WordPress HTTPS (SSL) - Version 3.0.3

Version Description

Any element on an HTTP page that is set to HTTPS should be auto-corrected.
Added support for domain mapper plugin.
Bug Fix - SSL Host should now always end in a trailing slash.
Bug Fix - Fixed bug in cookie logic that prevented some users from logging in.
Bug Fix - Fixed bug in redirects that would cause login issues and 404 errors.

Release Info

Developer	Mvied
Plugin	WordPress HTTPS (SSL)
Version	3.0.3
Comparing to
See all releases

Code changes from version 3.0.2 to 3.0.3

Files changed (8) hide show

lib/WordPressHTTPS.php +4 -4
lib/WordPressHTTPS/Module.php +1 -6
lib/WordPressHTTPS/Module/Admin/Settings.php +1 -0
lib/WordPressHTTPS/Module/Filters.php +1 -1
lib/WordPressHTTPS/Module/Parser.php +12 -3
lib/WordPressHTTPS/Url.php +1 -1
readme.txt +9 -4
wordpress-https.php +19 -2

lib/WordPressHTTPS.php CHANGED Viewed

	@@ -95,15 +95,15 @@ class WordPressHTTPS extends WordPressHTTPS_Plugin {
95	*/
96	public function init() {
97	// HTTP URL
98	- $this->setHttpUrl(WordPressHTTPS_Url::fromString(~~home_url~~('/', '~~http~~')));
99	// HTTPS URL
100	- $this->setHttpsUrl(WordPressHTTPS_Url::fromString(~~home_url~~('/', '~~https~~')));
101
102	// If using a different host for SSL
103	if ( $this->getSetting('ssl_host') && $this->getSetting('ssl_host') != $this->getHttpsUrl()->toString() ) {
104	// Assign HTTPS URL to SSL Host
105	$this->setSetting('ssl_host_diff', 1);
106	- $this->setHttpsUrl(WordPressHTTPS_Url::fromString( $this->getSetting('ssl_host') ));
107	} else {
108	$this->setSetting('ssl_host_diff', 0);
109	}
	@@ -307,7 +307,7 @@ class WordPressHTTPS extends WordPressHTTPS_Plugin {
307	$url = WordPressHTTPS_Url::fromString($this->redirectAdmin($url));
308	}
309
310	- header("Location: " . $url);
311	}
312	exit();
313	}


95	*/
96	public function init() {
97	// HTTP URL
98	+ $this->setHttpUrl(WordPressHTTPS_Url::fromString('http://' . parse_url(get_bloginfo('template_url'), PHP_URL_HOST) . parse_url(home_url('/'), PHP_URL_PATH)));
99	// HTTPS URL
100	+ $this->setHttpsUrl(WordPressHTTPS_Url::fromString('https://' . parse_url(get_bloginfo('template_url'), PHP_URL_HOST) . parse_url(home_url('/'), PHP_URL_PATH)));
101
102	// If using a different host for SSL
103	if ( $this->getSetting('ssl_host') && $this->getSetting('ssl_host') != $this->getHttpsUrl()->toString() ) {
104	// Assign HTTPS URL to SSL Host
105	$this->setSetting('ssl_host_diff', 1);
106	+ $this->setHttpsUrl(WordPressHTTPS_Url::fromString( rtrim($this->getSetting('ssl_host'), '/') . '/' ));
107	} else {
108	$this->setSetting('ssl_host_diff', 0);
109	}

307	$url = WordPressHTTPS_Url::fromString($this->redirectAdmin($url));
308	}
309
310	+ header("Location: " . $url, true, 301);
311	}
312	exit();
313	}

lib/WordPressHTTPS/Module.php CHANGED Viewed

	@@ -2,12 +2,7 @@
2	/**
3	* Module Class for the WordPress plugin WordPress HTTPS.
4	*
5	- * Each Module in the project will extend this base Module class. ~~This class provides some~~
6	- * special getter and setters. If a method or property is being accessed and does not exist on
7	- * the current module, the module passes the request up to the Plugin class. The Plugin class
8	- * has special getter and setters that check each module for a method or property if the plugin
9	- * does not have that method or property. In essence, these getters and setters allow the developer
10	- * to access any method or property defined anywhere in the project from any other module auto-magically.
11	* Modules can be treated as an independent plugins. Think of them as sub-plugins.
12	*
13	* If you need to unload a module, just place something like this:


2	/**
3	* Module Class for the WordPress plugin WordPress HTTPS.
4	*
5	+ * Each Module in the project will extend this base Module class.





6	* Modules can be treated as an independent plugins. Think of them as sub-plugins.
7	*
8	* If you need to unload a module, just place something like this:

lib/WordPressHTTPS/Module/Admin/Settings.php CHANGED Viewed

	@@ -179,6 +179,7 @@ class WordPressHTTPS_Module_Admin_Settings extends WordPressHTTPS_Module impleme
179	$path = '/'. ltrim(str_replace(rtrim($this->getPlugin()->getHttpUrl()->getPath(), '/'), '', $ssl_host->getPath()), '/');
180	$ssl_host->setPath(rtrim($path, '/') . $this->getPlugin()->getHttpUrl()->getPath());
181	}

182
183	if ( $ssl_host->toString() != $this->getPlugin()->getHttpsUrl()->toString() ) {
184	// Ensure that the WordPress installation is accessible at this host


179	$path = '/'. ltrim(str_replace(rtrim($this->getPlugin()->getHttpUrl()->getPath(), '/'), '', $ssl_host->getPath()), '/');
180	$ssl_host->setPath(rtrim($path, '/') . $this->getPlugin()->getHttpUrl()->getPath());
181	}
182	+ $ssl_host->setPath(rtrim($ssl_host->getPath(), '/') . '/');
183
184	if ( $ssl_host->toString() != $this->getPlugin()->getHttpsUrl()->toString() ) {
185	// Ensure that the WordPress installation is accessible at this host

lib/WordPressHTTPS/Module/Filters.php CHANGED Viewed

	@@ -79,7 +79,7 @@ class WordPressHTTPS_Module_Filters extends WordPressHTTPS_Module implements Wor
79	* @return string $url
80	*/
81	public function admin_url( $url, $path, $scheme ) {
82	- if ( ( $scheme == 'https' \|\| $this->getPlugin()->getSetting('ssl_admin') \|\| ( ( is_admin() \|\| $GLOBALS['pagenow'] == 'wp-login.php' ) && $this->getPlugin()->isSsl() ) ) && ( ! is_multisite() \|\| ( is_multisite() && $~~url_parts['host']~~ == $this->getPlugin()->getHttpsUrl()->getHost() ) ) ) {
83	$url = $this->getPlugin()->makeUrlHttps($url);
84	}
85


79	* @return string $url
80	*/
81	public function admin_url( $url, $path, $scheme ) {
82	+ if ( ( $scheme == 'https' \|\| $this->getPlugin()->getSetting('ssl_admin') \|\| ( ( is_admin() \|\| $GLOBALS['pagenow'] == 'wp-login.php' ) && $this->getPlugin()->isSsl() ) ) && ( ! is_multisite() \|\| ( is_multisite() && parse_url($url, PHP_URL_HOST) == $this->getPlugin()->getHttpsUrl()->getHost() ) ) ) {
83	$url = $this->getPlugin()->makeUrlHttps($url);
84	}
85

lib/WordPressHTTPS/Module/Parser.php CHANGED Viewed

	@@ -199,6 +199,8 @@ class WordPressHTTPS_Module_Parser extends WordPressHTTPS_Module implements Word
199	* @return void
200	*/
201	public function normalizeElements() {


202	if ( ! is_admin() && $GLOBALS['pagenow'] != 'wp-login.php' ) {
203	if ( $this->getPlugin()->getSetting('ssl_host_diff') ) {
204	$url = clone $this->getPlugin()->getHttpsUrl();
	@@ -209,7 +211,7 @@ class WordPressHTTPS_Module_Parser extends WordPressHTTPS_Module implements Word
209	$url = clone $this->getPlugin()->getHttpUrl();
210	$url->setScheme('https');
211	preg_match_all('/(' . str_replace('/', '\/', preg_quote($url->toString())) . '[^\'"]*)[\'"]?/im', $this->_html, $httpMatches);
212	- $matches = array_merge($~~httpsMatches~~, $httpsMatches);
213	for ($i = 0; $i < sizeof($matches[0]); $i++) {
214	if ( isset($matches[1][$i]) ) {
215	$url = WordPressHTTPS_Url::fromString($matches[1][$i]);
	@@ -271,7 +273,11 @@ class WordPressHTTPS_Module_Parser extends WordPressHTTPS_Module implements Word
271	for ($i = 0; $i < sizeof($matches[0]); $i++) {
272	$css = $matches[0][$i];
273	$url = $matches[2][$i];
274	- $this->~~secureElement~~(~~$url,~~ ~~'style'~~);




275	}
276	}
277
	@@ -391,7 +397,10 @@ class WordPressHTTPS_Module_Parser extends WordPressHTTPS_Module implements Word
391	$post = true;
392	$force_ssl = true;
393	} else if ( is_multisite() ) {
394	- if ( ~~$blog_id~~ = ~~get_blog_details(~~ ~~array(~~ ~~'domain'~~ => ~~$url_parts['host']~~ ~~)) ) {~~



395	if ( $this->getPlugin()->getSetting('ssl_admin', $blog_id) && $scheme != 'https' && ( ! $this->getPlugin()->getSetting('ssl_host_diff', $blog_id) \|\| ( $this->getPlugin()->getSetting('ssl_host_diff', $blog_id) && is_user_logged_in() ) ) ) {
396	$this->_html = str_replace($url, str_replace('http', 'https', $url), $this->_html);
397	}


199	* @return void
200	*/
201	public function normalizeElements() {
202	+ $httpMatches = array();
203	+ $httpsMatches = array();
204	if ( ! is_admin() && $GLOBALS['pagenow'] != 'wp-login.php' ) {
205	if ( $this->getPlugin()->getSetting('ssl_host_diff') ) {
206	$url = clone $this->getPlugin()->getHttpsUrl();

211	$url = clone $this->getPlugin()->getHttpUrl();
212	$url->setScheme('https');
213	preg_match_all('/(' . str_replace('/', '\/', preg_quote($url->toString())) . '[^\'"]*)[\'"]?/im', $this->_html, $httpMatches);
214	+ $matches = array_merge($httpMatches, $httpsMatches);
215	for ($i = 0; $i < sizeof($matches[0]); $i++) {
216	if ( isset($matches[1][$i]) ) {
217	$url = WordPressHTTPS_Url::fromString($matches[1][$i]);

273	for ($i = 0; $i < sizeof($matches[0]); $i++) {
274	$css = $matches[0][$i];
275	$url = $matches[2][$i];
276	+ if ( $this->getPlugin()->isSsl() ) {
277	+ $this->secureElement($url, 'style');
278	+ } else {
279	+ $this->unsecureElement($url, 'style');
280	+ }
281	}
282	}
283

397	$post = true;
398	$force_ssl = true;
399	} else if ( is_multisite() ) {
400	+ // get_blog_details returns an object with a property of blog_id
401	+ if ( $blog_details = get_blog_details( array( 'domain' => $url_parts['host'] )) ) {
402	+ // set $blog_id using $blog_details->blog_id
403	+ $blog_id = $blog_details->blog_id;
404	if ( $this->getPlugin()->getSetting('ssl_admin', $blog_id) && $scheme != 'https' && ( ! $this->getPlugin()->getSetting('ssl_host_diff', $blog_id) \|\| ( $this->getPlugin()->getSetting('ssl_host_diff', $blog_id) && is_user_logged_in() ) ) ) {
405	$this->_html = str_replace($url, str_replace('http', 'https', $url), $this->_html);
406	}

lib/WordPressHTTPS/Url.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2	/**
3	* URL Class for the WordPress plugin WordPress HTTPS
4	*
5	- * This class and ~~it's~~ properties are heavily based on parse_url()
6	*
7	* @author Mike Ems
8	* @package WordPressHTTPS


2	/**
3	* URL Class for the WordPress plugin WordPress HTTPS
4	*
5	+ * This class and its properties are heavily based on parse_url()
6	*
7	* @author Mike Ems
8	* @package WordPressHTTPS

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_i
4	Tags: security, encryption, ssl, shared ssl, private ssl, public ssl, private ssl, http, https
5	Requires at least: 3.0
6	Tested up to: 3.4
7	- Stable tag: 3.0.2
8
9	WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
10
	@@ -23,7 +23,7 @@ To make your entire website secure, you simply need to change your home url and
23	In the Publish box on the add/edit post screen, a checkbox for 'Force SSL' has been added to make this process easy. See Screenshots if you're having a hard time finding it.
24
25	= I changed my SSL Host and now I can't get into my admin panel! =
26	- Go to your wp-config.php file and add this line. Hit any page on your site, and then remove it.
27	`define('WPHTTPS_RESET', true);`
28
29	= I'm getting 404 errors on all of my pages. Why? =
	@@ -67,16 +67,21 @@ You can also use this filter to filter pages based on their URL. Let's say you h
67	return $force_ssl;
68	}
69
70	- add_filter('force_ssl', 'store_force_ssl');`
71
72	== Screenshots ==
73	1. WordPress HTTPS Settings screen
74	2. Force SSL checkbox added to add/edit posts screen
75
76	== Changelog ==






77	= 3.0.2 =
78	* Added setting to change where HTTPS settings appear in the admin panel.
79	- * Any element on an HTTP page that is set to HTTPS should be auto-corrected.
80	* Bug Fix - Plugin should no longer interefere with editing posts and using images from the Media Library.
81	* Bug Fix - Fixed major bug that occurred when site was installed in the base directory.
82	* Bug Fix - File uploader should no longer produce an HTTP Error.


4	Tags: security, encryption, ssl, shared ssl, private ssl, public ssl, private ssl, http, https
5	Requires at least: 3.0
6	Tested up to: 3.4
7	+ Stable tag: 3.0.3
8
9	WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
10

23	In the Publish box on the add/edit post screen, a checkbox for 'Force SSL' has been added to make this process easy. See Screenshots if you're having a hard time finding it.
24
25	= I changed my SSL Host and now I can't get into my admin panel! =
26	+ Go to /wp-content/plugins/wordpress-https/wordpress-https.php and uncomment (remove the two forward slashes before) the line below, or go to your wp-config.php file and add this line. Hit any page on your site, and then remove it or comment it out again.
27	`define('WPHTTPS_RESET', true);`
28
29	= I'm getting 404 errors on all of my pages. Why? =

67	return $force_ssl;
68	}
69
70	+ add_filter('force_ssl', 'store_force_ssl', 10, 2);`
71
72	== Screenshots ==
73	1. WordPress HTTPS Settings screen
74	2. Force SSL checkbox added to add/edit posts screen
75
76	== Changelog ==
77	+ = 3.0.3 =
78	+ * Any element on an HTTP page that is set to HTTPS should be auto-corrected.
79	+ * Added support for domain mapper plugin.
80	+ * Bug Fix - SSL Host should now always end in a trailing slash.
81	+ * Bug Fix - Fixed bug in cookie logic that prevented some users from logging in.
82	+ * Bug Fix - Fixed bug in redirects that would cause login issues and 404 errors.
83	= 3.0.2 =
84	* Added setting to change where HTTPS settings appear in the admin panel.

85	* Bug Fix - Plugin should no longer interefere with editing posts and using images from the Media Library.
86	* Bug Fix - Fixed major bug that occurred when site was installed in the base directory.
87	* Bug Fix - File uploader should no longer produce an HTTP Error.

wordpress-https.php CHANGED Viewed

	@@ -4,10 +4,27 @@
4	Plugin URI: http://mvied.com/projects/wordpress-https/
5	Description: WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
6	Author: Mike Ems
7	- Version: 3.0.2
8	Author URI: http://mvied.com/
9	*/
10

















11	$include_paths = array(
12	get_include_path(),
13	dirname(__FILE__),
	@@ -31,7 +48,7 @@ require_once('WordPressHTTPS.php');
31	if ( function_exists('get_bloginfo') && ! defined('WP_UNINSTALL_PLUGIN') ) {
32	$wordpress_https = new WordPressHTTPS;
33	$wordpress_https->setSlug('wordpress-https');
34	- $wordpress_https->setVersion('3.0.2');
35	$wordpress_https->setLogger(WordPressHTTPS_Logger::getInstance());
36	$wordpress_https->setPluginUrl(plugins_url('', __FILE__));
37	$wordpress_https->setDirectory(dirname(__FILE__));


4	Plugin URI: http://mvied.com/projects/wordpress-https/
5	Description: WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
6	Author: Mike Ems
7	+ Version: 3.0.3
8	Author URI: http://mvied.com/
9	*/
10
11	+ /*
12	+ Copyright 2012 Mike Ems (email : mike@mvied.com)
13	+
14	+ This program is free software: you can redistribute it and/or modify
15	+ it under the terms of the GNU General Public License as published by
16	+ the Free Software Foundation, either version 3 of the License, or
17	+ (at your option) any later version.
18	+
19	+ This program is distributed in the hope that it will be useful,
20	+ but WITHOUT ANY WARRANTY; without even the implied warranty of
21	+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22	+ GNU General Public License for more details.
23	+
24	+ You should have received a copy of the GNU General Public License
25	+ along with this program. If not, see <http://www.gnu.org/licenses/>.
26	+ */
27	+
28	$include_paths = array(
29	get_include_path(),
30	dirname(__FILE__),

48	if ( function_exists('get_bloginfo') && ! defined('WP_UNINSTALL_PLUGIN') ) {
49	$wordpress_https = new WordPressHTTPS;
50	$wordpress_https->setSlug('wordpress-https');
51	+ $wordpress_https->setVersion('3.0.3');
52	$wordpress_https->setLogger(WordPressHTTPS_Logger::getInstance());
53	$wordpress_https->setPluginUrl(plugins_url('', __FILE__));
54	$wordpress_https->setDirectory(dirname(__FILE__));