 6 |
Author: Mike Ems
|
| 7 |
-
Version: 1.5
|
| 8 |
Author URI: http://mvied.com/
|
| 9 |
*/
|
| 10 |
|
|
@@ -32,7 +32,7 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 32 |
* @var int
|
| 33 |
*/
|
| 34 |
var $wp_version;
|
| 35 |
-
|
| 36 |
/**
|
| 37 |
* Initialize plugin
|
| 38 |
*
|
|
@@ -42,7 +42,7 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 42 |
function __construct() {
|
| 43 |
// Format WordPress version for comparison. 2.9 => 29, 3.0 => 30, etc.
|
| 44 |
$this->wp_version = (int)substr(str_replace('.','',get_bloginfo('version')), 0, 2);
|
| 45 |
-
|
| 46 |
// Define default options
|
| 47 |
$this->options_default = array(
|
| 48 |
'wordpress-https_externalurls' => 0, // Option to change external URL's to HTTPS
|
|
@@ -54,7 +54,7 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 54 |
if ( is_admin() ) {
|
| 55 |
// Add admin menus
|
| 56 |
add_action('admin_menu', array(&$this, 'menu'));
|
| 57 |
-
|
| 58 |
// Set default options
|
| 59 |
foreach ( $this->options_default as $option => $value ) {
|
| 60 |
if ( get_option($option) === false ) {
|
|
@@ -65,11 +65,11 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 65 |
// If not admin, enable front-end redirection
|
| 66 |
add_action('wp_head', array(&$this, 'redirect'));
|
| 67 |
}
|
| 68 |
-
|
| 69 |
// Add 'Force SSL' checkbox to add/edit post pages
|
| 70 |
add_action('post_submitbox_misc_actions', array(&$this, 'post_checkbox'));
|
| 71 |
add_action('save_post', array(&$this, 'post_save'));
|
| 72 |
-
|
| 73 |
// Output buffering
|
| 74 |
add_action('plugins_loaded', array(&$this, 'buffer_start'));
|
| 75 |
//add_action('wp_footer', array(&$this, 'buffer_end'));
|
|
@@ -104,7 +104,7 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 104 |
}
|
| 105 |
echo '<div class="misc-pub-section misc-pub-section-last" style="border-top: 1px solid #EEE;"><label>Force HTTPS: <input type="checkbox" value="1" name="force_ssl" id="force_ssl"'.(($checked) ? ' checked="checked"' : '').' /></label></div>';
|
| 106 |
}
|
| 107 |
-
|
| 108 |
/**
|
| 109 |
* Save Force SSL option to post or page
|
| 110 |
*
|
|
@@ -156,7 +156,7 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 156 |
}
|
| 157 |
return $result;
|
| 158 |
}
|
| 159 |
-
|
| 160 |
/**
|
| 161 |
* Add admin panel menu option
|
| 162 |
*
|
|
@@ -253,20 +253,18 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 253 |
<fieldset>
|
| 254 |
<legend class="screen-reader-text"><span>Exclusively force SSL on posts and pages with the 'Force SSL' option checked. All others are redirected to HTTP.</span></legend>
|
| 255 |
<label for="wordpress-https_exclusive_https"><input name="wordpress-https_exclusive_https" type="checkbox" id="wordpress-https_exclusive_https" value="1"<?php echo ((get_option('wordpress-https_exclusive_https')) ? ' checked="checked"' : ''); ?> /> Exclusively force SSL on posts and pages with the `Force SSL` option checked. All others are redirected to HTTP.</label>
|
| 256 |
-
<p class="description">WordPress HTTPS adds a 'Force SSL' checkbox to each post and page right above the publish button (screenshot). When selected, the post or page will be forced to HTTPS. With this option enabled, all posts and pages without 'Force SSL' checked will be redirected to HTTP.</p>
|
| 257 |
</fieldset>
|
| 258 |
</td>
|
| 259 |
</tr>
|
| 260 |
</table>
|
| 261 |
<p class="submit"><input type="submit" name="Submit" value="Save Changes" class="button-primary" /></p>
|
| 262 |
-
<p>This plugin was created by <a href="http://mvied.com/" target="_blank">Mike Ems</a
|
| 263 |
-
<p>If you found my plugin useful, please <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=6ZL95VTJ388HG" target="_blank">donate</a>.</p>
|
| 264 |
-
<p>If you need technical assistance, want to provide feedback, or just want to say thanks, <a href="http://wordpress.org/tags/wordpress-https#postform" target="_blank">drop me a line</a>.</p>
|
| 265 |
</form>
|
| 266 |
</div>
|
| 267 |
<?php
|
| 268 |
}
|
| 269 |
-
|
| 270 |
/**
|
| 271 |
* Redirect posts and pages accordingly
|
| 272 |
*
|
|
@@ -307,12 +305,12 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 307 |
}
|
| 308 |
$httpUrl = $this->replace_https($httpsUrl);
|
| 309 |
|
| 310 |
-
preg_match_all('/\<(script|link|img).*(http:\/\/[\/-\w\.]+)/im',$buffer,$matches);
|
| 311 |
for ($i = 0; $i<=sizeof($matches[0]); $i++) {
|
| 312 |
$html = $matches[0][$i];
|
| 313 |
$type = $matches[1][$i];
|
| 314 |
$url = $matches[2][$i];
|
| 315 |
-
if ( ( $type == 'link' && strpos($html, 'stylesheet') !== false ) || $type == 'script' || $type == 'img' ) {
|
| 316 |
if ( strpos($html,$httpUrl) !== false ) {
|
| 317 |
$buffer = str_replace($html, $this->replace_http($html), $buffer);
|
| 318 |
} else if ( get_option('wordpress-https_externalurls') == 1 ) {
|
| 4 |
Plugin URI: http://mvied.com/projects/wordpress-https/
|
| 5 |
Description: Prevents HTTPS pages from loading non-HTTPS elements. Also gives the option to disable WordPress 3.0+ from changing links to HTTPS.
|
| 6 |
Author: Mike Ems
|
| 7 |
+
Version: 1.5.1
|
| 8 |
Author URI: http://mvied.com/
|
| 9 |
*/
|
| 10 |
|
| 32 |
* @var int
|
| 33 |
*/
|
| 34 |
var $wp_version;
|
| 35 |
+
|
| 36 |
/**
|
| 37 |
* Initialize plugin
|
| 38 |
*
|
| 42 |
function __construct() {
|
| 43 |
// Format WordPress version for comparison. 2.9 => 29, 3.0 => 30, etc.
|
| 44 |
$this->wp_version = (int)substr(str_replace('.','',get_bloginfo('version')), 0, 2);
|
| 45 |
+
|
| 46 |
// Define default options
|
| 47 |
$this->options_default = array(
|
| 48 |
'wordpress-https_externalurls' => 0, // Option to change external URL's to HTTPS
|
| 54 |
if ( is_admin() ) {
|
| 55 |
// Add admin menus
|
| 56 |
add_action('admin_menu', array(&$this, 'menu'));
|
| 57 |
+
|
| 58 |
// Set default options
|
| 59 |
foreach ( $this->options_default as $option => $value ) {
|
| 60 |
if ( get_option($option) === false ) {
|
| 65 |
// If not admin, enable front-end redirection
|
| 66 |
add_action('wp_head', array(&$this, 'redirect'));
|
| 67 |
}
|
| 68 |
+
|
| 69 |
// Add 'Force SSL' checkbox to add/edit post pages
|
| 70 |
add_action('post_submitbox_misc_actions', array(&$this, 'post_checkbox'));
|
| 71 |
add_action('save_post', array(&$this, 'post_save'));
|
| 72 |
+
|
| 73 |
// Output buffering
|
| 74 |
add_action('plugins_loaded', array(&$this, 'buffer_start'));
|
| 75 |
//add_action('wp_footer', array(&$this, 'buffer_end'));
|
| 104 |
}
|
| 105 |
echo '<div class="misc-pub-section misc-pub-section-last" style="border-top: 1px solid #EEE;"><label>Force HTTPS: <input type="checkbox" value="1" name="force_ssl" id="force_ssl"'.(($checked) ? ' checked="checked"' : '').' /></label></div>';
|
| 106 |
}
|
| 107 |
+
|
| 108 |
/**
|
| 109 |
* Save Force SSL option to post or page
|
| 110 |
*
|
| 156 |
}
|
| 157 |
return $result;
|
| 158 |
}
|
| 159 |
+
|
| 160 |
/**
|
| 161 |
* Add admin panel menu option
|
| 162 |
*
|
| 253 |
<fieldset>
|
| 254 |
<legend class="screen-reader-text"><span>Exclusively force SSL on posts and pages with the 'Force SSL' option checked. All others are redirected to HTTP.</span></legend>
|
| 255 |
<label for="wordpress-https_exclusive_https"><input name="wordpress-https_exclusive_https" type="checkbox" id="wordpress-https_exclusive_https" value="1"<?php echo ((get_option('wordpress-https_exclusive_https')) ? ' checked="checked"' : ''); ?> /> Exclusively force SSL on posts and pages with the `Force SSL` option checked. All others are redirected to HTTP.</label>
|
| 256 |
+
<p class="description">WordPress HTTPS adds a 'Force SSL' checkbox to each post and page right above the publish button (<a href="http://s.wordpress.org/extend/plugins/wordpress-https/screenshot-2.png" target="_blank">screenshot</a>). When selected, the post or page will be forced to HTTPS. With this option enabled, all posts and pages without 'Force SSL' checked will be redirected to HTTP.</p>
|
| 257 |
</fieldset>
|
| 258 |
</td>
|
| 259 |
</tr>
|
| 260 |
</table>
|
| 261 |
<p class="submit"><input type="submit" name="Submit" value="Save Changes" class="button-primary" /></p>
|
| 262 |
+
<p>This plugin was created by <a href="http://mvied.com/" target="_blank">Mike Ems</a>. If you found my plugin useful, please consider <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=6ZL95VTJ388HG" target="_blank">donating</a> and/or <a href="http://wordpress.org/extend/plugins/wordpress-https/">rating</a>. If you're having any trouble, please <a href="http://wordpress.org/tags/wordpress-https#postform" target="_blank">start a support topic</a>. Thanks for downloading!</p>
|
|
|
|
|
|
|
| 263 |
</form>
|
| 264 |
</div>
|
| 265 |
<?php
|
| 266 |
}
|
| 267 |
+
|
| 268 |
/**
|
| 269 |
* Redirect posts and pages accordingly
|
| 270 |
*
|
| 305 |
}
|
| 306 |
$httpUrl = $this->replace_https($httpsUrl);
|
| 307 |
|
| 308 |
+
preg_match_all('/\<(script|link|img|input).*(http:\/\/[\/-\w\.]+)/im',$buffer,$matches);
|
| 309 |
for ($i = 0; $i<=sizeof($matches[0]); $i++) {
|
| 310 |
$html = $matches[0][$i];
|
| 311 |
$type = $matches[1][$i];
|
| 312 |
$url = $matches[2][$i];
|
| 313 |
+
if ( ( $type == 'link' && strpos($html, 'stylesheet') !== false ) || ( $type == 'input' && strpos($html, 'image') !== false ) || $type == 'script' || $type == 'img' ) {
|
| 314 |
if ( strpos($html,$httpUrl) !== false ) {
|
| 315 |
$buffer = str_replace($html, $this->replace_http($html), $buffer);
|
| 316 |
} else if ( get_option('wordpress-https_externalurls') == 1 ) {
|
