Version Description
- Ensured that deprected options are removed from a WordPress installation when activating the plugin.
- Added an option to the WordPress HTTPS settings page to delete the cache of external links.
- Bug Fix - URL's entered for SSL Host were not validing correctly.
- Bug Fix - External URL's were not always being identified as valid external elements.
- Bug Fix - Slight enhancement to SSL detection.
Download this release
Release Info
| Developer | Mvied |
| Plugin |  WordPress HTTPS (SSL) |
| Version | 2.0.1 |
| Comparing to | |
| See all releases | |
Code changes from version 2.0 to 2.0.1
- css/admin.css +4 -0
- js/admin.php +9 -0
- readme.txt +7 -1
- uninstall.php +19 -0
- wordpress-https.php +170 -114
css/admin.css
CHANGED
|
@@ -23,6 +23,10 @@ form#wordpress-https table tr th {
|
|
| 23 |
form#wordpress-https table tr td {
|
| 24 |
padding: 10px 0 0 0;
|
| 25 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
| 26 |
|
| 27 |
div#wphttps-sidebar {
|
| 28 |
margin: 20px 0 0 -300px;
|
| 23 |
form#wordpress-https table tr td {
|
| 24 |
padding: 10px 0 0 0;
|
| 25 |
}
|
| 26 |
+
form#wordpress-https #settings-reset {
|
| 27 |
+
float: left;
|
| 28 |
+
margin-right: 10px;
|
| 29 |
+
}
|
| 30 |
|
| 31 |
div#wphttps-sidebar {
|
| 32 |
margin: 20px 0 0 -300px;
|
js/admin.php
CHANGED
|
@@ -33,6 +33,15 @@ jQuery(document).ready(function($) {
|
|
| 33 |
|
| 34 |
$('#wordpress-https').ajaxForm(options);
|
| 35 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 36 |
$('#wphttps-updates .wphttps-widget-content').load('<?php echo parse_url($wordpress_https->plugin_url, PHP_URL_PATH); ?>/js/updates.php');
|
| 37 |
|
| 38 |
$.ajax({
|
| 33 |
|
| 34 |
$('#wordpress-https').ajaxForm(options);
|
| 35 |
|
| 36 |
+
$('#settings-reset').click(function(e, el) {
|
| 37 |
+
if ( confirm('Are you sure you want to reset all WordPress HTTPS settings?') ) {
|
| 38 |
+
$(this).parents('form').submit();
|
| 39 |
+
} else {
|
| 40 |
+
e.preventDefault();
|
| 41 |
+
return false;
|
| 42 |
+
}
|
| 43 |
+
});
|
| 44 |
+
|
| 45 |
$('#wphttps-updates .wphttps-widget-content').load('<?php echo parse_url($wordpress_https->plugin_url, PHP_URL_PATH); ?>/js/updates.php');
|
| 46 |
|
| 47 |
$.ajax({
|
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_i
|
|
| 4 |
Tags: security, encryption, ssl, shared ssl, private ssl, public ssl, private ssl, http, https
|
| 5 |
Requires at least: 2.7.0
|
| 6 |
Tested up to: 3.2.1
|
| 7 |
-
Stable tag: 2.0
|
| 8 |
|
| 9 |
WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
|
| 10 |
|
|
@@ -78,6 +78,12 @@ add_filter('force_ssl' , 'custom_force_ssl', 10, 2);
|
|
| 78 |
|
| 79 |
== Changelog ==
|
| 80 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 81 |
= 2.0 =
|
| 82 |
* Full support for using a custom SSL port has been added. A special thanks to <a href="http://chrisdoingweb.com/">Chris "doingweb" Antes</a> for his feedback and testing of this feature.
|
| 83 |
* Forcing pages to/from HTTPS is now pluggable using the 'force_ssl' filter.
|
| 4 |
Tags: security, encryption, ssl, shared ssl, private ssl, public ssl, private ssl, http, https
|
| 5 |
Requires at least: 2.7.0
|
| 6 |
Tested up to: 3.2.1
|
| 7 |
+
Stable tag: 2.0.1
|
| 8 |
|
| 9 |
WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
|
| 10 |
|
| 78 |
|
| 79 |
== Changelog ==
|
| 80 |
|
| 81 |
+
= 2.0.1 =
|
| 82 |
+
* Ensured that deprected options are removed from a WordPress installation when activating the plugin.
|
| 83 |
+
* Added an option to the WordPress HTTPS settings page to delete the cache of external links.
|
| 84 |
+
* Bug Fix - URL's entered for SSL Host were not validing correctly.
|
| 85 |
+
* Bug Fix - External URL's were not always being identified as valid external elements.
|
| 86 |
+
* Bug Fix - Slight enhancement to SSL detection.
|
| 87 |
= 2.0 =
|
| 88 |
* Full support for using a custom SSL port has been added. A special thanks to <a href="http://chrisdoingweb.com/">Chris "doingweb" Antes</a> for his feedback and testing of this feature.
|
| 89 |
* Forcing pages to/from HTTPS is now pluggable using the 'force_ssl' filter.
|
uninstall.php
ADDED
|
@@ -0,0 +1,19 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
<?php
|
| 2 |
+
|
| 3 |
+
require_once('wordpress-https.php');
|
| 4 |
+
|
| 5 |
+
if ( !defined('WP_UNINSTALL_PLUGIN') ) {
|
| 6 |
+
die();
|
| 7 |
+
}
|
| 8 |
+
|
| 9 |
+
// Delete WordPress HTTPS options
|
| 10 |
+
delete_option('wordpress-https_external_urls');
|
| 11 |
+
delete_option('wordpress-https_unsecure_external_urls');
|
| 12 |
+
delete_option('wordpress-https_ssl_host');
|
| 13 |
+
delete_option('wordpress-https_ssl_port');
|
| 14 |
+
delete_option('wordpress-https_exclusive_https');
|
| 15 |
+
delete_option('wordpress-https_frontpage');
|
| 16 |
+
delete_option('wordpress-https_ssl_admin');
|
| 17 |
+
|
| 18 |
+
// Delete force_ssl custom_field from posts and pages
|
| 19 |
+
delete_metadata('post', null, 'force_ssl', null, true);
|
wordpress-https.php
CHANGED
|
@@ -4,7 +4,7 @@
|
|
| 4 |
Plugin URI: http://mvied.com/projects/wordpress-https/
|
| 5 |
Description: WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
|
| 6 |
Author: Mike Ems
|
| 7 |
-
Version: 2.0
|
| 8 |
Author URI: http://mvied.com/
|
| 9 |
*/
|
| 10 |
|
|
@@ -24,7 +24,7 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 24 |
*
|
| 25 |
* @var int
|
| 26 |
*/
|
| 27 |
-
public $version = '2.0';
|
| 28 |
|
| 29 |
/**
|
| 30 |
* Debug Mode
|
|
@@ -96,10 +96,10 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 96 |
protected $options_default = array(
|
| 97 |
'wordpress-https_external_urls' => array(), // External URL's that are okay to rewrite to HTTPS
|
| 98 |
'wordpress-https_unsecure_external_urls' => array(), // External URL's that are okay to rewrite to HTTPS
|
|
|
|
|
|
|
| 99 |
'wordpress-https_exclusive_https' => 0, // Exclusively force SSL on posts and pages with the `Force SSL` option checked.
|
| 100 |
'wordpress-https_frontpage' => 0, // Force SSL on front page
|
| 101 |
-
'wordpress-https_ssl_host' => 0, // Hostname for SSL Host
|
| 102 |
-
'wordpress-https_ssl_port' => 0, // Port number for SSL Host
|
| 103 |
'wordpress-https_ssl_admin' => 0 // Force SSL Over Administration Panel (The same as FORCE_SSL_ADMIN)
|
| 104 |
);
|
| 105 |
|
|
@@ -152,11 +152,12 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 152 |
add_filter('allowed_redirect_hosts' , array(&$this, 'allowed_redirect_hosts'), 10, 1);
|
| 153 |
|
| 154 |
// Remove SSL Host authentication cookies on logout
|
| 155 |
-
add_action('clear_auth_cookie', array(&$this, '
|
| 156 |
|
| 157 |
// Set authentication cookie
|
| 158 |
if ( $this->is_ssl() ) {
|
| 159 |
add_action('set_auth_cookie', array(&$this, 'set_cookie'), 10, 5);
|
|
|
|
| 160 |
}
|
| 161 |
|
| 162 |
// Fix admin_url on login page
|
|
@@ -188,8 +189,7 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 188 |
}
|
| 189 |
|
| 190 |
// Start output buffering
|
| 191 |
-
add_action('
|
| 192 |
-
add_action('admin_init', array(&$this, 'buffer_start'));
|
| 193 |
|
| 194 |
// Check if the page needs to be redirected
|
| 195 |
add_action('template_redirect', array(&$this, 'redirect_check'));
|
|
@@ -255,8 +255,6 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 255 |
}
|
| 256 |
|
| 257 |
/**
|
| 258 |
-
* Install
|
| 259 |
-
*
|
| 260 |
* Operations performed when plugin is activated.
|
| 261 |
*
|
| 262 |
* @param none
|
|
@@ -274,34 +272,25 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 274 |
}
|
| 275 |
|
| 276 |
/**
|
| 277 |
-
* Uninstall
|
| 278 |
-
*
|
| 279 |
-
* Operations performed when plugin is deleted.
|
| 280 |
-
*
|
| 281 |
-
* @param none
|
| 282 |
-
* @return void
|
| 283 |
-
*/
|
| 284 |
-
public function uninstall() {
|
| 285 |
-
// Delete options
|
| 286 |
-
foreach ( $this->options_default as $option => $value ) {
|
| 287 |
-
if ( get_option($option) !== false ) {
|
| 288 |
-
delete_option($option);
|
| 289 |
-
}
|
| 290 |
-
}
|
| 291 |
-
// Delete force_ssl custom_field from posts and pages
|
| 292 |
-
delete_metadata('post', null, 'force_ssl', null, true);
|
| 293 |
-
}
|
| 294 |
-
|
| 295 |
-
/**
|
| 296 |
-
* Update
|
| 297 |
-
*
|
| 298 |
* Updates plugin from one version to another
|
| 299 |
*
|
| 300 |
* @param none
|
| 301 |
* @return void
|
| 302 |
*/
|
| 303 |
protected function update() {
|
| 304 |
-
//
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 305 |
if ( get_option('wordpress-https_sharedssl') ) {
|
| 306 |
$shared_ssl = ((get_option('wordpress-https_sharedssl') == 1) ? true : false);
|
| 307 |
|
|
@@ -331,8 +320,6 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 331 |
}
|
| 332 |
|
| 333 |
/**
|
| 334 |
-
* Log
|
| 335 |
-
*
|
| 336 |
* Adds a string to an array of log entries
|
| 337 |
*
|
| 338 |
* @param none
|
|
@@ -343,8 +330,6 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 343 |
}
|
| 344 |
|
| 345 |
/**
|
| 346 |
-
* Warnings
|
| 347 |
-
*
|
| 348 |
* Returns an array of warnings to notify the user of on the settings page
|
| 349 |
*
|
| 350 |
* @param none
|
|
@@ -374,13 +359,37 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 374 |
* @return string $url
|
| 375 |
*/
|
| 376 |
static function get_url($string) {
|
| 377 |
-
preg_match_all('/(http|https):\/\/[\/-\w
|
| 378 |
$url = @$url[0][0];
|
| 379 |
return $url;
|
| 380 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 381 |
|
| 382 |
/**
|
| 383 |
-
* Replace HTTPS with HTTP
|
| 384 |
*
|
| 385 |
* @param string $string
|
| 386 |
* @return string $string
|
|
@@ -390,7 +399,7 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 390 |
}
|
| 391 |
|
| 392 |
/**
|
| 393 |
-
* Replace HTTP with HTTPS
|
| 394 |
*
|
| 395 |
* @param string $string
|
| 396 |
* @return string $string
|
|
@@ -422,10 +431,14 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 422 |
*/
|
| 423 |
function add_port($string) {
|
| 424 |
$url = $this->get_url($string);
|
| 425 |
-
|
| 426 |
-
|
| 427 |
-
$
|
| 428 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 429 |
}
|
| 430 |
return $string;
|
| 431 |
}
|
|
@@ -452,6 +465,7 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 452 |
* @return string $string
|
| 453 |
*/
|
| 454 |
function replace_http_url($string) {
|
|
|
|
| 455 |
$url_original = $this->get_url($string);
|
| 456 |
if ( $this->is_local($url_original) ) {
|
| 457 |
$url_parts = parse_url($url_original);
|
|
@@ -462,6 +476,7 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 462 |
$url = str_replace($url_parts['path'], $https_url_path . $url_parts['path'], $url);
|
| 463 |
}
|
| 464 |
}
|
|
|
|
| 465 |
$url = $this->remove_port($url);
|
| 466 |
$url = $this->add_port($url);
|
| 467 |
$url = $this->replace_http($url);
|
|
@@ -501,28 +516,36 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 501 |
}
|
| 502 |
|
| 503 |
/**
|
| 504 |
-
*
|
| 505 |
*
|
| 506 |
* @param string $url
|
| 507 |
-
* @return boolean
|
| 508 |
*/
|
| 509 |
static function get_file_contents($url) {
|
| 510 |
-
if (
|
| 511 |
-
$content = @file_get_contents($url);
|
| 512 |
-
return $content;
|
| 513 |
-
} else if ( function_exists('curl_init') ) {
|
| 514 |
$ch = curl_init();
|
| 515 |
|
| 516 |
curl_setopt($ch, CURLOPT_URL, $url);
|
| 517 |
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);
|
| 518 |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
|
| 519 |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
|
|
|
|
|
|
| 520 |
curl_setopt($ch, CURLOPT_HEADER, false);
|
| 521 |
curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
|
| 522 |
|
| 523 |
$content = curl_exec($ch);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 524 |
curl_close($ch);
|
| 525 |
return $content;
|
|
|
|
|
|
|
|
|
|
| 526 |
}
|
| 527 |
return false;
|
| 528 |
}
|
|
@@ -538,8 +561,6 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 538 |
}
|
| 539 |
|
| 540 |
/**
|
| 541 |
-
* Process
|
| 542 |
-
*
|
| 543 |
* Processes the output buffer to fix HTML output
|
| 544 |
*
|
| 545 |
* @param string $buffer
|
|
@@ -565,7 +586,7 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 565 |
$url = $this->replace_http($this->http_url);
|
| 566 |
$count = substr_count($buffer, $url);
|
| 567 |
if ( $count > 0 ) {
|
| 568 |
-
$this->log('[FIXED] Updated ' . $count . '
|
| 569 |
$buffer = str_replace($url, $this->replace_https_url($url), $buffer);
|
| 570 |
}
|
| 571 |
}
|
|
@@ -657,7 +678,11 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 657 |
$attr = $matches[2][$i];
|
| 658 |
$url = $matches[3][$i];
|
| 659 |
if ( $type != 'input' || ( $type == 'input' && $attr == 'image' ) ) {
|
| 660 |
-
$
|
|
|
|
|
|
|
|
|
|
|
|
|
| 661 |
$buffer = str_replace($html, str_replace($url, $processed_urls[$url], $html), $buffer);
|
| 662 |
$this->log('[FIXED] Element: <' . $type . '> - ' . $url . ' => ' . $processed_urls[$url]);
|
| 663 |
}
|
|
@@ -787,22 +812,21 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 787 |
* @return bool
|
| 788 |
*/
|
| 789 |
public function is_ssl() {
|
|
|
|
| 790 |
// Some extra checks for proxies and Shared SSL
|
| 791 |
-
if ( is_ssl() &&
|
| 792 |
return false;
|
| 793 |
} else if ( isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https' ) {
|
| 794 |
return true;
|
| 795 |
} else if ( $this->diff_host && !is_ssl() && isset($_SERVER['HTTP_X_FORWARDED_SERVER']) && strpos($this->https_url, 'https://' . $_SERVER['HTTP_X_FORWARDED_SERVER']) !== false ) {
|
| 796 |
return true;
|
| 797 |
-
} else if ( $this->diff_host && !is_ssl() && strpos($_SERVER['HTTP_HOST'],
|
| 798 |
return true;
|
| 799 |
}
|
| 800 |
return is_ssl();
|
| 801 |
}
|
| 802 |
|
| 803 |
/**
|
| 804 |
-
* Redirect Check
|
| 805 |
-
*
|
| 806 |
* Checks if the current page needs to be redirected
|
| 807 |
*
|
| 808 |
* @param none
|
|
@@ -914,15 +938,26 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 914 |
$scheme = 'auth';
|
| 915 |
}
|
| 916 |
|
| 917 |
-
|
| 918 |
$cookie_path = COOKIEPATH;
|
| 919 |
$cookie_path_site = SITECOOKIEPATH;
|
| 920 |
$cookie_path_plugins = PLUGINS_COOKIE_PATH;
|
| 921 |
$cookie_path_admin = ADMIN_COOKIE_PATH;
|
| 922 |
|
| 923 |
if ( $this->diff_host && $this->is_ssl() ) {
|
| 924 |
-
|
| 925 |
-
$
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 926 |
$cookie_path = rtrim(parse_url($this->https_url, PHP_URL_PATH), '/') . $cookie_path;
|
| 927 |
$cookie_path_site = rtrim(parse_url($this->https_url, PHP_URL_PATH), '/') . $cookie_path_site;
|
| 928 |
$cookie_path_plugins = rtrim(parse_url($this->https_url, PHP_URL_PATH), '/') . $cookie_path_plugins;
|
|
@@ -932,13 +967,13 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 932 |
// Cookie paths defined to accomodate different SSL Host
|
| 933 |
if ( version_compare(phpversion(), '5.2.0', '>=') ) {
|
| 934 |
if ( $scheme == 'logged_in' ) {
|
| 935 |
-
setcookie($cookie_name, $cookie, $expire, $cookie_path,
|
| 936 |
if ( $cookie_path != $cookie_path_site ) {
|
| 937 |
-
setcookie($cookie_name, $cookie, $expire, $cookie_path_site,
|
| 938 |
}
|
| 939 |
} else {
|
| 940 |
-
setcookie($cookie_name, $cookie, $expire, $cookie_path_plugins,
|
| 941 |
-
setcookie($cookie_name, $cookie, $expire, $cookie_path_admin,
|
| 942 |
}
|
| 943 |
} else {
|
| 944 |
if ( !empty($cookie_domain) ) {
|
|
@@ -946,26 +981,34 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 946 |
}
|
| 947 |
|
| 948 |
if ( $scheme == 'logged_in' ) {
|
| 949 |
-
setcookie($cookie_name, $cookie, $expire, $cookie_path,
|
| 950 |
if ( $cookie_path != $cookie_path_site ) {
|
| 951 |
-
setcookie($cookie_name, $cookie, $expire, $cookie_path_site,
|
| 952 |
}
|
| 953 |
} else {
|
| 954 |
-
setcookie($cookie_name, $cookie, $expire, $cookie_path_plugins,
|
| 955 |
-
setcookie($cookie_name, $cookie, $expire, $cookie_path_admin,
|
| 956 |
}
|
| 957 |
}
|
| 958 |
}
|
| 959 |
|
| 960 |
/**
|
| 961 |
-
* Clear
|
| 962 |
*
|
| 963 |
-
* Clear authentication cookies when using a different SSL Host
|
| 964 |
*
|
| 965 |
* @param none
|
| 966 |
* @return void
|
| 967 |
*/
|
| 968 |
-
public function
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 969 |
$cookie_domain = parse_url($this->https_url, PHP_URL_HOST);
|
| 970 |
$cookie_path = rtrim(parse_url($this->https_url, PHP_URL_PATH), '/') . COOKIEPATH;
|
| 971 |
$cookie_path_site = rtrim(parse_url($this->https_url, PHP_URL_PATH), '/') . SITECOOKIEPATH;
|
|
@@ -1078,50 +1121,63 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 1078 |
|
| 1079 |
if ( $_SERVER['REQUEST_METHOD'] === 'POST' ) {
|
| 1080 |
$errors = array();
|
| 1081 |
-
|
| 1082 |
-
|
| 1083 |
-
|
| 1084 |
-
|
| 1085 |
-
|
| 1086 |
-
|
| 1087 |
-
|
| 1088 |
-
|
| 1089 |
-
|
| 1090 |
-
|
| 1091 |
-
|
| 1092 |
-
$
|
| 1093 |
-
|
| 1094 |
-
|
| 1095 |
-
|
| 1096 |
-
|
| 1097 |
-
|
| 1098 |
-
|
| 1099 |
-
|
| 1100 |
-
|
| 1101 |
-
|
| 1102 |
-
|
| 1103 |
-
|
| 1104 |
-
|
| 1105 |
-
|
| 1106 |
-
|
| 1107 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1108 |
}
|
| 1109 |
-
}
|
| 1110 |
-
|
| 1111 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1112 |
}
|
| 1113 |
}
|
| 1114 |
-
} else if ( $key == 'wordpress-https_ssl_admin' ) {
|
| 1115 |
-
if ( force_ssl_admin() || force_ssl_login() ) {
|
| 1116 |
-
$errors[] = '<strong>SSL Admin</strong> - FORCE_SSL_ADMIN and FORCE_SSL_LOGIN can not be set to true in your wp-config.php.';
|
| 1117 |
-
$_POST[$key] = 0;
|
| 1118 |
-
// If forcing SSL Admin and currently not SSL, logout user
|
| 1119 |
-
} else if ( !$this->is_ssl() ) {
|
| 1120 |
-
$logout = true;
|
| 1121 |
-
}
|
| 1122 |
-
}
|
| 1123 |
|
| 1124 |
-
|
|
|
|
| 1125 |
}
|
| 1126 |
}
|
| 1127 |
|
|
@@ -1140,7 +1196,7 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 1140 |
echo "\t</ul>\n</div>\n";
|
| 1141 |
} else {
|
| 1142 |
echo "<div class=\"updated below-h2 fade wphttps-message\" id=\"message\"><p>Settings saved.</p></div>\n";
|
| 1143 |
-
if ( $logout ) {
|
| 1144 |
echo "<script type=\"text/javascript\">window.location.reload();</script>";
|
| 1145 |
}
|
| 1146 |
}
|
|
@@ -1278,7 +1334,8 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 1278 |
</table>
|
| 1279 |
|
| 1280 |
<p class="button-controls">
|
| 1281 |
-
<input type="submit" name="Submit" value="Save Changes" class="button-primary" />
|
|
|
|
| 1282 |
<img alt="Waiting..." src="<?php echo parse_url($this->plugin_url, PHP_URL_PATH); ?>/css/images/wpspin_light.gif" class="waiting" id="submit-waiting" />
|
| 1283 |
</p>
|
| 1284 |
</form>
|
|
@@ -1295,6 +1352,5 @@ if ( !class_exists('WordPressHTTPS') ) {
|
|
| 1295 |
// Instantiate class if we're in WordPress
|
| 1296 |
if ( class_exists('WordPressHTTPS') && function_exists('get_bloginfo') ) {
|
| 1297 |
$wordpress_https = new WordPressHTTPS();
|
| 1298 |
-
register_activation_hook(__FILE__, array(
|
| 1299 |
-
register_uninstall_hook(__FILE__, array(&$wordpress_https, 'uninstall'));
|
| 1300 |
}
|
| 4 |
Plugin URI: http://mvied.com/projects/wordpress-https/
|
| 5 |
Description: WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
|
| 6 |
Author: Mike Ems
|
| 7 |
+
Version: 2.0.1
|
| 8 |
Author URI: http://mvied.com/
|
| 9 |
*/
|
| 10 |
|
| 24 |
*
|
| 25 |
* @var int
|
| 26 |
*/
|
| 27 |
+
public $version = '2.0.1';
|
| 28 |
|
| 29 |
/**
|
| 30 |
* Debug Mode
|
| 96 |
protected $options_default = array(
|
| 97 |
'wordpress-https_external_urls' => array(), // External URL's that are okay to rewrite to HTTPS
|
| 98 |
'wordpress-https_unsecure_external_urls' => array(), // External URL's that are okay to rewrite to HTTPS
|
| 99 |
+
'wordpress-https_ssl_host' => '', // Hostname for SSL Host
|
| 100 |
+
'wordpress-https_ssl_port' => '', // Port number for SSL Host
|
| 101 |
'wordpress-https_exclusive_https' => 0, // Exclusively force SSL on posts and pages with the `Force SSL` option checked.
|
| 102 |
'wordpress-https_frontpage' => 0, // Force SSL on front page
|
|
|
|
|
|
|
| 103 |
'wordpress-https_ssl_admin' => 0 // Force SSL Over Administration Panel (The same as FORCE_SSL_ADMIN)
|
| 104 |
);
|
| 105 |
|
| 152 |
add_filter('allowed_redirect_hosts' , array(&$this, 'allowed_redirect_hosts'), 10, 1);
|
| 153 |
|
| 154 |
// Remove SSL Host authentication cookies on logout
|
| 155 |
+
add_action('clear_auth_cookie', array(&$this, 'clear_cookies'));
|
| 156 |
|
| 157 |
// Set authentication cookie
|
| 158 |
if ( $this->is_ssl() ) {
|
| 159 |
add_action('set_auth_cookie', array(&$this, 'set_cookie'), 10, 5);
|
| 160 |
+
add_action('set_logged_in_cookie', array(&$this, 'set_cookie'), 10, 5);
|
| 161 |
}
|
| 162 |
|
| 163 |
// Fix admin_url on login page
|
| 189 |
}
|
| 190 |
|
| 191 |
// Start output buffering
|
| 192 |
+
add_action('init', array(&$this, 'buffer_start'));
|
|
|
|
| 193 |
|
| 194 |
// Check if the page needs to be redirected
|
| 195 |
add_action('template_redirect', array(&$this, 'redirect_check'));
|
| 255 |
}
|
| 256 |
|
| 257 |
/**
|
|
|
|
|
|
|
| 258 |
* Operations performed when plugin is activated.
|
| 259 |
*
|
| 260 |
* @param none
|
| 272 |
}
|
| 273 |
|
| 274 |
/**
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 275 |
* Updates plugin from one version to another
|
| 276 |
*
|
| 277 |
* @param none
|
| 278 |
* @return void
|
| 279 |
*/
|
| 280 |
protected function update() {
|
| 281 |
+
// Remove deprecated options
|
| 282 |
+
$deprecated_options = array(
|
| 283 |
+
'wordpress-https_sharedssl_site',
|
| 284 |
+
'wordpress-https_internalurls',
|
| 285 |
+
'wordpress-https_externalurls',
|
| 286 |
+
'wordpress-https_bypass',
|
| 287 |
+
'wordpress-https_disable_autohttps'
|
| 288 |
+
);
|
| 289 |
+
foreach( $deprecated_options as $option ) {
|
| 290 |
+
delete_option($option);
|
| 291 |
+
}
|
| 292 |
+
|
| 293 |
+
// Upgrade from version < 2.0
|
| 294 |
if ( get_option('wordpress-https_sharedssl') ) {
|
| 295 |
$shared_ssl = ((get_option('wordpress-https_sharedssl') == 1) ? true : false);
|
| 296 |
|
| 320 |
}
|
| 321 |
|
| 322 |
/**
|
|
|
|
|
|
|
| 323 |
* Adds a string to an array of log entries
|
| 324 |
*
|
| 325 |
* @param none
|
| 330 |
}
|
| 331 |
|
| 332 |
/**
|
|
|
|
|
|
|
| 333 |
* Returns an array of warnings to notify the user of on the settings page
|
| 334 |
*
|
| 335 |
* @param none
|
| 359 |
* @return string $url
|
| 360 |
*/
|
| 361 |
static function get_url($string) {
|
| 362 |
+
preg_match_all('/(http|https):\/\/[\/-\w\d\.,~#@^!\'()?=\+&%;:[\]]+/i', $string, $url);
|
| 363 |
$url = @$url[0][0];
|
| 364 |
return $url;
|
| 365 |
}
|
| 366 |
+
|
| 367 |
+
/**
|
| 368 |
+
* Retrieves the base host of a given URL
|
| 369 |
+
*
|
| 370 |
+
* @param string $url
|
| 371 |
+
* @return string $url_host
|
| 372 |
+
*/
|
| 373 |
+
function get_url_domain($url) {
|
| 374 |
+
$url = $this->get_url($url);
|
| 375 |
+
$url_parts = parse_url($url);
|
| 376 |
+
$url_host_parts = explode('.', $url_parts['host']);
|
| 377 |
+
|
| 378 |
+
// Find base hostname
|
| 379 |
+
$url_host = $url_parts['host'];
|
| 380 |
+
for ($i = 0; $i < sizeof($url_host_parts)-1; $i++) {
|
| 381 |
+
$test_host = str_replace($url_host_parts[$i] . '.', '', $url_host);
|
| 382 |
+
if ( $this->get_file_contents($url_parts['scheme'] . '://' . $test_host) ) {
|
| 383 |
+
$url_host = $test_host;
|
| 384 |
+
} else {
|
| 385 |
+
break;
|
| 386 |
+
}
|
| 387 |
+
}
|
| 388 |
+
return $url_host;
|
| 389 |
+
}
|
| 390 |
|
| 391 |
/**
|
| 392 |
+
* Replace HTTPS with HTTP in a string
|
| 393 |
*
|
| 394 |
* @param string $string
|
| 395 |
* @return string $string
|
| 399 |
}
|
| 400 |
|
| 401 |
/**
|
| 402 |
+
* Replace HTTP with HTTPS in a string
|
| 403 |
*
|
| 404 |
* @param string $string
|
| 405 |
* @return string $string
|
| 431 |
*/
|
| 432 |
function add_port($string) {
|
| 433 |
$url = $this->get_url($string);
|
| 434 |
+
$url_parts = parse_url($url);
|
| 435 |
+
if ( $url_parts['port'] ) {
|
| 436 |
+
$url = $this->remove_port($url);
|
| 437 |
+
}
|
| 438 |
+
|
| 439 |
+
if ( $this->ssl_port && $this->ssl_port != 80 && $this->ssl_port != 443 && strpos($url, ':' . $this->ssl_port) === false ) {
|
| 440 |
+
$url_host_port = $url_parts['host'] . ':' . $this->ssl_port;
|
| 441 |
+
$string = str_replace($url_parts['host'], $url_host_port, $string);
|
| 442 |
}
|
| 443 |
return $string;
|
| 444 |
}
|
| 465 |
* @return string $string
|
| 466 |
*/
|
| 467 |
function replace_http_url($string) {
|
| 468 |
+
// URL in string to be replaced
|
| 469 |
$url_original = $this->get_url($string);
|
| 470 |
if ( $this->is_local($url_original) ) {
|
| 471 |
$url_parts = parse_url($url_original);
|
| 476 |
$url = str_replace($url_parts['path'], $https_url_path . $url_parts['path'], $url);
|
| 477 |
}
|
| 478 |
}
|
| 479 |
+
|
| 480 |
$url = $this->remove_port($url);
|
| 481 |
$url = $this->add_port($url);
|
| 482 |
$url = $this->replace_http($url);
|
| 516 |
}
|
| 517 |
|
| 518 |
/**
|
| 519 |
+
* Retrieves the contents of a local or external file
|
| 520 |
*
|
| 521 |
* @param string $url
|
| 522 |
+
* @return boolean|string Contents of existing file, or false if file does not exist
|
| 523 |
*/
|
| 524 |
static function get_file_contents($url) {
|
| 525 |
+
if ( function_exists('curl_init') ) {
|
|
|
|
|
|
|
|
|
|
| 526 |
$ch = curl_init();
|
| 527 |
|
| 528 |
curl_setopt($ch, CURLOPT_URL, $url);
|
| 529 |
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);
|
| 530 |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
|
| 531 |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
| 532 |
+
curl_setopt($ch, CURLOPT_FAILONERROR, true);
|
| 533 |
+
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
|
| 534 |
curl_setopt($ch, CURLOPT_HEADER, false);
|
| 535 |
curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
|
| 536 |
|
| 537 |
$content = curl_exec($ch);
|
| 538 |
+
$info = curl_getinfo($ch);
|
| 539 |
+
if ( !$info['http_code'] && ( $info['http_code'] == 0 || $info['http_code'] == 302 || $info['http_code'] == 404 ) ) {
|
| 540 |
+
$content = false;
|
| 541 |
+
} else if ( $content == "" ) {
|
| 542 |
+
$content = true;
|
| 543 |
+
}
|
| 544 |
curl_close($ch);
|
| 545 |
return $content;
|
| 546 |
+
} else if ( @ini_get('allow_url_fopen') ) {
|
| 547 |
+
$content = @file_get_contents($url);
|
| 548 |
+
return $content;
|
| 549 |
}
|
| 550 |
return false;
|
| 551 |
}
|
| 561 |
}
|
| 562 |
|
| 563 |
/**
|
|
|
|
|
|
|
| 564 |
* Processes the output buffer to fix HTML output
|
| 565 |
*
|
| 566 |
* @param string $buffer
|
| 586 |
$url = $this->replace_http($this->http_url);
|
| 587 |
$count = substr_count($buffer, $url);
|
| 588 |
if ( $count > 0 ) {
|
| 589 |
+
$this->log('[FIXED] Updated ' . $count . ' Occurrences of URL: ' . $url . ' => ' . $this->replace_https_url($url));
|
| 590 |
$buffer = str_replace($url, $this->replace_https_url($url), $buffer);
|
| 591 |
}
|
| 592 |
}
|
| 678 |
$attr = $matches[2][$i];
|
| 679 |
$url = $matches[3][$i];
|
| 680 |
if ( $type != 'input' || ( $type == 'input' && $attr == 'image' ) ) {
|
| 681 |
+
$https_url = $this->https_url;
|
| 682 |
+
if ( strpos($url, parse_url($https_url, PHP_URL_PATH)) !== false ) {
|
| 683 |
+
$https_url = str_replace(parse_url($https_url, PHP_URL_PATH), '', $https_url);
|
| 684 |
+
}
|
| 685 |
+
$processed_urls[$url] = $https_url . $url;
|
| 686 |
$buffer = str_replace($html, str_replace($url, $processed_urls[$url], $html), $buffer);
|
| 687 |
$this->log('[FIXED] Element: <' . $type . '> - ' . $url . ' => ' . $processed_urls[$url]);
|
| 688 |
}
|
| 812 |
* @return bool
|
| 813 |
*/
|
| 814 |
public function is_ssl() {
|
| 815 |
+
$https_url = parse_url($this->https_url);
|
| 816 |
// Some extra checks for proxies and Shared SSL
|
| 817 |
+
if ( is_ssl() && $_SERVER['HTTP_HOST'] != $https_url['host'] ) {
|
| 818 |
return false;
|
| 819 |
} else if ( isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https' ) {
|
| 820 |
return true;
|
| 821 |
} else if ( $this->diff_host && !is_ssl() && isset($_SERVER['HTTP_X_FORWARDED_SERVER']) && strpos($this->https_url, 'https://' . $_SERVER['HTTP_X_FORWARDED_SERVER']) !== false ) {
|
| 822 |
return true;
|
| 823 |
+
} else if ( $this->diff_host && !is_ssl() && strpos($_SERVER['HTTP_HOST'], $https_url['host']) !== false && (!$this->ssl_port || $_SERVER['SERVER_PORT'] == $this->ssl_port) && (!$https_url['path'] || strpos($_SERVER['REQUEST_URI'], $https_url['path']) !== false) ) {
|
| 824 |
return true;
|
| 825 |
}
|
| 826 |
return is_ssl();
|
| 827 |
}
|
| 828 |
|
| 829 |
/**
|
|
|
|
|
|
|
| 830 |
* Checks if the current page needs to be redirected
|
| 831 |
*
|
| 832 |
* @param none
|
| 938 |
$scheme = 'auth';
|
| 939 |
}
|
| 940 |
|
| 941 |
+
//$cookie_domain = COOKIE_DOMAIN;
|
| 942 |
$cookie_path = COOKIEPATH;
|
| 943 |
$cookie_path_site = SITECOOKIEPATH;
|
| 944 |
$cookie_path_plugins = PLUGINS_COOKIE_PATH;
|
| 945 |
$cookie_path_admin = ADMIN_COOKIE_PATH;
|
| 946 |
|
| 947 |
if ( $this->diff_host && $this->is_ssl() ) {
|
| 948 |
+
$http_domain = $this->get_url_domain($this->http_url);
|
| 949 |
+
$https_domain = $this->get_url_domain($this->https_url);
|
| 950 |
+
// If SSL Host is a subdomain and we're setting an authentication cookie, the cookie does not need to be set
|
| 951 |
+
if ( $http_domain == $https_domain && $scheme == 'auth' ) {
|
| 952 |
+
return;
|
| 953 |
+
// If SSL Host is a subdomain, make cookie domain a wildcard
|
| 954 |
+
} else if ( $http_domain == $https_domain ) {
|
| 955 |
+
$cookie_domain = '.' . $https_domain;
|
| 956 |
+
// Otherwise, cookie domain set for different SSL Host
|
| 957 |
+
} else {
|
| 958 |
+
$cookie_domain = parse_url($this->https_url, PHP_URL_HOST);
|
| 959 |
+
}
|
| 960 |
+
|
| 961 |
$cookie_path = rtrim(parse_url($this->https_url, PHP_URL_PATH), '/') . $cookie_path;
|
| 962 |
$cookie_path_site = rtrim(parse_url($this->https_url, PHP_URL_PATH), '/') . $cookie_path_site;
|
| 963 |
$cookie_path_plugins = rtrim(parse_url($this->https_url, PHP_URL_PATH), '/') . $cookie_path_plugins;
|
| 967 |
// Cookie paths defined to accomodate different SSL Host
|
| 968 |
if ( version_compare(phpversion(), '5.2.0', '>=') ) {
|
| 969 |
if ( $scheme == 'logged_in' ) {
|
| 970 |
+
setcookie($cookie_name, $cookie, $expire, $cookie_path, $cookie_domain, $secure, true);
|
| 971 |
if ( $cookie_path != $cookie_path_site ) {
|
| 972 |
+
setcookie($cookie_name, $cookie, $expire, $cookie_path_site, $cookie_domain, $secure, true);
|
| 973 |
}
|
| 974 |
} else {
|
| 975 |
+
setcookie($cookie_name, $cookie, $expire, $cookie_path_plugins, $cookie_domain, false, true);
|
| 976 |
+
setcookie($cookie_name, $cookie, $expire, $cookie_path_admin, $cookie_domain, false, true);
|
| 977 |
}
|
| 978 |
} else {
|
| 979 |
if ( !empty($cookie_domain) ) {
|
| 981 |
}
|
| 982 |
|
| 983 |
if ( $scheme == 'logged_in' ) {
|
| 984 |
+
setcookie($cookie_name, $cookie, $expire, $cookie_path, $cookie_domain, $secure);
|
| 985 |
if ( $cookie_path != $cookie_path_site ) {
|
| 986 |
+
setcookie($cookie_name, $cookie, $expire, $cookie_path_site, $cookie_domain, $secure);
|
| 987 |
}
|
| 988 |
} else {
|
| 989 |
+
setcookie($cookie_name, $cookie, $expire, $cookie_path_plugins, $cookie_domain);
|
| 990 |
+
setcookie($cookie_name, $cookie, $expire, $cookie_path_admin, $cookie_domain);
|
| 991 |
}
|
| 992 |
}
|
| 993 |
}
|
| 994 |
|
| 995 |
/**
|
| 996 |
+
* Clear Cookies
|
| 997 |
*
|
| 998 |
+
* Clear authentication and logged in cookies when using a different SSL Host
|
| 999 |
*
|
| 1000 |
* @param none
|
| 1001 |
* @return void
|
| 1002 |
*/
|
| 1003 |
+
public function clear_cookies() {
|
| 1004 |
+
$http_domain = $this->get_url_domain($this->http_url);
|
| 1005 |
+
$https_domain = $this->get_url_domain($this->https_url);
|
| 1006 |
+
if ( $http_domain == $https_domain ) {
|
| 1007 |
+
$cookie_domain = '.' . $https_domain;
|
| 1008 |
+
setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, $cookie_path, $cookie_domain);
|
| 1009 |
+
setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, $cookie_path_site, $cookie_domain);
|
| 1010 |
+
}
|
| 1011 |
+
|
| 1012 |
$cookie_domain = parse_url($this->https_url, PHP_URL_HOST);
|
| 1013 |
$cookie_path = rtrim(parse_url($this->https_url, PHP_URL_PATH), '/') . COOKIEPATH;
|
| 1014 |
$cookie_path_site = rtrim(parse_url($this->https_url, PHP_URL_PATH), '/') . SITECOOKIEPATH;
|
| 1121 |
|
| 1122 |
if ( $_SERVER['REQUEST_METHOD'] === 'POST' ) {
|
| 1123 |
$errors = array();
|
| 1124 |
+
if ( @$_POST['Reset'] ) {
|
| 1125 |
+
foreach ( $this->options_default as $option => $value ) {
|
| 1126 |
+
update_option($option, $value);
|
| 1127 |
+
}
|
| 1128 |
+
$reload = true;
|
| 1129 |
+
} else {
|
| 1130 |
+
foreach ($this->options_default as $key => $default) {
|
| 1131 |
+
if ( !array_key_exists($key, $_POST) && $default == 0 ) {
|
| 1132 |
+
$_POST[$key] = 0;
|
| 1133 |
+
update_option($key, $_POST[$key]);
|
| 1134 |
+
} else {
|
| 1135 |
+
if ( $key == 'wordpress-https_ssl_host' && $_POST[$key] != '' ) {
|
| 1136 |
+
$url = $_POST[$key];
|
| 1137 |
+
// Add scheme if it doesn't exist so that parse_url does not fail
|
| 1138 |
+
if ( strpos($url, 'http://') === false && strpos($url, 'https://') === false ) {
|
| 1139 |
+
$url = $this->replace_http('http://' . $url);
|
| 1140 |
+
}
|
| 1141 |
+
$url = parse_url($url);
|
| 1142 |
+
$port = ((isset($_POST['wordpress-https_ssl_port'])) ? $_POST['wordpress-https_ssl_port'] : $url['port']);
|
| 1143 |
+
$port = (($port != 80 && $port != 443) ? $port : null);
|
| 1144 |
+
$url = 'https://' . $url['host'] . (($port) ? ':' . $port : '') . @$url['path'];
|
| 1145 |
+
|
| 1146 |
+
// If secure host is set to a different host
|
| 1147 |
+
if ( $url != $this->https_url ) {
|
| 1148 |
+
$home_url = $url . parse_url(get_option('home'), PHP_URL_PATH);
|
| 1149 |
+
// Add trailing slash
|
| 1150 |
+
$home_url = ((substr($home_url, -1) !== '/') ? $home_url . '/' : $home_url);
|
| 1151 |
+
// Ensure that the WordPress installation is accessible at this host
|
| 1152 |
+
if ( $this->get_file_contents($home_url) ) {
|
| 1153 |
+
// Remove trailing slash
|
| 1154 |
+
if ( substr($url, -1, 1) == '/' ) {
|
| 1155 |
+
$url = substr($url, 0, strlen($url)-1);
|
| 1156 |
+
}
|
| 1157 |
+
$this->log('[SETTINGS] Updated SSL Host: ' . $this->https_url . ' => ' . $url);
|
| 1158 |
+
|
| 1159 |
+
// If secure domain has changed and currently on SSL, logout user
|
| 1160 |
+
if ( $this->is_ssl() ) {
|
| 1161 |
+
$logout = true;
|
| 1162 |
+
}
|
| 1163 |
+
$_POST[$key] = $this->remove_port($url);
|
| 1164 |
+
} else {
|
| 1165 |
+
$errors[] = '<strong>SSL Host</strong> - Invalid WordPress installation at ' . $home_url;
|
| 1166 |
+
$_POST[$key] = get_option($key);
|
| 1167 |
}
|
| 1168 |
+
}
|
| 1169 |
+
} else if ( $key == 'wordpress-https_ssl_admin' ) {
|
| 1170 |
+
if ( force_ssl_admin() || force_ssl_login() ) {
|
| 1171 |
+
$errors[] = '<strong>SSL Admin</strong> - FORCE_SSL_ADMIN and FORCE_SSL_LOGIN can not be set to true in your wp-config.php.';
|
| 1172 |
+
$_POST[$key] = 0;
|
| 1173 |
+
// If forcing SSL Admin and currently not SSL, logout user
|
| 1174 |
+
} else if ( !$this->is_ssl() ) {
|
| 1175 |
+
$logout = true;
|
| 1176 |
}
|
| 1177 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1178 |
|
| 1179 |
+
update_option($key, $_POST[$key]);
|
| 1180 |
+
}
|
| 1181 |
}
|
| 1182 |
}
|
| 1183 |
|
| 1196 |
echo "\t</ul>\n</div>\n";
|
| 1197 |
} else {
|
| 1198 |
echo "<div class=\"updated below-h2 fade wphttps-message\" id=\"message\"><p>Settings saved.</p></div>\n";
|
| 1199 |
+
if ( $logout || $reload ) {
|
| 1200 |
echo "<script type=\"text/javascript\">window.location.reload();</script>";
|
| 1201 |
}
|
| 1202 |
}
|
| 1334 |
</table>
|
| 1335 |
|
| 1336 |
<p class="button-controls">
|
| 1337 |
+
<input type="submit" name="Submit" value="Save Changes" class="button-primary" id="settings-save" />
|
| 1338 |
+
<input type="submit" name="Reset" value="Reset" class="button-secondary" id="settings-reset" />
|
| 1339 |
<img alt="Waiting..." src="<?php echo parse_url($this->plugin_url, PHP_URL_PATH); ?>/css/images/wpspin_light.gif" class="waiting" id="submit-waiting" />
|
| 1340 |
</p>
|
| 1341 |
</form>
|
| 1352 |
// Instantiate class if we're in WordPress
|
| 1353 |
if ( class_exists('WordPressHTTPS') && function_exists('get_bloginfo') ) {
|
| 1354 |
$wordpress_https = new WordPressHTTPS();
|
| 1355 |
+
register_activation_hook(__FILE__, array($wordpress_https, 'install'));
|
|
|
|
| 1356 |
}
|
