Version Description
- Added domain mapping. Domain mapping allows you to map external domains that host their HTTPS content on a different domain.
- Added Remove Unsecure Elements option. If possible, this option removes external elements from the page that can not be loaded over HTTPS, preventing insecure content errors without modifying any code.
- ClouldFlare support.
- Substantial memory optimization.
- Removed Secure Front Page option. This can now be achieved through URL Filters.
- Bug Fix - Visiting the admin panel over HTTP when using Shared SSL should no longer log the user out, but will now redirect accordingly.
- Bug Fix - Random 404 errors should be gone.
- Bug Fix - Fixed bug where a bad setting for ssl_host would cause the code to fail.
- Bug Fix - CSS backgrounds that do not have quotes should no longer break debug output.
Download this release
Release Info
Developer | Mvied |
Plugin | WordPress HTTPS (SSL) |
Version | 3.2 |
Comparing to | |
See all releases |
Code changes from version 3.1.2 to 3.2
- admin/css/images/add.png +0 -0
- admin/css/images/arrow_left.png +0 -0
- admin/css/images/arrow_right.png +0 -0
- admin/css/images/delete.png +0 -0
- admin/css/settings.css +96 -3
- admin/js/metabox.php +2 -9
- admin/templates/ajax_message.php +19 -0
- admin/templates/metabox/ajax.php +2 -2
- admin/templates/metabox/domain_mapping.php +117 -0
- admin/templates/metabox/filters.php +3 -5
- admin/templates/metabox/network.php +31 -0
- admin/templates/metabox/settings.php +27 -24
- admin/templates/network.php +23 -0
- admin/templates/settings.php +98 -0
- lib/Mvied/Plugin.php +13 -5
- lib/Mvied/Plugin/Module.php +11 -1
- lib/Mvied/Theme.php +44 -27
- lib/Mvied/Theme/Module.php +11 -1
- lib/WordPressHTTPS.php +439 -406
- lib/WordPressHTTPS/Logger.php +0 -2
- lib/WordPressHTTPS/Module/Admin.php +4 -23
- lib/WordPressHTTPS/Module/Core.php +634 -0
- lib/WordPressHTTPS/Module/DomainMapping.php +105 -0
- lib/WordPressHTTPS/Module/Filters.php +0 -324
- lib/WordPressHTTPS/Module/Hooks.php +0 -293
- lib/WordPressHTTPS/Module/Network.php +144 -0
- lib/WordPressHTTPS/Module/Parser.php +47 -29
- lib/WordPressHTTPS/Module/{Admin/Post.php → Post.php} +2 -2
- lib/WordPressHTTPS/Module/{Admin/Settings.php → Settings.php} +53 -62
- lib/WordPressHTTPS/Module/UrlFilters.php +103 -0
- lib/WordPressHTTPS/Url.php +3 -3
- readme.txt +39 -37
- screenshot-1.png +0 -0
- uninstall.php +35 -15
- wordpress-https.php +6 -13
admin/css/images/add.png
ADDED
Binary file
|
admin/css/images/arrow_left.png
ADDED
Binary file
|
admin/css/images/arrow_right.png
ADDED
Binary file
|
admin/css/images/delete.png
ADDED
Binary file
|
admin/css/settings.css
CHANGED
@@ -75,16 +75,19 @@
|
|
75 |
padding-top: 0;
|
76 |
}
|
77 |
#wphttps-main table th {
|
78 |
-
width:
|
79 |
line-height: 32px;
|
80 |
padding: 0;
|
81 |
}
|
82 |
#wphttps-main label.label-radio {
|
83 |
display: block;
|
84 |
-
margin
|
|
|
85 |
}
|
86 |
#wphttps-main #settings-reset,
|
87 |
-
#wphttps-main #
|
|
|
|
|
88 |
float: left;
|
89 |
margin-right: 10px;
|
90 |
}
|
@@ -106,4 +109,94 @@
|
|
106 |
#wphttps-main #secure_filter_row textarea {
|
107 |
width: 95%;
|
108 |
height: 120px;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
109 |
}
|
75 |
padding-top: 0;
|
76 |
}
|
77 |
#wphttps-main table th {
|
78 |
+
width: 160px;
|
79 |
line-height: 32px;
|
80 |
padding: 0;
|
81 |
}
|
82 |
#wphttps-main label.label-radio {
|
83 |
display: block;
|
84 |
+
margin: 5px 5px 0 0;
|
85 |
+
float: left;
|
86 |
}
|
87 |
#wphttps-main #settings-reset,
|
88 |
+
#wphttps-main #network-settings-reset,
|
89 |
+
#wphttps-main #filters-reset,
|
90 |
+
#wphttps-main #domain_mapping-reset {
|
91 |
float: left;
|
92 |
margin-right: 10px;
|
93 |
}
|
109 |
#wphttps-main #secure_filter_row textarea {
|
110 |
width: 95%;
|
111 |
height: 120px;
|
112 |
+
}
|
113 |
+
|
114 |
+
#wphttps-main #admin_menu_row fieldset {
|
115 |
+
margin-top: 5px;
|
116 |
+
}
|
117 |
+
|
118 |
+
#wphttps-main input[type="checkbox"] {
|
119 |
+
float: left;
|
120 |
+
}
|
121 |
+
#wphttps-main p.description {
|
122 |
+
margin: .5em 0 0 .5em;
|
123 |
+
width: 75%;
|
124 |
+
display: block;
|
125 |
+
float: left;
|
126 |
+
line-height: 1.2em;
|
127 |
+
}
|
128 |
+
#wphttps-main #secure_filter_row p.description {
|
129 |
+
margin: .5em 10px 0 0;
|
130 |
+
width: auto;
|
131 |
+
}
|
132 |
+
#wphttps-main #ssl_proxy_row p.description {
|
133 |
+
width: 65%;
|
134 |
+
}
|
135 |
+
#wphttps-main #domain_mapping td {
|
136 |
+
padding: 10px 0;
|
137 |
+
}
|
138 |
+
#wphttps-main #domain_mapping td.arrow {
|
139 |
+
padding: 8px 0;
|
140 |
+
}
|
141 |
+
#wphttps-main #domain_mapping .http_scheme,
|
142 |
+
#wphttps-main #domain_mapping .https_scheme {
|
143 |
+
width: 30px;
|
144 |
+
padding: 10px;
|
145 |
+
}
|
146 |
+
#wphttps-main #domain_mapping .https_scheme {
|
147 |
+
width: 35px;
|
148 |
+
}
|
149 |
+
#wphttps-main #domain_mapping .http_domain .label,
|
150 |
+
#wphttps-main #domain_mapping .https_domain .label {
|
151 |
+
display: block;
|
152 |
+
float: left;
|
153 |
+
text-align: right;
|
154 |
+
padding-right: 2%;
|
155 |
+
}
|
156 |
+
#wphttps-main #domain_mapping input {
|
157 |
+
width: 96%;
|
158 |
+
padding-left: 2%;
|
159 |
+
padding-right: 2%;
|
160 |
+
}
|
161 |
+
#wphttps-main #domain_mapping .add {
|
162 |
+
display: block;
|
163 |
+
height: 16px;
|
164 |
+
width: 16px;
|
165 |
+
overflow: hidden;
|
166 |
+
text-indent: -1000em;
|
167 |
+
float: left;
|
168 |
+
background: url(images/add.png) no-repeat 50% 50%;
|
169 |
+
}
|
170 |
+
#wphttps-main #domain_mapping .remove {
|
171 |
+
display: block;
|
172 |
+
height: 16px;
|
173 |
+
width: 16px;
|
174 |
+
overflow: hidden;
|
175 |
+
text-indent: -1000em;
|
176 |
+
float: left;
|
177 |
+
background: url(images/delete.png) no-repeat 50% 50%;
|
178 |
+
}
|
179 |
+
#wphttps-main #domain_mapping .arrow .label {
|
180 |
+
display: block;
|
181 |
+
height: 16px;
|
182 |
+
width: 16px;
|
183 |
+
overflow: hidden;
|
184 |
+
text-indent: -1000em;
|
185 |
+
background: url(images/arrow_right.png) no-repeat 50% 50%;
|
186 |
+
margin: 0 auto;
|
187 |
+
}
|
188 |
+
|
189 |
+
#wphttps-main #regex-help {
|
190 |
+
display: none;
|
191 |
+
}
|
192 |
+
table.regex-help {
|
193 |
+
border-collapse: collapse;
|
194 |
+
}
|
195 |
+
table.regex-help tr {
|
196 |
+
border: 1px solid #000;
|
197 |
+
border-width: 1px 1px 0 0;
|
198 |
+
}
|
199 |
+
table.regex-help td, table.regex-help th {
|
200 |
+
border: 1px solid #000;
|
201 |
+
border-width: 0 0 1px 1px;
|
202 |
}
|
admin/js/metabox.php
CHANGED
@@ -1,13 +1,6 @@
|
|
1 |
<?php
|
2 |
|
3 |
-
|
4 |
-
get_include_path(),
|
5 |
-
realpath(dirname(__FILE__) . '/../../../../..'),
|
6 |
-
realpath(dirname(__FILE__) . '/../../lib')
|
7 |
-
);
|
8 |
-
set_include_path(implode(PATH_SEPARATOR, $include_paths));
|
9 |
-
require_once('wp-load.php');
|
10 |
-
require_once('WordPressHTTPS.php');
|
11 |
|
12 |
// Disable errors
|
13 |
error_reporting(0);
|
@@ -21,7 +14,7 @@ header('Cache-Control: post-check=0, pre-check=0', FALSE);
|
|
21 |
header('Pragma: no-cache');
|
22 |
header("Vary: Accept-Encoding");
|
23 |
|
24 |
-
if ( ! wp_verify_nonce($_POST['
|
25 |
exit;
|
26 |
}
|
27 |
|
1 |
<?php
|
2 |
|
3 |
+
require_once(realpath(dirname(__FILE__) . '/../../../../..') . '/wp-load.php');
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
4 |
|
5 |
// Disable errors
|
6 |
error_reporting(0);
|
14 |
header('Pragma: no-cache');
|
15 |
header("Vary: Accept-Encoding");
|
16 |
|
17 |
+
if ( ! wp_verify_nonce($_POST['_nonce'], 'wordpress-https') ) {
|
18 |
exit;
|
19 |
}
|
20 |
|
admin/templates/ajax_message.php
ADDED
@@ -0,0 +1,19 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
if ( array_key_exists('ajax', $_POST) ) {
|
4 |
+
error_reporting(0);
|
5 |
+
while(@ob_end_clean());
|
6 |
+
if ( sizeof( $errors ) > 0 ) {
|
7 |
+
echo "<div class=\"error below-h2 fade wphttps-message\" id=\"message\">\n\t<ul>\n";
|
8 |
+
foreach ( $errors as $error ) {
|
9 |
+
echo "\t\t<li><p>".$error."</p></li>\n";
|
10 |
+
}
|
11 |
+
echo "\t</ul>\n</div>\n";
|
12 |
+
} else {
|
13 |
+
echo "<div class=\"updated below-h2 fade wphttps-message\" id=\"message\"><p>" . $message . "</p></div>\n";
|
14 |
+
if ( $logout || $reload ) {
|
15 |
+
echo "<script type=\"text/javascript\">window.location.reload();</script>";
|
16 |
+
}
|
17 |
+
}
|
18 |
+
exit();
|
19 |
+
}
|
admin/templates/metabox/ajax.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
<?php
|
2 |
-
$nonce = wp_create_nonce($
|
3 |
?><script type="text/javascript">
|
4 |
jQuery(document).ready(function($) {
|
5 |
var loading = $('<img alt="Loading..." src="<?php echo admin_url('/images/wpspin_light.gif'); ?>" class="loading" />');
|
@@ -12,7 +12,7 @@ jQuery(document).ready(function($) {
|
|
12 |
data: {
|
13 |
id : '<?php echo $metabox['id']; ?>',
|
14 |
url : '<?php echo $metabox['args']['url']; ?>',
|
15 |
-
|
16 |
},
|
17 |
success: function(response) {
|
18 |
$('#<?php echo $metabox['id']; ?> .inside').html(response);
|
1 |
<?php
|
2 |
+
$nonce = wp_create_nonce($this->getPlugin()->getSlug());
|
3 |
?><script type="text/javascript">
|
4 |
jQuery(document).ready(function($) {
|
5 |
var loading = $('<img alt="Loading..." src="<?php echo admin_url('/images/wpspin_light.gif'); ?>" class="loading" />');
|
12 |
data: {
|
13 |
id : '<?php echo $metabox['id']; ?>',
|
14 |
url : '<?php echo $metabox['args']['url']; ?>',
|
15 |
+
_nonce : '<?php echo $nonce; ?>'
|
16 |
},
|
17 |
success: function(response) {
|
18 |
$('#<?php echo $metabox['id']; ?> .inside').html(response);
|
admin/templates/metabox/domain_mapping.php
ADDED
@@ -0,0 +1,117 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<form name="<?php echo $this->getPlugin()->getSlug(); ?>_domain_mapping_form" id="<?php echo $this->getPlugin()->getSlug(); ?>_domain_mapping_form" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
|
2 |
+
<?php settings_fields($this->getPlugin()->getSlug()); ?>
|
3 |
+
|
4 |
+
<p>Domain mapping allows you to map external domains that host their HTTPS content on a different domain. You may use <a href="#TB_inline?height=155&width=350&inlineId=regex-help&" class="thickbox" title="Regular Expressions Help">regular expressions</a>.</p>
|
5 |
+
|
6 |
+
<table class="form-table" id="domain_mapping">
|
7 |
+
<thead>
|
8 |
+
</thead>
|
9 |
+
<?php
|
10 |
+
$ssl_host_mapping = ( is_array($this->getPlugin()->getSetting('ssl_host_mapping')) ? $this->getPlugin()->getSetting('ssl_host_mapping') : array() );
|
11 |
+
foreach( $ssl_host_mapping as $http_domain => $https_domain ) {
|
12 |
+
?>
|
13 |
+
<tr valign="top" class="domain_mapping_row">
|
14 |
+
<td class="http_scheme">
|
15 |
+
<span class="label">http://</span>
|
16 |
+
</td>
|
17 |
+
<td class="http_domain">
|
18 |
+
<input type="text" name="http_domain[]" value="<?=$http_domain?>" />
|
19 |
+
</td>
|
20 |
+
<td class="arrow">
|
21 |
+
<span class="label">></span>
|
22 |
+
</td>
|
23 |
+
<td class="https_scheme">
|
24 |
+
<span class="label">https://</span>
|
25 |
+
</td>
|
26 |
+
<td class="https_domain">
|
27 |
+
<input type="text" name="https_domain[]" value="<?=$https_domain?>" />
|
28 |
+
</td>
|
29 |
+
<td class="controls">
|
30 |
+
<a class="remove" href="#" title="Remove URL Filter">Remove</a>
|
31 |
+
<a class="add" href="#" title="Add URL Filter">Add</a>
|
32 |
+
</td>
|
33 |
+
</tr>
|
34 |
+
|
35 |
+
<?php } ?>
|
36 |
+
<tr valign="top" class="domain_mapping_row">
|
37 |
+
<td class="http_scheme">
|
38 |
+
<span class="label">http://</span>
|
39 |
+
</td>
|
40 |
+
<td class="http_domain">
|
41 |
+
<input type="text" name="http_domain[]" value="" />
|
42 |
+
</td>
|
43 |
+
<td class="arrow">
|
44 |
+
<span class="label">></span>
|
45 |
+
</td>
|
46 |
+
<td class="https_scheme">
|
47 |
+
<span class="label">https://</span>
|
48 |
+
</td>
|
49 |
+
<td class="https_domain">
|
50 |
+
<input type="text" name="https_domain[]" value="" />
|
51 |
+
</td>
|
52 |
+
<td class="controls">
|
53 |
+
<a class="remove" href="#" title="Remove URL Filter">Remove</a>
|
54 |
+
<a class="add" href="#" title="Add URL Filter">Add</a>
|
55 |
+
</td>
|
56 |
+
</tr>
|
57 |
+
</table>
|
58 |
+
|
59 |
+
<input type="hidden" name="action" value="wphttps-domain-mapping" />
|
60 |
+
|
61 |
+
<p class="button-controls">
|
62 |
+
<input type="submit" name="domain_mapping-save" value="Save Changes" class="button-primary" id="domain_mapping-save" />
|
63 |
+
<input type="submit" name="domain_mapping-reset" value="Reset" class="button-secondary" id="domain_mapping-reset" />
|
64 |
+
<img alt="Waiting..." src="<?php echo admin_url('/images/wpspin_light.gif'); ?>" class="waiting submit-waiting" />
|
65 |
+
</p>
|
66 |
+
</form>
|
67 |
+
<script type="text/javascript">
|
68 |
+
jQuery(document).ready(function($) {
|
69 |
+
$('#<?php echo $this->getPlugin()->getSlug(); ?>_domain_mapping_form').submit(function() {
|
70 |
+
$('#<?php echo $this->getPlugin()->getSlug(); ?>_domain_mapping_form .submit-waiting').show();
|
71 |
+
}).ajaxForm({
|
72 |
+
data: { ajax: '1'},
|
73 |
+
success: function(responseText, textStatus, XMLHttpRequest) {
|
74 |
+
$('#<?php echo $this->getPlugin()->getSlug(); ?>_domain_mapping_form .submit-waiting').hide();
|
75 |
+
$('#message-body').html(responseText).fadeOut(0).fadeIn().delay(5000).fadeOut();
|
76 |
+
}
|
77 |
+
});
|
78 |
+
|
79 |
+
if ( $('#domain_mapping tr').length <= 1 ) {
|
80 |
+
$('#domain_mapping .remove').hide();
|
81 |
+
} else {
|
82 |
+
$('#domain_mapping .remove').show();
|
83 |
+
$('#domain_mapping .add').hide();
|
84 |
+
$('#domain_mapping tr:last-child .add').show();
|
85 |
+
}
|
86 |
+
|
87 |
+
$('.domain_mapping_row .add').live('click', function(e) {
|
88 |
+
e.preventDefault();
|
89 |
+
var row = $(this).parents('tr').clone();
|
90 |
+
row.find('input').val('');
|
91 |
+
$(this).parents('table').append(row);
|
92 |
+
$(this).hide();
|
93 |
+
$('#domain_mapping .remove').show();
|
94 |
+
return false;
|
95 |
+
});
|
96 |
+
|
97 |
+
$('.domain_mapping_row .remove').live('click', function(e) {
|
98 |
+
e.preventDefault();
|
99 |
+
$(this).parents('tr').remove();
|
100 |
+
if ( $('#domain_mapping tr').length <= 1 ) {
|
101 |
+
$('#domain_mapping .remove').hide();
|
102 |
+
} else {
|
103 |
+
$('#domain_mapping .remove').show();
|
104 |
+
}
|
105 |
+
$('#domain_mapping .add').hide();
|
106 |
+
$('#domain_mapping tr:last-child .add').show();
|
107 |
+
return false;
|
108 |
+
});
|
109 |
+
|
110 |
+
$('#domain_mapping-reset').click(function(e, el) {
|
111 |
+
if ( ! confirm('Are you sure you want to reset all WordPress HTTPS domain mappings?') ) {
|
112 |
+
e.preventDefault();
|
113 |
+
return false;
|
114 |
+
}
|
115 |
+
});
|
116 |
+
});
|
117 |
+
</script>
|
admin/templates/metabox/filters.php
CHANGED
@@ -1,26 +1,24 @@
|
|
1 |
<form name="<?php echo $this->getPlugin()->getSlug(); ?>_filters_form" id="<?php echo $this->getPlugin()->getSlug(); ?>_filters_form" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
|
2 |
<?php settings_fields($this->getPlugin()->getSlug()); ?>
|
3 |
-
|
4 |
<table class="form-table">
|
5 |
<tr valign="top" id="secure_filter_row">
|
6 |
<th scope="row">
|
7 |
Secure Filters
|
8 |
-
<p class="description">Example: If you have an E-commerce shop and all of the URL's begin with /store/, you could secure all store links by entering '/store/' on one line
|
9 |
</th>
|
10 |
<td>
|
11 |
<textarea name="secure_filter" id="secure_filter"><?php echo implode("\n", $this->getPlugin()->getSetting('secure_filter')); ?></textarea>
|
12 |
</td>
|
13 |
</tr>
|
14 |
</table>
|
15 |
-
|
16 |
-
<input type="hidden" name="action" value="save" />
|
17 |
-
|
18 |
<p class="button-controls">
|
19 |
<input type="submit" name="filters-save" value="Save Changes" class="button-primary" id="filters-save" />
|
20 |
<input type="submit" name="filters-reset" value="Reset" class="button-secondary" id="filters-reset" />
|
21 |
<img alt="Waiting..." src="<?php echo admin_url('/images/wpspin_light.gif'); ?>" class="waiting submit-waiting" />
|
22 |
</p>
|
23 |
</form>
|
|
|
24 |
<script type="text/javascript">
|
25 |
jQuery(document).ready(function($) {
|
26 |
$('#<?php echo $this->getPlugin()->getSlug(); ?>_filters_form').submit(function() {
|
1 |
<form name="<?php echo $this->getPlugin()->getSlug(); ?>_filters_form" id="<?php echo $this->getPlugin()->getSlug(); ?>_filters_form" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
|
2 |
<?php settings_fields($this->getPlugin()->getSlug()); ?>
|
|
|
3 |
<table class="form-table">
|
4 |
<tr valign="top" id="secure_filter_row">
|
5 |
<th scope="row">
|
6 |
Secure Filters
|
7 |
+
<p class="description">Example: If you have an E-commerce shop and all of the URL's begin with /store/, you could secure all store links by entering '/store/' on one line. You may use <a href="#TB_inline?height=155&width=350&inlineId=regex-help" class="thickbox" title="Regular Expressions Help">regular expressions</a>.</p>
|
8 |
</th>
|
9 |
<td>
|
10 |
<textarea name="secure_filter" id="secure_filter"><?php echo implode("\n", $this->getPlugin()->getSetting('secure_filter')); ?></textarea>
|
11 |
</td>
|
12 |
</tr>
|
13 |
</table>
|
14 |
+
<input type="hidden" name="action" value="wphttps-filters" />
|
|
|
|
|
15 |
<p class="button-controls">
|
16 |
<input type="submit" name="filters-save" value="Save Changes" class="button-primary" id="filters-save" />
|
17 |
<input type="submit" name="filters-reset" value="Reset" class="button-secondary" id="filters-reset" />
|
18 |
<img alt="Waiting..." src="<?php echo admin_url('/images/wpspin_light.gif'); ?>" class="waiting submit-waiting" />
|
19 |
</p>
|
20 |
</form>
|
21 |
+
|
22 |
<script type="text/javascript">
|
23 |
jQuery(document).ready(function($) {
|
24 |
$('#<?php echo $this->getPlugin()->getSlug(); ?>_filters_form').submit(function() {
|
admin/templates/metabox/network.php
ADDED
@@ -0,0 +1,31 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<form name="<?php echo $this->getPlugin()->getSlug(); ?>_settings_form" id="<?php echo $this->getPlugin()->getSlug(); ?>_settings_form" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
|
2 |
+
<?php settings_fields($this->getPlugin()->getSlug()); ?>
|
3 |
+
|
4 |
+
<input type="hidden" name="action" value="wphttps-network" />
|
5 |
+
|
6 |
+
<p class="button-controls">
|
7 |
+
<input type="submit" name="settings-save" value="Save Changes" class="button-primary" id="network-settings-save" />
|
8 |
+
<input type="submit" name="settings-reset" value="Reset" class="button-secondary" id="network-settings-reset" />
|
9 |
+
<img alt="Waiting..." src="<?php echo admin_url('/images/wpspin_light.gif'); ?>" class="waiting submit-waiting" />
|
10 |
+
</p>
|
11 |
+
</form>
|
12 |
+
<script type="text/javascript">
|
13 |
+
jQuery(document).ready(function($) {
|
14 |
+
$('#<?php echo $this->getPlugin()->getSlug(); ?>_settings_form').submit(function() {
|
15 |
+
$('#<?php echo $this->getPlugin()->getSlug(); ?>_settings_form .submit-waiting').show();
|
16 |
+
}).ajaxForm({
|
17 |
+
data: { ajax: '1'},
|
18 |
+
success: function(responseText, textStatus, XMLHttpRequest) {
|
19 |
+
$('#<?php echo $this->getPlugin()->getSlug(); ?>_settings_form .submit-waiting').hide();
|
20 |
+
$('#message-body').html(responseText).fadeOut(0).fadeIn().delay(5000).fadeOut();
|
21 |
+
}
|
22 |
+
});
|
23 |
+
|
24 |
+
$('#settings-reset').click(function(e, el) {
|
25 |
+
if ( ! confirm('Are you sure you want to reset all WordPress HTTPS network settings?') ) {
|
26 |
+
e.preventDefault();
|
27 |
+
return false;
|
28 |
+
}
|
29 |
+
});
|
30 |
+
});
|
31 |
+
</script>
|
admin/templates/metabox/settings.php
CHANGED
@@ -24,6 +24,18 @@
|
|
24 |
</fieldset>
|
25 |
</td>
|
26 |
</tr>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
27 |
<tr valign="top" id="exclusive_https_row">
|
28 |
<th scope="row">Force SSL Exclusively</th>
|
29 |
<td>
|
@@ -31,29 +43,31 @@
|
|
31 |
<label for="exclusive_https">
|
32 |
<input type="hidden" name="exclusive_https" value="0" />
|
33 |
<input name="exclusive_https" type="checkbox" id="exclusive_https" value="1"<?php echo (($this->getPlugin()->getSetting('exclusive_https')) ? ' checked="checked"' : ''); ?> />
|
34 |
-
|
35 |
</label>
|
36 |
</fieldset>
|
37 |
</td>
|
38 |
</tr>
|
39 |
-
<tr valign="top" id="
|
40 |
-
<th scope="row">
|
41 |
<td>
|
42 |
<fieldset>
|
43 |
-
<label for="
|
44 |
-
<input type="hidden" name="
|
45 |
-
<input name="
|
|
|
46 |
</label>
|
47 |
</fieldset>
|
48 |
</td>
|
49 |
</tr>
|
50 |
-
<tr valign="top" id="
|
51 |
-
<th scope="row">
|
52 |
<td>
|
53 |
<fieldset>
|
54 |
-
<label for="
|
55 |
-
<input type="hidden" name="
|
56 |
-
<input name="
|
|
|
57 |
</label>
|
58 |
</fieldset>
|
59 |
</td>
|
@@ -67,18 +81,7 @@
|
|
67 |
<input type="radio" name="ssl_proxy" value="auto"<?php echo (($this->getPlugin()->getSetting('ssl_proxy') === 'auto') ? ' checked="checked"' : ''); ?>> <span>Auto</span>
|
68 |
<input type="radio" name="ssl_proxy" value="1"<?php echo (($this->getPlugin()->getSetting('ssl_proxy') == 1) ? ' checked="checked"' : ''); ?>> <span>Yes</span>
|
69 |
</label>
|
70 |
-
|
71 |
-
</td>
|
72 |
-
</tr>
|
73 |
-
<tr valign="top" id="debug_row">
|
74 |
-
<th scope="row">Debug Mode</th>
|
75 |
-
<td>
|
76 |
-
<fieldset>
|
77 |
-
<label for="debug">
|
78 |
-
<input type="hidden" name="debug" value="0" />
|
79 |
-
<input name="debug" type="checkbox" id="debug" value="1"<?php echo (($this->getPlugin()->getSetting('debug')) ? ' checked="checked"' : ''); ?> />
|
80 |
-
Outputs debug information to the browser's console.
|
81 |
-
</label>
|
82 |
</fieldset>
|
83 |
</td>
|
84 |
</tr>
|
@@ -97,7 +100,7 @@
|
|
97 |
</tr>
|
98 |
</table>
|
99 |
|
100 |
-
<input type="hidden" name="action" value="
|
101 |
<input type="hidden" name="ssl_host_subdomain" value="<?php echo (($this->getPlugin()->getSetting('ssl_host_subdomain') != 1) ? 0 : 1); ?>" />
|
102 |
<input type="hidden" name="ssl_host_diff" value="<?php echo (($this->getPlugin()->getSetting('ssl_host_diff') != 1) ? 0 : 1); ?>" />
|
103 |
|
24 |
</fieldset>
|
25 |
</td>
|
26 |
</tr>
|
27 |
+
<tr valign="top" id="ssl_admin_row">
|
28 |
+
<th scope="row">Force SSL Administration</th>
|
29 |
+
<td>
|
30 |
+
<fieldset>
|
31 |
+
<label for="ssl_admin">
|
32 |
+
<input type="hidden" name="ssl_admin" value="0" />
|
33 |
+
<input name="ssl_admin" type="checkbox" id="ssl_admin" value="1"<?php echo ((force_ssl_admin()) ? ' checked="checked" disabled="disabled" title="FORCE_SSL_ADMIN is true in wp-config.php"' : (($this->getPlugin()->getSetting('ssl_admin')) ? ' checked="checked"' : '') ); ?> />
|
34 |
+
<p class="description">Always use HTTPS while in the admin panel. This setting is identical to <a href="http://codex.wordpress.org/Administration_Over_SSL#Example_2" target="_blank">FORCE_SSL_ADMIN</a>.</p>
|
35 |
+
</label>
|
36 |
+
</fieldset>
|
37 |
+
</td>
|
38 |
+
</tr>
|
39 |
<tr valign="top" id="exclusive_https_row">
|
40 |
<th scope="row">Force SSL Exclusively</th>
|
41 |
<td>
|
43 |
<label for="exclusive_https">
|
44 |
<input type="hidden" name="exclusive_https" value="0" />
|
45 |
<input name="exclusive_https" type="checkbox" id="exclusive_https" value="1"<?php echo (($this->getPlugin()->getSetting('exclusive_https')) ? ' checked="checked"' : ''); ?> />
|
46 |
+
<p class="description">Any page that is not secured via <a href="<?php echo parse_url($this->getPlugin()->getPluginUrl(), PHP_URL_PATH); ?>/screenshot-2.png" class="thickbox">Force SSL</a> or URL Filters will be redirected to HTTP.</p>
|
47 |
</label>
|
48 |
</fieldset>
|
49 |
</td>
|
50 |
</tr>
|
51 |
+
<tr valign="top" id="remove_unsecure_row">
|
52 |
+
<th scope="row">Remove Unsecure Elements</th>
|
53 |
<td>
|
54 |
<fieldset>
|
55 |
+
<label for="remove_unsecure">
|
56 |
+
<input type="hidden" name="remove_unsecure" value="0" />
|
57 |
+
<input name="remove_unsecure" type="checkbox" id="remove_unsecure" value="1"<?php echo (($this->getPlugin()->getSetting('remove_unsecure')) ? ' checked="checked"' : ''); ?> />
|
58 |
+
<p class="description">Remove elements inaccessible over HTTPS. May break other plugins' functionality.</p>
|
59 |
</label>
|
60 |
</fieldset>
|
61 |
</td>
|
62 |
</tr>
|
63 |
+
<tr valign="top" id="debug_row">
|
64 |
+
<th scope="row">Debug Mode</th>
|
65 |
<td>
|
66 |
<fieldset>
|
67 |
+
<label for="debug">
|
68 |
+
<input type="hidden" name="debug" value="0" />
|
69 |
+
<input name="debug" type="checkbox" id="debug" value="1"<?php echo (($this->getPlugin()->getSetting('debug')) ? ' checked="checked"' : ''); ?> />
|
70 |
+
<p class="description">Outputs debug information to the browser's console.</p>
|
71 |
</label>
|
72 |
</fieldset>
|
73 |
</td>
|
81 |
<input type="radio" name="ssl_proxy" value="auto"<?php echo (($this->getPlugin()->getSetting('ssl_proxy') === 'auto') ? ' checked="checked"' : ''); ?>> <span>Auto</span>
|
82 |
<input type="radio" name="ssl_proxy" value="1"<?php echo (($this->getPlugin()->getSetting('ssl_proxy') == 1) ? ' checked="checked"' : ''); ?>> <span>Yes</span>
|
83 |
</label>
|
84 |
+
<p class="description">If you think you may behind a proxy, set to Auto. Otherwise, leave the setting on No.</p>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
85 |
</fieldset>
|
86 |
</td>
|
87 |
</tr>
|
100 |
</tr>
|
101 |
</table>
|
102 |
|
103 |
+
<input type="hidden" name="action" value="wphttps-settings" />
|
104 |
<input type="hidden" name="ssl_host_subdomain" value="<?php echo (($this->getPlugin()->getSetting('ssl_host_subdomain') != 1) ? 0 : 1); ?>" />
|
105 |
<input type="hidden" name="ssl_host_diff" value="<?php echo (($this->getPlugin()->getSetting('ssl_host_diff') != 1) ? 0 : 1); ?>" />
|
106 |
|
admin/templates/network.php
ADDED
@@ -0,0 +1,23 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
require_once('../includes/template.php'); // WordPress Dashboard Functions
|
3 |
+
?>
|
4 |
+
|
5 |
+
<div class="wphttps-message-wrap" id="message-wrap"><div id="message-body"></div></div>
|
6 |
+
|
7 |
+
<div class="wrap" id="wphttps-main">
|
8 |
+
<div id="icon-options-https" class="icon32"><br /></div>
|
9 |
+
<h2>HTTPS</h2>
|
10 |
+
|
11 |
+
<?php
|
12 |
+
wp_nonce_field('closedpostboxes', 'closedpostboxesnonce', false );
|
13 |
+
wp_nonce_field('meta-box-order', 'meta-box-order-nonce', false );
|
14 |
+
?>
|
15 |
+
<div id="poststuff" class="columns metabox-holder">
|
16 |
+
<div class="postbox-container column-primary">
|
17 |
+
<?php do_meta_boxes('toplevel_page_' . $this->getPlugin()->getSlug() . '_network', 'main', $this); ?>
|
18 |
+
</div>
|
19 |
+
<div class="postbox-container column-secondary">
|
20 |
+
<?php do_meta_boxes('toplevel_page_' . $this->getPlugin()->getSlug(), 'side', $this); // Use side from regular settings ?>
|
21 |
+
</div>
|
22 |
+
</div>
|
23 |
+
</div>
|
admin/templates/settings.php
CHANGED
@@ -20,4 +20,102 @@ require_once('includes/template.php'); // WordPress Dashboard Functions
|
|
20 |
<?php do_meta_boxes('toplevel_page_' . $this->getPlugin()->getSlug(), 'side', $this); ?>
|
21 |
</div>
|
22 |
</div>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
23 |
</div>
|
20 |
<?php do_meta_boxes('toplevel_page_' . $this->getPlugin()->getSlug(), 'side', $this); ?>
|
21 |
</div>
|
22 |
</div>
|
23 |
+
|
24 |
+
<div id="regex-help">
|
25 |
+
<h3>Expressions</h3>
|
26 |
+
<table class="regex-help">
|
27 |
+
<tr>
|
28 |
+
<td>[abc]</td>
|
29 |
+
<td>A single character: a, b, or c</td>
|
30 |
+
</tr>
|
31 |
+
<tr>
|
32 |
+
<td>[^abc]</td>
|
33 |
+
<td>Any single character <em>but</em> a, b, or c</td>
|
34 |
+
</tr>
|
35 |
+
<tr>
|
36 |
+
<td>[a-z]</td>
|
37 |
+
<td>Any character in the range a-z</td>
|
38 |
+
</tr>
|
39 |
+
<tr>
|
40 |
+
<td>[a-zA-Z]</td>
|
41 |
+
<td>Any character in the range a-z or A-Z (any alphabetical character)</td>
|
42 |
+
</tr>
|
43 |
+
<tr>
|
44 |
+
<td>\s</td>
|
45 |
+
<td>Any whitespace character [ \t\n\r\f\v]</td>
|
46 |
+
</tr>
|
47 |
+
<tr>
|
48 |
+
<td>\S</td>
|
49 |
+
<td>Any non-whitespace character [^ \t\n\r\f\v]</td>
|
50 |
+
</tr>
|
51 |
+
<tr>
|
52 |
+
<td>\d</td>
|
53 |
+
<td>Any digit [0-9]</td>
|
54 |
+
</tr>
|
55 |
+
<tr>
|
56 |
+
<td>\D</td>
|
57 |
+
<td>Any non-digit [^0-9]</td>
|
58 |
+
</tr>
|
59 |
+
<tr>
|
60 |
+
<td>\w</td>
|
61 |
+
<td>Any word character [a-zA-Z0-9_]</td>
|
62 |
+
</tr>
|
63 |
+
<tr>
|
64 |
+
<td>\W</td>
|
65 |
+
<td>Any non-word character [^a-zA-Z0-9_]</td>
|
66 |
+
</tr>
|
67 |
+
<tr>
|
68 |
+
<td>\b</td>
|
69 |
+
<td>A word boundary between \w and \W</td>
|
70 |
+
</tr>
|
71 |
+
<tr>
|
72 |
+
<td>\B</td>
|
73 |
+
<td>A position that is not a word boundary</td>
|
74 |
+
</tr>
|
75 |
+
<tr>
|
76 |
+
<td>|</td>
|
77 |
+
<td>Alternation: matches either the subexpression to the left or to the right</td>
|
78 |
+
</tr>
|
79 |
+
<tr>
|
80 |
+
<td>()</td>
|
81 |
+
<td>Grouping: group all together for repetition operators</td>
|
82 |
+
</tr>
|
83 |
+
<tr>
|
84 |
+
<td>^</td>
|
85 |
+
<td>Beginning of the string</td>
|
86 |
+
</tr>
|
87 |
+
<tr>
|
88 |
+
<td>$</td>
|
89 |
+
<td>End of the string</td>
|
90 |
+
</tr>
|
91 |
+
</table>
|
92 |
+
<h3>Repetition Operators</h3>
|
93 |
+
<table class="regex-help">
|
94 |
+
<tr>
|
95 |
+
<td>{n,m}</td>
|
96 |
+
<td>Match the previous item at least <em>n</em> times but no more than <em>m</em>
|
97 |
+
times</td>
|
98 |
+
</tr>
|
99 |
+
<tr>
|
100 |
+
<td>{n,}</td>
|
101 |
+
<td>Match the previous item <em>n</em> or more times</td>
|
102 |
+
</tr>
|
103 |
+
<tr>
|
104 |
+
<td>{n}</td>
|
105 |
+
<td>Match exactly <em>n</em> occurrences of the previous item</td>
|
106 |
+
</tr>
|
107 |
+
<tr>
|
108 |
+
<td>?</td>
|
109 |
+
<td>Match 0 or 1 occurrences of the previous item {0,1}</td>
|
110 |
+
</tr>
|
111 |
+
<tr>
|
112 |
+
<td>+</td>
|
113 |
+
<td>Match 1 or more occurrences of the previous item {1,}</td>
|
114 |
+
</tr>
|
115 |
+
<tr>
|
116 |
+
<td>*</td>
|
117 |
+
<td>Match 0 or more occurrences of the previous item {0,}</td>
|
118 |
+
</tr>
|
119 |
+
</table>
|
120 |
+
</div>
|
121 |
</div>
|
lib/Mvied/Plugin.php
CHANGED
@@ -267,20 +267,25 @@ class Mvied_Plugin {
|
|
267 |
public function getSettings() {
|
268 |
return $this->_settings;
|
269 |
}
|
270 |
-
|
271 |
/**
|
272 |
* Set Plugin Setting
|
273 |
*
|
274 |
* @param string $setting
|
275 |
* @param mixed $value
|
|
|
276 |
* @return $this
|
277 |
*/
|
278 |
-
public function setSetting( $setting, $value ) {
|
279 |
-
$
|
280 |
-
|
|
|
|
|
|
|
|
|
281 |
return $this;
|
282 |
}
|
283 |
-
|
284 |
/**
|
285 |
* Set Slug
|
286 |
*
|
@@ -336,6 +341,9 @@ class Mvied_Plugin {
|
|
336 |
foreach( $modules as $module ) {
|
337 |
$module->init();
|
338 |
}
|
|
|
|
|
|
|
339 |
return $this;
|
340 |
}
|
341 |
|
267 |
public function getSettings() {
|
268 |
return $this->_settings;
|
269 |
}
|
270 |
+
|
271 |
/**
|
272 |
* Set Plugin Setting
|
273 |
*
|
274 |
* @param string $setting
|
275 |
* @param mixed $value
|
276 |
+
* @param int $blog_id
|
277 |
* @return $this
|
278 |
*/
|
279 |
+
public function setSetting( $setting, $value, $blog_id = 0 ) {
|
280 |
+
$setting_full = $this->getSlug() . '_' . $setting;
|
281 |
+
if ( $blog_id > 0 ) {
|
282 |
+
update_blog_option($blog_id, $setting_full, $value);
|
283 |
+
} else {
|
284 |
+
update_option($setting_full, $value);
|
285 |
+
}
|
286 |
return $this;
|
287 |
}
|
288 |
+
|
289 |
/**
|
290 |
* Set Slug
|
291 |
*
|
341 |
foreach( $modules as $module ) {
|
342 |
$module->init();
|
343 |
}
|
344 |
+
if ( isset($this->_slug) ) {
|
345 |
+
do_action($this->_slug . '_init');
|
346 |
+
}
|
347 |
return $this;
|
348 |
}
|
349 |
|
lib/Mvied/Plugin/Module.php
CHANGED
@@ -8,7 +8,7 @@
|
|
8 |
* @author Mike Ems
|
9 |
* @package Mvied
|
10 |
*/
|
11 |
-
class Mvied_Plugin_Module {
|
12 |
|
13 |
/**
|
14 |
* Plugin object that this module extends
|
@@ -17,6 +17,16 @@ class Mvied_Plugin_Module {
|
|
17 |
*/
|
18 |
protected $_plugin;
|
19 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
20 |
/**
|
21 |
* Set Plugin
|
22 |
*
|
8 |
* @author Mike Ems
|
9 |
* @package Mvied
|
10 |
*/
|
11 |
+
class Mvied_Plugin_Module implements Mvied_Plugin_Module_Interface {
|
12 |
|
13 |
/**
|
14 |
* Plugin object that this module extends
|
17 |
*/
|
18 |
protected $_plugin;
|
19 |
|
20 |
+
/**
|
21 |
+
*
|
22 |
+
* Initializes the module
|
23 |
+
* @param none
|
24 |
+
* @return void
|
25 |
+
*/
|
26 |
+
public function init() {
|
27 |
+
throw new Exception('No init method in ' . get_class($this));
|
28 |
+
}
|
29 |
+
|
30 |
/**
|
31 |
* Set Plugin
|
32 |
*
|
lib/Mvied/Theme.php
CHANGED
@@ -1,38 +1,42 @@
|
|
1 |
<?php
|
2 |
/**
|
|
|
|
|
3 |
* @author Mike Ems
|
4 |
* @package Mvied
|
5 |
*/
|
6 |
class Mvied_Theme {
|
7 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
8 |
/**
|
9 |
* Module directory
|
10 |
*
|
11 |
* @var string
|
12 |
*/
|
13 |
protected $_module_directory;
|
14 |
-
|
15 |
/**
|
16 |
* Loaded Modules
|
17 |
*
|
18 |
* @var array
|
19 |
*/
|
20 |
protected $_modules = array();
|
21 |
-
|
22 |
/**
|
23 |
* Logger
|
24 |
*
|
25 |
* @var Mvied_Logger_Interface
|
26 |
*/
|
27 |
protected $_logger;
|
28 |
-
|
29 |
/**
|
30 |
* Theme Settings
|
31 |
*
|
32 |
* @var array
|
33 |
*/
|
34 |
protected $_settings = array();
|
35 |
-
|
36 |
/**
|
37 |
* Theme Slug
|
38 |
*
|
@@ -49,6 +53,27 @@ class Mvied_Theme {
|
|
49 |
*/
|
50 |
protected $_version;
|
51 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
52 |
/**
|
53 |
* Set Module Directory
|
54 |
*
|
@@ -98,7 +123,6 @@ class Mvied_Theme {
|
|
98 |
}
|
99 |
return $modules;
|
100 |
}
|
101 |
-
|
102 |
/**
|
103 |
* Get Module
|
104 |
*
|
@@ -115,7 +139,6 @@ class Mvied_Theme {
|
|
115 |
|
116 |
die('Module not found: \'' . $module . '\'.');
|
117 |
}
|
118 |
-
|
119 |
/**
|
120 |
* Get Modules
|
121 |
*
|
@@ -143,7 +166,6 @@ class Mvied_Theme {
|
|
143 |
$this->_modules[$module] = $object;
|
144 |
return $this;
|
145 |
}
|
146 |
-
|
147 |
/**
|
148 |
* Set Logger
|
149 |
*
|
@@ -168,7 +190,6 @@ class Mvied_Theme {
|
|
168 |
|
169 |
return $this->_logger->getInstance();
|
170 |
}
|
171 |
-
|
172 |
/**
|
173 |
* Get Theme Setting
|
174 |
*
|
@@ -183,7 +204,6 @@ class Mvied_Theme {
|
|
183 |
} else {
|
184 |
$value = get_option($setting_full);
|
185 |
}
|
186 |
-
|
187 |
// Load default option
|
188 |
if ( $value === false ) {
|
189 |
$value = $this->_settings[$setting];
|
@@ -199,7 +219,6 @@ class Mvied_Theme {
|
|
199 |
}
|
200 |
return $value;
|
201 |
}
|
202 |
-
|
203 |
/**
|
204 |
* Get Theme Settings
|
205 |
*
|
@@ -209,20 +228,25 @@ class Mvied_Theme {
|
|
209 |
public function getSettings() {
|
210 |
return $this->_settings;
|
211 |
}
|
212 |
-
|
213 |
/**
|
214 |
-
* Set
|
215 |
*
|
216 |
* @param string $setting
|
217 |
* @param mixed $value
|
|
|
218 |
* @return $this
|
219 |
*/
|
220 |
-
public function setSetting( $setting, $value ) {
|
221 |
-
$
|
222 |
-
|
|
|
|
|
|
|
|
|
223 |
return $this;
|
224 |
}
|
225 |
-
|
226 |
/**
|
227 |
* Set Slug
|
228 |
*
|
@@ -278,9 +302,11 @@ class Mvied_Theme {
|
|
278 |
foreach( $modules as $module ) {
|
279 |
$module->init();
|
280 |
}
|
|
|
|
|
|
|
281 |
return $this;
|
282 |
}
|
283 |
-
|
284 |
/**
|
285 |
* Is Module Loaded?
|
286 |
*
|
@@ -294,7 +320,6 @@ class Mvied_Theme {
|
|
294 |
return false;
|
295 |
}
|
296 |
}
|
297 |
-
|
298 |
/**
|
299 |
* Load Module
|
300 |
*
|
@@ -312,7 +337,6 @@ class Mvied_Theme {
|
|
312 |
$filename = $filename . '.php';
|
313 |
|
314 |
require_once($this->getModuleDirectory() . $filename);
|
315 |
-
|
316 |
$class = $base_class . '_' . str_replace('\\', '_', $module_full);
|
317 |
if ( ! isset($this->_modules[$class]) || ! is_object($this->_modules[$class]) || get_class($this->_modules[$class]) != $class ) {
|
318 |
try {
|
@@ -323,10 +347,8 @@ class Mvied_Theme {
|
|
323 |
die('Unable to load module: \'' . $module . '\'. ' . $e->getMessage());
|
324 |
}
|
325 |
}
|
326 |
-
|
327 |
return $this;
|
328 |
}
|
329 |
-
|
330 |
/**
|
331 |
* Load Modules
|
332 |
*
|
@@ -339,13 +361,11 @@ class Mvied_Theme {
|
|
339 |
if ( sizeof($modules) == 0 ) {
|
340 |
$modules = $this->getAvailableModules();
|
341 |
}
|
342 |
-
|
343 |
foreach( $modules as $module ) {
|
344 |
$this->loadModule( $module );
|
345 |
}
|
346 |
return $this;
|
347 |
}
|
348 |
-
|
349 |
/**
|
350 |
* Unload Module
|
351 |
*
|
@@ -359,14 +379,11 @@ class Mvied_Theme {
|
|
359 |
$base_class = get_class($this);
|
360 |
}
|
361 |
$module = 'Module\\' . $module;
|
362 |
-
|
363 |
$modules = $this->getModules();
|
364 |
|
365 |
unset($modules[$module]);
|
366 |
|
367 |
$this->_modules = $modules;
|
368 |
-
|
369 |
return $this;
|
370 |
}
|
371 |
-
|
372 |
}
|
1 |
<?php
|
2 |
/**
|
3 |
+
* Base class for a WordPress theme.
|
4 |
+
*
|
5 |
* @author Mike Ems
|
6 |
* @package Mvied
|
7 |
*/
|
8 |
class Mvied_Theme {
|
9 |
+
/**
|
10 |
+
* Base directory
|
11 |
+
*
|
12 |
+
* @var string
|
13 |
+
*/
|
14 |
+
protected $_directory;
|
15 |
+
|
16 |
/**
|
17 |
* Module directory
|
18 |
*
|
19 |
* @var string
|
20 |
*/
|
21 |
protected $_module_directory;
|
|
|
22 |
/**
|
23 |
* Loaded Modules
|
24 |
*
|
25 |
* @var array
|
26 |
*/
|
27 |
protected $_modules = array();
|
|
|
28 |
/**
|
29 |
* Logger
|
30 |
*
|
31 |
* @var Mvied_Logger_Interface
|
32 |
*/
|
33 |
protected $_logger;
|
|
|
34 |
/**
|
35 |
* Theme Settings
|
36 |
*
|
37 |
* @var array
|
38 |
*/
|
39 |
protected $_settings = array();
|
|
|
40 |
/**
|
41 |
* Theme Slug
|
42 |
*
|
53 |
*/
|
54 |
protected $_version;
|
55 |
|
56 |
+
/**
|
57 |
+
* Set Directory
|
58 |
+
*
|
59 |
+
* @param string $directory
|
60 |
+
* @return object $this
|
61 |
+
*/
|
62 |
+
public function setDirectory( $directory ) {
|
63 |
+
$this->_directory = $directory;
|
64 |
+
return $this;
|
65 |
+
}
|
66 |
+
|
67 |
+
/**
|
68 |
+
* Get Directory
|
69 |
+
*
|
70 |
+
* @param none
|
71 |
+
* @return string
|
72 |
+
*/
|
73 |
+
public function getDirectory() {
|
74 |
+
return $this->_directory;
|
75 |
+
}
|
76 |
+
|
77 |
/**
|
78 |
* Set Module Directory
|
79 |
*
|
123 |
}
|
124 |
return $modules;
|
125 |
}
|
|
|
126 |
/**
|
127 |
* Get Module
|
128 |
*
|
139 |
|
140 |
die('Module not found: \'' . $module . '\'.');
|
141 |
}
|
|
|
142 |
/**
|
143 |
* Get Modules
|
144 |
*
|
166 |
$this->_modules[$module] = $object;
|
167 |
return $this;
|
168 |
}
|
|
|
169 |
/**
|
170 |
* Set Logger
|
171 |
*
|
190 |
|
191 |
return $this->_logger->getInstance();
|
192 |
}
|
|
|
193 |
/**
|
194 |
* Get Theme Setting
|
195 |
*
|
204 |
} else {
|
205 |
$value = get_option($setting_full);
|
206 |
}
|
|
|
207 |
// Load default option
|
208 |
if ( $value === false ) {
|
209 |
$value = $this->_settings[$setting];
|
219 |
}
|
220 |
return $value;
|
221 |
}
|
|
|
222 |
/**
|
223 |
* Get Theme Settings
|
224 |
*
|
228 |
public function getSettings() {
|
229 |
return $this->_settings;
|
230 |
}
|
231 |
+
|
232 |
/**
|
233 |
+
* Set Plugin Setting
|
234 |
*
|
235 |
* @param string $setting
|
236 |
* @param mixed $value
|
237 |
+
* @param int $blog_id
|
238 |
* @return $this
|
239 |
*/
|
240 |
+
public function setSetting( $setting, $value, $blog_id = 0 ) {
|
241 |
+
$setting_full = $this->getSlug() . '_' . $setting;
|
242 |
+
if ( $blog_id > 0 ) {
|
243 |
+
update_blog_option($blog_id, $setting_full, $value);
|
244 |
+
} else {
|
245 |
+
update_option($setting_full, $value);
|
246 |
+
}
|
247 |
return $this;
|
248 |
}
|
249 |
+
|
250 |
/**
|
251 |
* Set Slug
|
252 |
*
|
302 |
foreach( $modules as $module ) {
|
303 |
$module->init();
|
304 |
}
|
305 |
+
if ( isset($this->_slug) ) {
|
306 |
+
do_action($this->_slug . '_init');
|
307 |
+
}
|
308 |
return $this;
|
309 |
}
|
|
|
310 |
/**
|
311 |
* Is Module Loaded?
|
312 |
*
|
320 |
return false;
|
321 |
}
|
322 |
}
|
|
|
323 |
/**
|
324 |
* Load Module
|
325 |
*
|
337 |
$filename = $filename . '.php';
|
338 |
|
339 |
require_once($this->getModuleDirectory() . $filename);
|
|
|
340 |
$class = $base_class . '_' . str_replace('\\', '_', $module_full);
|
341 |
if ( ! isset($this->_modules[$class]) || ! is_object($this->_modules[$class]) || get_class($this->_modules[$class]) != $class ) {
|
342 |
try {
|
347 |
die('Unable to load module: \'' . $module . '\'. ' . $e->getMessage());
|
348 |
}
|
349 |
}
|
|
|
350 |
return $this;
|
351 |
}
|
|
|
352 |
/**
|
353 |
* Load Modules
|
354 |
*
|
361 |
if ( sizeof($modules) == 0 ) {
|
362 |
$modules = $this->getAvailableModules();
|
363 |
}
|
|
|
364 |
foreach( $modules as $module ) {
|
365 |
$this->loadModule( $module );
|
366 |
}
|
367 |
return $this;
|
368 |
}
|
|
|
369 |
/**
|
370 |
* Unload Module
|
371 |
*
|
379 |
$base_class = get_class($this);
|
380 |
}
|
381 |
$module = 'Module\\' . $module;
|
|
|
382 |
$modules = $this->getModules();
|
383 |
|
384 |
unset($modules[$module]);
|
385 |
|
386 |
$this->_modules = $modules;
|
|
|
387 |
return $this;
|
388 |
}
|
|
|
389 |
}
|
lib/Mvied/Theme/Module.php
CHANGED
@@ -8,7 +8,7 @@
|
|
8 |
* @author Mike Ems
|
9 |
* @package Mvied
|
10 |
*/
|
11 |
-
class Mvied_Theme_Module {
|
12 |
|
13 |
/**
|
14 |
* Theme object that this module extends
|
@@ -17,6 +17,16 @@ class Mvied_Theme_Module {
|
|
17 |
*/
|
18 |
protected $_theme;
|
19 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
20 |
/**
|
21 |
* Set Theme
|
22 |
*
|
8 |
* @author Mike Ems
|
9 |
* @package Mvied
|
10 |
*/
|
11 |
+
class Mvied_Theme_Module implements Mvied_Theme_Module_Interface {
|
12 |
|
13 |
/**
|
14 |
* Theme object that this module extends
|
17 |
*/
|
18 |
protected $_theme;
|
19 |
|
20 |
+
/**
|
21 |
+
*
|
22 |
+
* Initializes the module
|
23 |
+
* @param none
|
24 |
+
* @return void
|
25 |
+
*/
|
26 |
+
public function init() {
|
27 |
+
throw new Exception('No init method in ' . get_class($this));
|
28 |
+
}
|
29 |
+
|
30 |
/**
|
31 |
* Set Theme
|
32 |
*
|
lib/WordPressHTTPS.php
CHANGED
@@ -1,409 +1,442 @@
|
|
1 |
-
<?php
|
2 |
-
/**
|
3 |
-
* WordPress HTTPS
|
4 |
-
*
|
5 |
-
* @author Mike Ems
|
6 |
-
* @package WordPressHTTPS
|
7 |
-
*
|
8 |
-
*/
|
9 |
-
|
10 |
-
class WordPressHTTPS extends Mvied_Plugin {
|
11 |
-
|
12 |
-
/**
|
13 |
-
* HTTP URL
|
14 |
-
*
|
15 |
-
* @var WordPressHTTPS_Url
|
16 |
-
*/
|
17 |
-
protected $_http_url;
|
18 |
-
|
19 |
-
/**
|
20 |
-
* HTTPS URL
|
21 |
-
*
|
22 |
-
* @var WordPressHTTPS_Url
|
23 |
-
*/
|
24 |
-
protected $_https_url;
|
25 |
-
|
26 |
-
/**
|
27 |
-
* Plugin Settings
|
28 |
-
*
|
29 |
-
* setting_name => default_value
|
30 |
-
*
|
31 |
-
* @var array
|
32 |
-
*/
|
33 |
-
protected $_settings = array(
|
34 |
-
'ssl_host' => '', // Hostname for SSL Host
|
35 |
-
'ssl_port' => '', // Port number for SSL Host
|
36 |
-
'secure_external_urls' => array(), // Secure external URL's
|
37 |
-
'unsecure_external_urls' => array(), // Unsecure external URL's
|
38 |
-
'ssl_host_diff' => 0, // Is SSL Host different than WordPress host
|
39 |
-
'ssl_host_subdomain' => 0, // Is SSL Host a subdomain of WordPress host
|
40 |
-
'exclusive_https' => 0, //
|
41 |
-
'
|
42 |
-
'ssl_admin' => 0, // Force SSL Over Administration Panel (The same as FORCE_SSL_ADMIN)
|
43 |
-
'ssl_proxy' => 0, // Proxy detection
|
44 |
-
'debug' => 0, // Debug Mode
|
45 |
-
'admin_menu' => 'side', // HTTPS Admin Menu location
|
46 |
-
'secure_filter' => array(), //
|
47 |
-
|
48 |
-
|
49 |
-
|
50 |
-
|
51 |
-
*
|
52 |
-
* @
|
53 |
-
|
54 |
-
|
55 |
-
|
56 |
-
|
57 |
-
|
58 |
-
|
59 |
-
|
60 |
-
|
61 |
-
*
|
62 |
-
*
|
63 |
-
* @
|
64 |
-
|
65 |
-
|
66 |
-
|
67 |
-
|
68 |
-
|
69 |
-
|
70 |
-
|
71 |
-
|
72 |
-
|
73 |
-
*
|
74 |
-
*
|
75 |
-
|
76 |
-
|
77 |
-
|
78 |
-
|
79 |
-
|
80 |
-
|
81 |
-
|
82 |
-
|
83 |
-
|
84 |
-
|
85 |
-
|
86 |
-
|
87 |
-
|
88 |
-
|
89 |
-
|
90 |
-
|
91 |
-
|
92 |
-
|
93 |
-
|
94 |
-
|
95 |
-
|
96 |
-
|
97 |
-
|
98 |
-
|
99 |
-
|
100 |
-
|
101 |
-
|
102 |
-
|
103 |
-
|
104 |
-
|
105 |
-
|
106 |
-
|
107 |
-
|
108 |
-
|
109 |
-
|
110 |
-
|
111 |
-
|
112 |
-
|
113 |
-
|
114 |
-
|
115 |
-
|
116 |
-
|
117 |
-
|
118 |
-
$this->
|
119 |
-
|
120 |
-
$this->getLogger()->log('
|
121 |
-
$this->getLogger()->log('
|
122 |
-
$this->getLogger()->log('
|
123 |
-
|
124 |
-
|
125 |
-
$this->
|
126 |
-
|
127 |
-
|
128 |
-
|
129 |
-
|
130 |
-
|
131 |
-
|
132 |
-
|
133 |
-
|
134 |
-
|
135 |
-
|
136 |
-
|
137 |
-
|
138 |
-
|
139 |
-
|
140 |
-
|
141 |
-
|
142 |
-
|
143 |
-
|
144 |
-
|
145 |
-
|
146 |
-
|
147 |
-
|
148 |
-
|
149 |
-
|
150 |
-
|
151 |
-
|
152 |
-
|
153 |
-
|
154 |
-
|
155 |
-
|
156 |
-
|
157 |
-
|
158 |
-
|
159 |
-
|
160 |
-
|
161 |
-
|
162 |
-
$this->
|
163 |
-
|
164 |
-
|
165 |
-
|
166 |
-
|
167 |
-
|
168 |
-
|
169 |
-
|
170 |
-
|
171 |
-
|
172 |
-
|
173 |
-
|
174 |
-
|
175 |
-
|
176 |
-
|
177 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
178 |
} else {
|
179 |
-
|
180 |
}
|
181 |
-
|
182 |
-
|
183 |
-
|
184 |
-
|
185 |
-
|
186 |
-
|
187 |
-
|
188 |
-
|
189 |
-
|
190 |
-
|
191 |
-
|
192 |
-
|
193 |
-
|
194 |
-
|
195 |
-
$url
|
196 |
-
|
197 |
-
|
198 |
-
|
199 |
-
|
200 |
-
|
201 |
-
|
202 |
-
|
203 |
-
|
204 |
-
|
205 |
-
|
206 |
-
|
207 |
-
|
208 |
-
|
209 |
-
|
210 |
-
|
211 |
-
|
212 |
-
|
213 |
-
|
214 |
-
|
215 |
-
|
216 |
-
|
217 |
-
|
218 |
-
|
219 |
-
|
220 |
-
|
221 |
-
|
222 |
-
|
223 |
-
|
224 |
-
}
|
225 |
-
return $
|
226 |
-
}
|
227 |
-
|
228 |
-
/**
|
229 |
-
* Replaces HTTPS Host with HTTP Host
|
230 |
-
*
|
231 |
-
* @param string $string
|
232 |
-
* @return string $string
|
233 |
-
*/
|
234 |
-
public function makeUrlHttp( $string ) {
|
235 |
-
$url = WordPressHTTPS_Url::fromString( $string ); // URL to replace HTTP URL
|
236 |
-
if ( $url ) {
|
237 |
-
if ( $this->isUrlLocal($url) ) {
|
238 |
-
$url->setScheme('http');
|
239 |
-
$url->setHost($this->getHttpUrl()->getHost());
|
240 |
-
$url->setPort($this->getHttpUrl()->getPort());
|
241 |
-
|
242 |
-
if ( $this->getSetting('ssl_host_diff') && strpos($url->getPath(), $this->getHttpsUrl()->getPath()) !== false ) {
|
243 |
-
$url->setPath(str_replace($this->getHttpsUrl()->getPath(), $this->getHttpUrl()->getPath(), $url->getPath()));
|
244 |
-
}
|
245 |
-
|
246 |
-
$string = $url->toString();
|
247 |
-
} else {
|
248 |
-
if ( $url ) {
|
249 |
-
$string = str_replace($url, str_replace('https://', 'http://', $url), $string);
|
250 |
-
}
|
251 |
-
}
|
252 |
-
unset($url);
|
253 |
-
}
|
254 |
-
return $string;
|
255 |
-
}
|
256 |
-
|
257 |
-
/**
|
258 |
-
* Add Secure External URL
|
259 |
-
*
|
260 |
-
* @param string $value
|
261 |
-
* @return $this
|
262 |
-
*/
|
263 |
-
public function addSecureExternalUrl( $value ) {
|
264 |
-
if ( trim($value) == '' ) {
|
265 |
-
return $this;
|
266 |
-
}
|
267 |
-
|
268 |
-
$secure_external_urls = (array) $this->getSetting('secure_external_urls');
|
269 |
-
array_push($secure_external_urls, (string) $value);
|
270 |
-
$this->setSetting('secure_external_urls', $secure_external_urls);
|
271 |
-
|
272 |
-
return $this;
|
273 |
-
}
|
274 |
-
|
275 |
-
/**
|
276 |
-
* Add Unsecure External URL
|
277 |
-
*
|
278 |
-
* @param string $value
|
279 |
-
* @return $this
|
280 |
-
*/
|
281 |
-
public function addUnsecureExternalUrl( $value ) {
|
282 |
-
if ( trim($value) == '' ) {
|
283 |
-
return $this;
|
284 |
-
}
|
285 |
-
|
286 |
-
$unsecure_external_urls = (array) $this->getSetting('unsecure_external_urls');
|
287 |
-
array_push($unsecure_external_urls, (string) $value);
|
288 |
-
$this->setSetting('unsecure_external_urls', $unsecure_external_urls);
|
289 |
-
|
290 |
-
return $this;
|
291 |
-
}
|
292 |
-
|
293 |
-
/**
|
294 |
-
* Checks if the current page is SSL
|
295 |
-
*
|
296 |
-
* @param none
|
297 |
-
* @return bool
|
298 |
-
*/
|
299 |
-
public function isSsl() {
|
300 |
-
// Some extra checks for Shared SSL
|
301 |
-
if ( is_ssl() && strpos($_SERVER['HTTP_HOST'], $this->getHttpsUrl()->getHost()) === false && $_SERVER['SERVER_ADDR'] != $_SERVER['HTTP_HOST'] ) {
|
302 |
-
return false;
|
303 |
-
} else if ( isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https' ) {
|
304 |
-
return true;
|
305 |
-
} else if ( $this->getSetting('ssl_host_diff') && !is_ssl() && isset($_SERVER['HTTP_X_FORWARDED_SERVER']) && $this->getHttpsUrl()->getHost() == $_SERVER['HTTP_X_FORWARDED_SERVER'] ) {
|
306 |
-
return true;
|
307 |
-
} else if ( $this->getSetting('ssl_host_diff') && !is_ssl() && $this->getHttpsUrl()->getHost() == $_SERVER['HTTP_HOST'] && ( $this->getHttpsUrl()->getPort() <= 0 || $_SERVER['SERVER_PORT'] == $this->getHttpsUrl()->getPort() ) && strpos($_SERVER['REQUEST_URI'], $this->getHttpsUrl()->getPath()) !== false ) {
|
308 |
-
return true;
|
309 |
-
}
|
310 |
-
return is_ssl();
|
311 |
-
}
|
312 |
-
|
313 |
-
/**
|
314 |
-
* Maintained for backwards compatibility.
|
315 |
-
*
|
316 |
-
* @param none
|
317 |
-
* @return bool
|
318 |
-
*/
|
319 |
-
public function is_ssl() {
|
320 |
-
return $this->isSsl();
|
321 |
-
}
|
322 |
-
|
323 |
-
/**
|
324 |
-
* Redirects page to HTTP or HTTPS accordingly
|
325 |
-
*
|
326 |
-
* @param string $scheme Either http or https
|
327 |
-
* @return void
|
328 |
-
*/
|
329 |
-
public function redirect( $scheme = 'https' ) {
|
330 |
-
if ( !$this->isSsl() && $scheme == 'https' ) {
|
331 |
-
$url = clone $this->getHttpsUrl();
|
332 |
-
$url->setScheme($scheme);
|
333 |
-
} else if ( $this->isSsl() && $scheme == 'http' ) {
|
334 |
-
$url = clone $this->getHttpUrl();
|
335 |
-
$url->setScheme($scheme);
|
336 |
-
} else {
|
337 |
-
$url = false;
|
338 |
-
}
|
339 |
-
|
340 |
-
if ( $url ) {
|
341 |
-
$path = ( isset($_SERVER['REDIRECT_URL']) ? $_SERVER['REDIRECT_URL'] : $_SERVER['REQUEST_URI'] );
|
342 |
-
if ( strpos($_SERVER['REQUEST_URI'], '?') !== false && isset($_SERVER['REDIRECT_URL']) && strpos($_SERVER['REDIRECT_URL'], '?') === false ) {
|
343 |
-
$path .= substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], '?'));
|
344 |
-
}
|
345 |
-
|
346 |
-
if ( $this->getHttpsUrl()->getPath() != '/' ) {
|
347 |
-
$path = str_replace($this->getHttpsUrl()->getPath(), '', $path);
|
348 |
-
}
|
349 |
-
$path = ltrim($path, '/');
|
350 |
-
|
351 |
-
if ( $scheme == 'https' ) {
|
352 |
-
if ( $this->getSetting('ssl_host_diff') && $this->getHttpUrl()->getPath() != '/' ) {
|
353 |
-
$url->setPath(str_replace($this->getHttpUrl()->getPath(), $this->getHttpsUrl()->getPath(), $_SERVER['REQUEST_URI']));
|
354 |
-
} else {
|
355 |
-
$url->setPath(rtrim($this->getHttpsUrl()->getPath(), '/') . '/' . $path);
|
356 |
-
}
|
357 |
-
} else if ($scheme == 'http' ) {
|
358 |
-
if ( $this->getSetting('ssl_host_diff') && $this->getHttpsUrl()->getPath() != '/' ) {
|
359 |
-
$url->setPath(str_replace($this->getHttpsUrl()->getPath(), $this->getHttpUrl()->getPath(), $_SERVER['REQUEST_URI']));
|
360 |
-
} else {
|
361 |
-
$url->setPath(rtrim($this->getHttpUrl()->getPath(), '/') . '/' . $path);
|
362 |
-
}
|
363 |
-
}
|
364 |
-
|
365 |
-
// Use a cookie to detect redirect loops
|
366 |
-
$redirect_count = ( isset($_COOKIE['redirect_count']) && is_numeric($_COOKIE['redirect_count']) ? (int)$_COOKIE['redirect_count']+1 : 1 );
|
367 |
-
setcookie('redirect_count', $redirect_count, 0, '/');
|
368 |
-
// If redirect count is greater than 2, prevent redirect and log the redirect loop
|
369 |
-
if ( $redirect_count > 2 ) {
|
370 |
-
setcookie('redirect_count', null, -time(), '/');
|
371 |
-
$this->getLogger()->log('[ERROR] Redirect Loop!');
|
372 |
-
return;
|
373 |
-
}
|
374 |
-
|
375 |
-
// Redirect
|
376 |
-
if ( function_exists('wp_redirect') ) {
|
377 |
-
wp_redirect($url, 301);
|
378 |
-
} else {
|
379 |
-
// End all output buffering and redirect
|
380 |
-
while(@ob_end_clean());
|
381 |
-
|
382 |
-
// If redirecting to an admin page
|
383 |
-
if ( strpos($url->getPath(), 'wp-admin') !== false || strpos($url->getPath(), 'wp-login') !== false ) {
|
384 |
-
$url = WordPressHTTPS_Url::fromString($this->redirectAdmin($url));
|
385 |
-
}
|
386 |
-
|
387 |
-
header("Location: " . $url, true, 301);
|
388 |
-
}
|
389 |
-
exit();
|
390 |
-
}
|
391 |
-
}
|
392 |
-
|
393 |
-
/**
|
394 |
-
* WP Redirect Admin
|
395 |
-
* WordPress Filter - wp_redirect_admin
|
396 |
-
*
|
397 |
-
* @param string $url
|
398 |
-
* @return string $url
|
399 |
-
*/
|
400 |
-
public function redirectAdmin( $url ) {
|
401 |
-
$url = $this->makeUrlHttps($url);
|
402 |
-
|
403 |
-
// Fix redirect_to
|
404 |
-
preg_match('/redirect_to=([^&]+)/i', $url, $redirect);
|
405 |
-
$redirect_url = @$redirect[1];
|
406 |
-
$url = str_replace($redirect_url, urlencode($this->makeUrlHttps(urldecode($redirect_url))), $url);
|
407 |
-
return $url;
|
408 |
-
}
|
409 |
}
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* WordPress HTTPS
|
4 |
+
*
|
5 |
+
* @author Mike Ems
|
6 |
+
* @package WordPressHTTPS
|
7 |
+
*
|
8 |
+
*/
|
9 |
+
|
10 |
+
class WordPressHTTPS extends Mvied_Plugin {
|
11 |
+
|
12 |
+
/**
|
13 |
+
* HTTP URL
|
14 |
+
*
|
15 |
+
* @var WordPressHTTPS_Url
|
16 |
+
*/
|
17 |
+
protected $_http_url;
|
18 |
+
|
19 |
+
/**
|
20 |
+
* HTTPS URL
|
21 |
+
*
|
22 |
+
* @var WordPressHTTPS_Url
|
23 |
+
*/
|
24 |
+
protected $_https_url;
|
25 |
+
|
26 |
+
/**
|
27 |
+
* Plugin Settings
|
28 |
+
*
|
29 |
+
* setting_name => default_value
|
30 |
+
*
|
31 |
+
* @var array
|
32 |
+
*/
|
33 |
+
protected $_settings = array(
|
34 |
+
'ssl_host' => '', // Hostname for SSL Host
|
35 |
+
'ssl_port' => '', // Port number for SSL Host
|
36 |
+
'secure_external_urls' => array(), // Secure external URL's
|
37 |
+
'unsecure_external_urls' => array(), // Unsecure external URL's
|
38 |
+
'ssl_host_diff' => 0, // Is SSL Host different than WordPress host
|
39 |
+
'ssl_host_subdomain' => 0, // Is SSL Host a subdomain of WordPress host
|
40 |
+
'exclusive_https' => 0, // Redirect pages that are not secured to HTTP
|
41 |
+
'remove_unsecure' => 0, // Remove unsecure elements from HTML
|
42 |
+
'ssl_admin' => 0, // Force SSL Over Administration Panel (The same as FORCE_SSL_ADMIN)
|
43 |
+
'ssl_proxy' => 0, // Proxy detection
|
44 |
+
'debug' => 0, // Debug Mode
|
45 |
+
'admin_menu' => 'side', // HTTPS Admin Menu location
|
46 |
+
'secure_filter' => array(), // Expressions to secure URL's against
|
47 |
+
'ssl_host_mapping' => array(), // External SSL Hosts whose HTTPS content is on another domain
|
48 |
+
);
|
49 |
+
|
50 |
+
/**
|
51 |
+
* Default External SSL Host Mapping
|
52 |
+
* @var array
|
53 |
+
*/
|
54 |
+
public static $ssl_host_mapping = array(
|
55 |
+
'w.sharethis.com' => 'ws.sharethis.com',
|
56 |
+
'\d.gravatar.com' => 'secure.gravatar.com',
|
57 |
+
);
|
58 |
+
|
59 |
+
/**
|
60 |
+
* Get HTTP Url
|
61 |
+
*
|
62 |
+
* @param none
|
63 |
+
* @return WordPressHTTPS_Url
|
64 |
+
*/
|
65 |
+
public function getHttpUrl() {
|
66 |
+
if ( !isset($this->_http_url) ) {
|
67 |
+
$this->_http_url = WordPressHTTPS_Url::fromString('http://' . parse_url(get_bloginfo('template_url'), PHP_URL_HOST) . parse_url(home_url('/'), PHP_URL_PATH));
|
68 |
+
}
|
69 |
+
return $this->_http_url;
|
70 |
+
}
|
71 |
+
|
72 |
+
/**
|
73 |
+
* Get HTTPS Url
|
74 |
+
*
|
75 |
+
* @param none
|
76 |
+
* @return WordPressHTTPS_Url
|
77 |
+
*/
|
78 |
+
public function getHttpsUrl() {
|
79 |
+
if ( !isset($this->_https_url) ) {
|
80 |
+
$this->_https_url = WordPressHTTPS_Url::fromString('https://' . parse_url(get_bloginfo('template_url'), PHP_URL_HOST) . parse_url(home_url('/'), PHP_URL_PATH));
|
81 |
+
|
82 |
+
// If using a different host for SSL
|
83 |
+
if ( is_string($this->getSetting('ssl_host')) && $this->getSetting('ssl_host') != '' && $this->getSetting('ssl_host') != $this->_https_url->toString() ) {
|
84 |
+
// Assign HTTPS URL to SSL Host
|
85 |
+
$this->setSetting('ssl_host_diff', 1);
|
86 |
+
$ssl_host = rtrim($this->getSetting('ssl_host'), '/') . '/';
|
87 |
+
if ( strpos($ssl_host, 'http://') === false && strpos($ssl_host, 'https://') === false ) {
|
88 |
+
$ssl_host = 'https://' . $ssl_host;
|
89 |
+
}
|
90 |
+
$this->_https_url = WordPressHTTPS_Url::fromString( $ssl_host );
|
91 |
+
} else {
|
92 |
+
$this->setSetting('ssl_host_diff', 0);
|
93 |
+
}
|
94 |
+
|
95 |
+
// Prepend SSL Host path
|
96 |
+
if ( strpos($this->_https_url->getPath(), $this->getHttpUrl()->getPath()) === false ) {
|
97 |
+
$this->_https_url->setPath( $this->_https_url->getPath() . $this->getHttpUrl()->getPath() );
|
98 |
+
}
|
99 |
+
|
100 |
+
// Add SSL Port to HTTPS URL
|
101 |
+
$this->_https_url->setPort($this->getSetting('ssl_port'));
|
102 |
+
}
|
103 |
+
|
104 |
+
return $this->_https_url;
|
105 |
+
}
|
106 |
+
|
107 |
+
/**
|
108 |
+
* Initialize
|
109 |
+
*
|
110 |
+
* @param none
|
111 |
+
* @return void
|
112 |
+
*/
|
113 |
+
public function init() {
|
114 |
+
$this->getLogger()->log('Version: ' . $this->getVersion());
|
115 |
+
$this->getLogger()->log('HTTP URL: ' . $this->getHttpUrl()->toString());
|
116 |
+
$this->getLogger()->log('HTTPS URL: ' . $this->getHttpsUrl()->toString());
|
117 |
+
$this->getLogger()->log('SSL: ' . ( $this->isSsl() ? 'Yes' : 'No' ));
|
118 |
+
$this->getLogger()->log('Diff Host: ' . ( $this->getSetting('ssl_host_diff') ? 'Yes' : 'No' ));
|
119 |
+
$this->getLogger()->log('Subdomain: ' . ( $this->getSetting('ssl_host_subdomain') ? 'Yes' : 'No' ));
|
120 |
+
$this->getLogger()->log('Proxy: ' . ( $this->getSetting('ssl_proxy') === 'auto' ? 'Auto' : ( $this->getSetting('ssl_proxy') ? 'Yes' : 'No' ) ));
|
121 |
+
$this->getLogger()->log('Secure External URLs: [ ' . implode(', ', (array)$this->getSetting('secure_external_urls')) . ' ]');
|
122 |
+
$this->getLogger()->log('Unsecure External URLs: [ ' . implode(', ', (array)$this->getSetting('unsecure_external_urls')) . ' ]');
|
123 |
+
|
124 |
+
parent::init();
|
125 |
+
do_action($this->getSlug() . '_init');
|
126 |
+
}
|
127 |
+
|
128 |
+
/**
|
129 |
+
* Install
|
130 |
+
*
|
131 |
+
* @param none
|
132 |
+
* @return void
|
133 |
+
*/
|
134 |
+
public function install() {
|
135 |
+
global $wpdb;
|
136 |
+
|
137 |
+
if ( is_multisite() && is_network_admin() ) {
|
138 |
+
$blogs = $wpdb->get_col($wpdb->prepare("SELECT blog_id FROM " . $wpdb->blogs));
|
139 |
+
} else {
|
140 |
+
$blogs = array($wpdb->blogid);
|
141 |
+
}
|
142 |
+
|
143 |
+
foreach ( $blogs as $blog_id ) {
|
144 |
+
// Add Settings
|
145 |
+
foreach ( $this->getSettings() as $option => $value ) {
|
146 |
+
if ( is_multisite() && get_blog_option($blog_id, $option) === false ) {
|
147 |
+
add_blog_option($blog_id, $option, $value);
|
148 |
+
} else if ( get_option($option) === false ) {
|
149 |
+
add_option($option, $value);
|
150 |
+
}
|
151 |
+
}
|
152 |
+
|
153 |
+
// Fix a bug that saved the ssl_host as an object
|
154 |
+
if ( ! is_string($this->getSetting('ssl_host', $blog_id)) ) {
|
155 |
+
$this->setSetting('ssl_host', $this->_settings['ssl_host'], $blog_id);
|
156 |
+
$this->setSetting('ssl_port', $this->_settings['ssl_port'], $blog_id);
|
157 |
+
$this->setSetting('ssl_host_diff', $this->_settings['ssl_host_diff'], $blog_id);
|
158 |
+
$this->setSetting('ssl_host_subdomain', $this->_settings['ssl_host_subdomain'], $blog_id);
|
159 |
+
}
|
160 |
+
|
161 |
+
// If secure front page option exists, create front page filter
|
162 |
+
if ( $this->getSetting('frontpage', $blog_id) ) {
|
163 |
+
$this->setSetting('secure_filter', array_merge($this->getSetting('secure_filter'), array(rtrim(str_replace('http://', '', $this->getHttpUrl()->toString()), '/') . '/$')));
|
164 |
+
$this->setSetting('frontpage', 0, $blog_id);
|
165 |
+
}
|
166 |
+
|
167 |
+
// Reset cache
|
168 |
+
$this->setSetting('secure_external_urls', $this->_settings['secure_external_urls'], $blog_id);
|
169 |
+
$this->setSetting('unsecure_external_urls', $this->_settings['unsecure_external_urls'], $blog_id);
|
170 |
+
|
171 |
+
// Set default domain mapping
|
172 |
+
if ( $this->getSetting('ssl_host_mapping', $blog_id) == array() ) {
|
173 |
+
$this->setSetting('ssl_host_mapping', WordPressHTTPS::$ssl_host_mapping, $blog_id);
|
174 |
+
}
|
175 |
+
}
|
176 |
+
|
177 |
+
// Checks to see if the SSL Host is a subdomain
|
178 |
+
$http_domain = $this->getHttpUrl()->getBaseHost();
|
179 |
+
$https_domain = $this->getHttpsUrl()->getBaseHost();
|
180 |
+
|
181 |
+
if ( $this->getHttpsUrl()->setScheme('http')->toString() != $this->getHttpUrl()->toString() && $http_domain == $https_domain ) {
|
182 |
+
$subdomain = true;
|
183 |
+
} else {
|
184 |
+
$subdomain = false;
|
185 |
+
}
|
186 |
+
foreach ( $blogs as $blog_id ) {
|
187 |
+
$this->setSetting('ssl_host_subdomain', $subdomain, $blog_id);
|
188 |
+
}
|
189 |
+
}
|
190 |
+
|
191 |
+
/**
|
192 |
+
* Is Local URL
|
193 |
+
*
|
194 |
+
* Determines if URL is local or external
|
195 |
+
*
|
196 |
+
* @param string $url
|
197 |
+
* @return boolean
|
198 |
+
*/
|
199 |
+
public function isUrlLocal($url) {
|
200 |
+
if ( ($url_parts = parse_url($url)) && isset($url_parts['host']) && $this->getHttpUrl()->getHost() != $url_parts['host'] && $this->getHttpsUrl()->getHost() != $url_parts['host'] ) {
|
201 |
+
return false;
|
202 |
+
}
|
203 |
+
return true;
|
204 |
+
}
|
205 |
+
|
206 |
+
/**
|
207 |
+
* Replaces HTTP Host with HTTPS Host
|
208 |
+
*
|
209 |
+
* @param string $string
|
210 |
+
* @return string $string
|
211 |
+
*/
|
212 |
+
public function makeUrlHttps( $string ) {
|
213 |
+
if ( (string)$string == '' ) {
|
214 |
+
return false;
|
215 |
+
}
|
216 |
+
|
217 |
+
$url = WordPressHTTPS_Url::fromString( $string );
|
218 |
+
if ( $url ) {
|
219 |
+
if ( $this->isUrlLocal($url) ) {
|
220 |
+
$has_host = ( $this->getHttpUrl()->getHost() == $this->getHttpsUrl()->getHost() ) || strpos($url, $this->getHttpsUrl()->getHost()) !== false;
|
221 |
+
$has_path = ( $this->getHttpUrl()->getPath() == $this->getHttpsUrl()->getPath() ) || strpos($url, $this->getHttpsUrl()->getPath()) !== false;
|
222 |
+
$has_port = ( (int)$this->getHttpsUrl()->getPort() > 0 ? strpos($url, ':' . $this->getHttpsUrl()->getPort()) !== false : true );
|
223 |
+
if ( $url->getScheme() == 'http' || !$has_host || !$has_path || !$has_port ) {
|
224 |
+
$updated = clone $url;
|
225 |
+
$updated->setScheme('https');
|
226 |
+
$updated->setHost($this->getHttpsUrl()->getHost());
|
227 |
+
$updated->setPort($this->getHttpsUrl()->getPort());
|
228 |
+
if ( $this->getSetting('ssl_host_diff') && strpos($updated->getPath(), $this->getHttpsUrl()->getPath()) === false ) {
|
229 |
+
if ( $this->getHttpUrl()->getPath() == '/' ) {
|
230 |
+
$updated->setPath(rtrim($this->getHttpsUrl()->getPath(), '/') . $updated->getPath());
|
231 |
+
} else if ( strpos($updated->getPath(), $this->getHttpUrl()->getPath()) !== false ) {
|
232 |
+
$updated->setPath(str_replace($this->getHttpUrl()->getPath(), $this->getHttpsUrl()->getPath(), $updated->getPath()));
|
233 |
+
} else if ( strpos($updated->getPath(), rtrim($this->getHttpUrl()->getPath(), '/')) !== false ) {
|
234 |
+
$updated->setPath(str_replace(rtrim($this->getHttpUrl()->getPath(), '/'), $this->getHttpsUrl()->getPath(), $updated->getPath()));
|
235 |
+
}
|
236 |
+
}
|
237 |
+
if ( ( ( $this->isSsl() && !$this->getSetting('exclusive_https') ) || $this->getSetting('ssl_admin') ) && strpos($url, 'wp-admin') !== false && preg_match('/redirect_to=([^&]+)/i', $updated->toString(), $redirect) && isset($redirect[1]) ) {
|
238 |
+
$redirect_url = $redirect[1];
|
239 |
+
$updated = str_replace($redirect_url, urlencode($this->makeUrlHttps(urldecode($redirect_url))), $updated->toString());
|
240 |
+
}
|
241 |
+
$string = str_replace($url, $updated, $string);
|
242 |
+
}
|
243 |
+
} else {
|
244 |
+
$updated = clone $url;
|
245 |
+
$updated = WordPressHTTPS_Url::fromString( apply_filters('https_external_url', $updated->toString()) );
|
246 |
+
if ( @in_array($updated->toString(), $this->getSetting('secure_external_urls')) == false && @in_array($updated->toString(), $this->getSetting('unsecure_external_urls')) == false ) {
|
247 |
+
$test = clone $updated;
|
248 |
+
$test->setScheme('https');
|
249 |
+
if ( $test->isValid() ) {
|
250 |
+
// Cache this URL as available over HTTPS for future reference
|
251 |
+
$this->addSecureExternalUrl($updated->toString());
|
252 |
+
$updated->setScheme('https');
|
253 |
+
} else {
|
254 |
+
// If not available over HTTPS, mark as an unsecure external URL
|
255 |
+
$this->addUnsecureExternalUrl($updated->toString());
|
256 |
+
}
|
257 |
+
} else if ( in_array($updated->toString(), $this->getSetting('secure_external_urls')) ) {
|
258 |
+
$updated->setScheme('https');
|
259 |
+
}
|
260 |
+
if ( $url->toString() != $updated->toString() ) {
|
261 |
+
$string = str_replace($url, $updated, $string);
|
262 |
+
}
|
263 |
+
}
|
264 |
+
unset($test);
|
265 |
+
unset($updated);
|
266 |
+
unset($url);
|
267 |
+
}
|
268 |
+
return $string;
|
269 |
+
}
|
270 |
+
|
271 |
+
/**
|
272 |
+
* Replaces HTTPS Host with HTTP Host
|
273 |
+
*
|
274 |
+
* @param string $string
|
275 |
+
* @return string $string
|
276 |
+
*/
|
277 |
+
public function makeUrlHttp( $string ) {
|
278 |
+
if ( (string)$string == '' ) {
|
279 |
+
return false;
|
280 |
+
}
|
281 |
+
|
282 |
+
$url = WordPressHTTPS_Url::fromString( $string );
|
283 |
+
if ( $url ) {
|
284 |
+
if ( $this->isUrlLocal($url) ) {
|
285 |
+
if ( $url->getScheme() == 'https' ) {
|
286 |
+
$updated = clone $url;
|
287 |
+
$updated->setScheme('http');
|
288 |
+
$updated->setHost($this->getHttpUrl()->getHost());
|
289 |
+
$updated->setPort($this->getHttpUrl()->getPort());
|
290 |
+
if ( $this->getSetting('ssl_host_diff') && strpos($updated->getPath(), $this->getHttpsUrl()->getPath()) !== false ) {
|
291 |
+
$updated->setPath(str_replace($this->getHttpsUrl()->getPath(), $this->getHttpUrl()->getPath(), $updated->getPath()));
|
292 |
+
}
|
293 |
+
if ( strpos($url, 'wp-admin') !== false && preg_match('/redirect_to=([^&]+)/i', $url, $redirect) && isset($redirect[1]) ) {
|
294 |
+
$redirect_url = $redirect[1];
|
295 |
+
$url = str_replace($redirect_url, urlencode($this->makeUrlHttp(urldecode($redirect_url))), $url);
|
296 |
+
}
|
297 |
+
$string = str_replace($url, $updated, $string);
|
298 |
+
}
|
299 |
+
} else {
|
300 |
+
$updated = apply_filters('http_external_url', str_replace('https://', 'http://', $url));
|
301 |
+
$string = str_replace($url, $updated, $string);
|
302 |
+
}
|
303 |
+
}
|
304 |
+
unset($updated);
|
305 |
+
unset($url);
|
306 |
+
return $string;
|
307 |
+
}
|
308 |
+
|
309 |
+
/**
|
310 |
+
* Add Secure External URL
|
311 |
+
*
|
312 |
+
* @param string $value
|
313 |
+
* @return $this
|
314 |
+
*/
|
315 |
+
public function addSecureExternalUrl( $value ) {
|
316 |
+
if ( trim($value) == '' ) {
|
317 |
+
return $this;
|
318 |
+
}
|
319 |
+
|
320 |
+
$secure_external_urls = (array) $this->getSetting('secure_external_urls');
|
321 |
+
array_push($secure_external_urls, (string) $value);
|
322 |
+
$this->setSetting('secure_external_urls', $secure_external_urls);
|
323 |
+
|
324 |
+
return $this;
|
325 |
+
}
|
326 |
+
|
327 |
+
/**
|
328 |
+
* Add Unsecure External URL
|
329 |
+
*
|
330 |
+
* @param string $value
|
331 |
+
* @return $this
|
332 |
+
*/
|
333 |
+
public function addUnsecureExternalUrl( $value ) {
|
334 |
+
if ( trim($value) == '' ) {
|
335 |
+
return $this;
|
336 |
+
}
|
337 |
+
|
338 |
+
$unsecure_external_urls = (array) $this->getSetting('unsecure_external_urls');
|
339 |
+
array_push($unsecure_external_urls, (string) $value);
|
340 |
+
$this->setSetting('unsecure_external_urls', $unsecure_external_urls);
|
341 |
+
|
342 |
+
return $this;
|
343 |
+
}
|
344 |
+
|
345 |
+
/**
|
346 |
+
* Checks if the current page is SSL
|
347 |
+
*
|
348 |
+
* @param none
|
349 |
+
* @return bool
|
350 |
+
*/
|
351 |
+
public function isSsl() {
|
352 |
+
// Some extra checks for Shared SSL
|
353 |
+
if ( is_ssl() && strpos($_SERVER['HTTP_HOST'], $this->getHttpsUrl()->getHost()) === false && $_SERVER['SERVER_ADDR'] != $_SERVER['HTTP_HOST'] ) {
|
354 |
+
return false;
|
355 |
+
} else if ( isset($_SERVER['HTTP_CF_VISITOR']) && strpos($_SERVER['HTTP_CF_VISITOR'], 'https') ) {
|
356 |
+
return true;
|
357 |
+
} else if ( isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https' ) {
|
358 |
+
return true;
|
359 |
+
} else if ( $this->getSetting('ssl_host_diff') && !is_ssl() && isset($_SERVER['HTTP_X_FORWARDED_SERVER']) && $this->getHttpsUrl()->getHost() == $_SERVER['HTTP_X_FORWARDED_SERVER'] ) {
|
360 |
+
return true;
|
361 |
+
} else if ( $this->getSetting('ssl_host_diff') && !is_ssl() && $this->getHttpsUrl()->getHost() == $_SERVER['HTTP_HOST'] && ( $this->getHttpsUrl()->getPort() <= 0 || $_SERVER['SERVER_PORT'] == $this->getHttpsUrl()->getPort() ) && strpos($_SERVER['REQUEST_URI'], $this->getHttpsUrl()->getPath()) !== false ) {
|
362 |
+
return true;
|
363 |
+
}
|
364 |
+
return is_ssl();
|
365 |
+
}
|
366 |
+
|
367 |
+
/**
|
368 |
+
* Maintained for backwards compatibility.
|
369 |
+
*
|
370 |
+
* @param none
|
371 |
+
* @return bool
|
372 |
+
*/
|
373 |
+
public function is_ssl() {
|
374 |
+
return $this->isSsl();
|
375 |
+
}
|
376 |
+
|
377 |
+
/**
|
378 |
+
* Redirects page to HTTP or HTTPS accordingly
|
379 |
+
*
|
380 |
+
* @param string $scheme Either http or https
|
381 |
+
* @return void
|
382 |
+
*/
|
383 |
+
public function redirect( $scheme = 'https' ) {
|
384 |
+
$current_path = ( isset($_SERVER['REDIRECT_URL']) ? $_SERVER['REDIRECT_URL'] : $_SERVER['REQUEST_URI'] );
|
385 |
+
if ( strpos($_SERVER['REQUEST_URI'], '?') !== false && isset($_SERVER['REDIRECT_URL']) && strpos($_SERVER['REDIRECT_URL'], '?') === false ) {
|
386 |
+
$current_path .= substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], '?'));
|
387 |
+
}
|
388 |
+
|
389 |
+
$current_url = ( $this->isSsl() ? 'https' : 'http' ) . '://' . ( isset($_SERVER['HTTP_X_FORWARDED_SERVER']) ? $_SERVER['HTTP_X_FORWARDED_SERVER'] : $_SERVER['HTTP_HOST'] ) . $current_path;
|
390 |
+
if ( $scheme == 'https' ) {
|
391 |
+
$url = $this->makeUrlHttps($current_url);
|
392 |
} else {
|
393 |
+
$url = $this->makeUrlHttp($current_url);
|
394 |
}
|
395 |
+
|
396 |
+
if ( $current_url != $url ) {
|
397 |
+
// Use a cookie to detect redirect loops
|
398 |
+
$redirect_count = ( isset($_COOKIE['redirect_count']) && is_numeric($_COOKIE['redirect_count']) ? (int)$_COOKIE['redirect_count']+1 : 1 );
|
399 |
+
setcookie('redirect_count', $redirect_count, 0, '/');
|
400 |
+
// If redirect count is greater than 2, prevent redirect and log the redirect loop
|
401 |
+
if ( $redirect_count > 2 ) {
|
402 |
+
setcookie('redirect_count', null, -time(), '/');
|
403 |
+
$this->getLogger()->log('[ERROR] Redirect Loop!');
|
404 |
+
return;
|
405 |
+
}
|
406 |
+
|
407 |
+
// Redirect
|
408 |
+
if ( function_exists('wp_redirect') ) {
|
409 |
+
wp_redirect($url, 301);
|
410 |
+
} else {
|
411 |
+
// End all output buffering and redirect
|
412 |
+
while(@ob_end_clean());
|
413 |
+
header("Location: " . $url, true, 301);
|
414 |
+
}
|
415 |
+
exit();
|
416 |
+
}
|
417 |
+
}
|
418 |
+
|
419 |
+
/**
|
420 |
+
* Get relevent files and directories within WordPress
|
421 |
+
*
|
422 |
+
* @param none
|
423 |
+
* @return void
|
424 |
+
*/
|
425 |
+
public function getDirectories() {
|
426 |
+
$directories = array();
|
427 |
+
$scannedDirectories = array();
|
428 |
+
$directories[] = get_theme_root() . '/' . get_template();
|
429 |
+
|
430 |
+
foreach( $directories as $directory ) {
|
431 |
+
$scannedDirectories[$directory]['name'] = $directory;
|
432 |
+
if ( is_readable($directory) && ($files = scandir($directory)) ) {
|
433 |
+
$scannedDirectories[$directory]['files'] = $files;
|
434 |
+
unset($files);
|
435 |
+
} else {
|
436 |
+
$scannedDirectories[$directory]['error'] = "Unable to read directory.";
|
437 |
+
}
|
438 |
+
}
|
439 |
+
return $scannedDirectories;
|
440 |
+
}
|
441 |
+
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
442 |
}
|
lib/WordPressHTTPS/Logger.php
CHANGED
@@ -7,8 +7,6 @@
|
|
7 |
*
|
8 |
*/
|
9 |
|
10 |
-
require_once('Mvied/Logger/Interface.php');
|
11 |
-
|
12 |
class WordPressHTTPS_Logger implements Mvied_Logger_Interface {
|
13 |
|
14 |
/**
|
7 |
*
|
8 |
*/
|
9 |
|
|
|
|
|
10 |
class WordPressHTTPS_Logger implements Mvied_Logger_Interface {
|
11 |
|
12 |
/**
|
lib/WordPressHTTPS/Module/Admin.php
CHANGED
@@ -9,7 +9,7 @@
|
|
9 |
*
|
10 |
*/
|
11 |
|
12 |
-
class WordPressHTTPS_Module_Admin extends Mvied_Plugin_Module
|
13 |
|
14 |
/**
|
15 |
* Initialize Module
|
@@ -18,17 +18,13 @@ class WordPressHTTPS_Module_Admin extends Mvied_Plugin_Module implements Mvied_P
|
|
18 |
* @return void
|
19 |
*/
|
20 |
public function init() {
|
21 |
-
// Add admin menus
|
22 |
-
add_action('admin_menu', array(&$this, 'menu'));
|
23 |
-
|
24 |
// Load on plugins page
|
25 |
-
if ( $GLOBALS['pagenow'] == 'plugins.php' ) {
|
26 |
add_filter( 'plugin_row_meta', array(&$this, 'plugin_links'), 10, 2);
|
27 |
}
|
28 |
|
29 |
// Add global admin scripts
|
30 |
add_action('admin_enqueue_scripts', array(&$this, 'admin_enqueue_scripts'));
|
31 |
-
|
32 |
}
|
33 |
|
34 |
/**
|
@@ -39,22 +35,7 @@ class WordPressHTTPS_Module_Admin extends Mvied_Plugin_Module implements Mvied_P
|
|
39 |
* @return void
|
40 |
*/
|
41 |
public function admin_enqueue_scripts() {
|
42 |
-
wp_enqueue_style($this->getPlugin()->getSlug() . '-admin-global', $this->getPlugin()->getPluginUrl() . '/admin/css/admin.css', $this->getPlugin()->getVersion()
|
43 |
-
}
|
44 |
-
|
45 |
-
/**
|
46 |
-
* Admin panel menu option
|
47 |
-
* WordPress Hook - admin_menu
|
48 |
-
*
|
49 |
-
* @param none
|
50 |
-
* @return void
|
51 |
-
*/
|
52 |
-
public function menu() {
|
53 |
-
if ( $this->getPlugin()->getSetting('admin_menu') === 'side' ) {
|
54 |
-
add_menu_page('HTTPS', 'HTTPS', 'manage_options', $this->getPlugin()->getSlug(), array($this->getPlugin()->getModule('Admin\Settings'), 'dispatch'), '', 88);
|
55 |
-
} else {
|
56 |
-
add_options_page('HTTPS', 'HTTPS', 'manage_options', $this->getPlugin()->getSlug(), array($this->getPlugin()->getModule('Admin\Settings'), 'dispatch'));
|
57 |
-
}
|
58 |
}
|
59 |
|
60 |
/**
|
@@ -66,7 +47,7 @@ class WordPressHTTPS_Module_Admin extends Mvied_Plugin_Module implements Mvied_P
|
|
66 |
*/
|
67 |
public function meta_box_render( $module, $metabox = array() ) {
|
68 |
if ( isset($metabox['args']['metabox']) ) {
|
69 |
-
include('admin/templates/metabox/' . $metabox['args']['metabox'] . '.php');
|
70 |
}
|
71 |
}
|
72 |
|
9 |
*
|
10 |
*/
|
11 |
|
12 |
+
class WordPressHTTPS_Module_Admin extends Mvied_Plugin_Module {
|
13 |
|
14 |
/**
|
15 |
* Initialize Module
|
18 |
* @return void
|
19 |
*/
|
20 |
public function init() {
|
|
|
|
|
|
|
21 |
// Load on plugins page
|
22 |
+
if ( isset($GLOBALS['pagenow']) && $GLOBALS['pagenow'] == 'plugins.php' ) {
|
23 |
add_filter( 'plugin_row_meta', array(&$this, 'plugin_links'), 10, 2);
|
24 |
}
|
25 |
|
26 |
// Add global admin scripts
|
27 |
add_action('admin_enqueue_scripts', array(&$this, 'admin_enqueue_scripts'));
|
|
|
28 |
}
|
29 |
|
30 |
/**
|
35 |
* @return void
|
36 |
*/
|
37 |
public function admin_enqueue_scripts() {
|
38 |
+
wp_enqueue_style($this->getPlugin()->getSlug() . '-admin-global', $this->getPlugin()->getPluginUrl() . '/admin/css/admin.css', array(), $this->getPlugin()->getVersion());
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
39 |
}
|
40 |
|
41 |
/**
|
47 |
*/
|
48 |
public function meta_box_render( $module, $metabox = array() ) {
|
49 |
if ( isset($metabox['args']['metabox']) ) {
|
50 |
+
include($this->getPlugin()->getDirectory() . '/admin/templates/metabox/' . $metabox['args']['metabox'] . '.php');
|
51 |
}
|
52 |
}
|
53 |
|
lib/WordPressHTTPS/Module/Core.php
ADDED
@@ -0,0 +1,634 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* Core Module
|
4 |
+
*
|
5 |
+
* @author Mike Ems
|
6 |
+
* @package WordPressHTTPS
|
7 |
+
*
|
8 |
+
*/
|
9 |
+
|
10 |
+
class WordPressHTTPS_Module_Core extends Mvied_Plugin_Module {
|
11 |
+
|
12 |
+
/**
|
13 |
+
* Initialize
|
14 |
+
*
|
15 |
+
* @param none
|
16 |
+
* @return void
|
17 |
+
*/
|
18 |
+
public function init() {
|
19 |
+
if ( $this->getPlugin()->getSetting('ssl_host_diff') && $this->getPlugin()->isSsl() ) {
|
20 |
+
// Prevent WordPress' canonical redirect when using a different SSL Host
|
21 |
+
remove_filter('template_redirect', 'redirect_canonical');
|
22 |
+
// Add SSL Host path to rewrite rules
|
23 |
+
add_filter('rewrite_rules_array', array(&$this, 'rewrite_rules'), 10, 1);
|
24 |
+
}
|
25 |
+
|
26 |
+
// Add SSL Host to allowed redirect hosts
|
27 |
+
add_filter('allowed_redirect_hosts' , array(&$this, 'allowed_redirect_hosts'), 10, 1);
|
28 |
+
|
29 |
+
// Filter URL's
|
30 |
+
add_filter('bloginfo_url', array(&$this, 'secure_url'), 10);
|
31 |
+
add_filter('logout_url', array(&$this, 'secure_url'), 10);
|
32 |
+
add_filter('login_url', array(&$this, 'secure_url'), 10);
|
33 |
+
add_filter('network_admin_url', array(&$this, 'secure_url'), 10);
|
34 |
+
add_filter('admin_url', array(&$this, 'secure_url'), 10);
|
35 |
+
|
36 |
+
// Filter Element URL's
|
37 |
+
add_filter('get_avatar', array(&$this, 'element_url'), 10);
|
38 |
+
add_filter('wp_get_attachment_url', array(&$this, 'element_url'), 10);
|
39 |
+
add_filter('template_directory_uri', array(&$this, 'element_url'), 10);
|
40 |
+
add_filter('stylesheet_directory_uri', array(&$this, 'element_url'), 10);
|
41 |
+
add_filter('plugins_url', array(&$this, 'element_url'), 10);
|
42 |
+
add_filter('includes_url', array(&$this, 'element_url'), 10);
|
43 |
+
|
44 |
+
// Filter site_url
|
45 |
+
add_filter('site_url', array(&$this, 'site_url'), 10, 4);
|
46 |
+
|
47 |
+
// Filter force_ssl
|
48 |
+
add_filter('force_ssl', array(&$this, 'secure_wordpress_forms'), 20, 3);
|
49 |
+
add_filter('force_ssl', array(&$this, 'secure_different_host_admin'), 20, 3);
|
50 |
+
add_filter('force_ssl', array(&$this, 'secure_child_post'), 30, 3);
|
51 |
+
add_filter('force_ssl', array(&$this, 'secure_admin'), 30, 3);
|
52 |
+
add_filter('force_ssl', array(&$this, 'secure_login'), 30, 3);
|
53 |
+
add_filter('force_ssl', array(&$this, 'secure_post'), 40, 3);
|
54 |
+
add_filter('force_ssl', array(&$this, 'secure_exclusive'), 50, 3);
|
55 |
+
|
56 |
+
$filters = array('page_link', 'preview_page_link', 'post_link', 'preview_page_link', 'post_type_link', 'attachment_link', 'day_link', 'month_link', 'year_link', 'comment_reply_link', 'category_link', 'author_link', 'archives_link', 'tag_link', 'search_link');
|
57 |
+
foreach( $filters as $filter ) {
|
58 |
+
add_filter($filter, array(&$this, 'secure_post_link'), 10);
|
59 |
+
}
|
60 |
+
|
61 |
+
if ( $this->getPlugin()->getSetting('ssl_host_diff') ) {
|
62 |
+
// Remove SSL Host authentication cookies on logout
|
63 |
+
add_action('clear_auth_cookie', array(&$this, 'clear_cookies'));
|
64 |
+
|
65 |
+
// Set authentication cookie
|
66 |
+
if ( $this->getPlugin()->isSsl() ) {
|
67 |
+
add_action('set_auth_cookie', array(&$this, 'set_cookie'), 10, 5);
|
68 |
+
add_action('set_logged_in_cookie', array(&$this, 'set_cookie'), 10, 5);
|
69 |
+
}
|
70 |
+
}
|
71 |
+
|
72 |
+
// Filter scripts
|
73 |
+
add_action('wp_print_scripts', array(&$this, 'fix_scripts'), 100, 0);
|
74 |
+
add_action('admin_print_scripts', array(&$this, 'fix_scripts'), 100, 0);
|
75 |
+
|
76 |
+
// Filter styles
|
77 |
+
add_action('wp_print_styles', array(&$this, 'fix_styles'), 100, 0);
|
78 |
+
add_action('admin_print_styles', array(&$this, 'fix_styles'), 100, 0);
|
79 |
+
|
80 |
+
// Run proxy check
|
81 |
+
if ( $this->getPlugin()->getSetting('ssl_proxy') === 'auto' ) {
|
82 |
+
// If page is not SSL and no proxy cookie is detected, run proxy check
|
83 |
+
if ( ! $this->getPlugin()->isSsl() && ! isset($_COOKIE['wp_proxy']) ) {
|
84 |
+
add_action('init', array(&$this, 'proxy_check'), 1);
|
85 |
+
add_action('admin_init', array(&$this, 'proxy_check'), 1);
|
86 |
+
// Update ssl_proxy setting if a proxy has been detected
|
87 |
+
} else if ( $this->getPlugin()->getSetting('ssl_proxy') !== true && isset($_COOKIE['wp_proxy']) && $_COOKIE['wp_proxy'] == 1 ) {
|
88 |
+
$this->getPlugin()->setSetting('ssl_proxy', 1);
|
89 |
+
// Update ssl_proxy if proxy is no longer detected
|
90 |
+
} else if ( $this->getPlugin()->getSetting('ssl_proxy') !== false && isset($_COOKIE['wp_proxy']) && $_COOKIE['wp_proxy'] != 1 ) {
|
91 |
+
$this->getPlugin()->setSetting('ssl_proxy', 0);
|
92 |
+
}
|
93 |
+
}
|
94 |
+
|
95 |
+
// Check if the page needs to be redirected
|
96 |
+
if ( is_admin() || ( isset($GLOBALS['pagenow']) && preg_match('/wp-login\.php/', $GLOBALS['pagenow']) === 1 ) ) {
|
97 |
+
add_action($this->getPlugin()->getSlug() . '_init', array(&$this, 'redirect_check'));
|
98 |
+
add_action($this->getPlugin()->getSlug() . '_init', array(&$this, 'clear_redirect_count_cookie'), 9, 1);
|
99 |
+
} else {
|
100 |
+
add_action('template_redirect', array(&$this, 'redirect_check'));
|
101 |
+
add_action('template_redirect', array(&$this, 'clear_redirect_count_cookie'), 9, 1);
|
102 |
+
}
|
103 |
+
}
|
104 |
+
|
105 |
+
/**
|
106 |
+
* Allowed Redirect Hosts
|
107 |
+
* WordPress Filter - aloowed_redirect_hosts
|
108 |
+
*
|
109 |
+
* @param array $content
|
110 |
+
* @return array $content
|
111 |
+
*/
|
112 |
+
public function allowed_redirect_hosts( $content ) {
|
113 |
+
$content[] = $this->getPlugin()->getHttpsUrl()->getHost();
|
114 |
+
return $content;
|
115 |
+
}
|
116 |
+
|
117 |
+
/**
|
118 |
+
* Secure URL
|
119 |
+
*
|
120 |
+
* @param string $url
|
121 |
+
* @return string $url
|
122 |
+
*/
|
123 |
+
public function secure_url( $url = '' ) {
|
124 |
+
$force_ssl = apply_filters('force_ssl', null, 0, $url);
|
125 |
+
if ( $force_ssl ) {
|
126 |
+
$url = $this->getPlugin()->makeUrlHttps($url);
|
127 |
+
} else if ( !is_null($force_ssl) && !$force_ssl ) {
|
128 |
+
$url = $this->getPlugin()->makeUrlHttp($url);
|
129 |
+
}
|
130 |
+
return $url;
|
131 |
+
}
|
132 |
+
|
133 |
+
/**
|
134 |
+
* Secure Element URL
|
135 |
+
*
|
136 |
+
* @param string $url
|
137 |
+
* @return string $url
|
138 |
+
*/
|
139 |
+
public function element_url( $url = '' ) {
|
140 |
+
$force_ssl = apply_filters('force_ssl', null, 0, $url);
|
141 |
+
if ( $this->getPlugin()->isSsl() || $force_ssl ) {
|
142 |
+
$url = $this->getPlugin()->makeUrlHttps($url);
|
143 |
+
} else if ( !is_null($force_ssl) && !$force_ssl ) {
|
144 |
+
$url = $this->getPlugin()->makeUrlHttp($url);
|
145 |
+
}
|
146 |
+
return $url;
|
147 |
+
}
|
148 |
+
|
149 |
+
/**
|
150 |
+
* Add rewrite rule to recognize additional path information on SSL Host
|
151 |
+
*
|
152 |
+
* @param array $rules
|
153 |
+
* @return array $rules
|
154 |
+
*/
|
155 |
+
public function rewrite_rules( $rules = array() ) {
|
156 |
+
$requestPath = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), '', $_SERVER['REQUEST_URI']);
|
157 |
+
if ( $this->getPlugin()->getHttpUrl()->getPath() != '/' ) {
|
158 |
+
$httpsPath = str_replace($this->getPlugin()->getHttpUrl()->getPath(), '', $this->getPlugin()->getHttpsUrl()->getPath());
|
159 |
+
} else {
|
160 |
+
$httpsPath = $this->getPlugin()->getHttpsUrl()->getPath();
|
161 |
+
}
|
162 |
+
if ( $httpsPath != '/' ) {
|
163 |
+
$rules['^' . $httpsPath . '([^\'"]+)'] = 'index.php?pagename=$matches[1]';
|
164 |
+
}
|
165 |
+
return $rules;
|
166 |
+
}
|
167 |
+
|
168 |
+
/**
|
169 |
+
* Site URL
|
170 |
+
* WordPress Filter - site_url
|
171 |
+
*
|
172 |
+
* @param string $url
|
173 |
+
* @param string $path
|
174 |
+
* @param string $scheme
|
175 |
+
* @param int $blog_id
|
176 |
+
* @return string $url
|
177 |
+
*/
|
178 |
+
public function site_url( $url, $path, $scheme, $blog_id ) {
|
179 |
+
$force_ssl = apply_filters('force_ssl', null, 0, $url);
|
180 |
+
if ( $scheme != 'http' && $force_ssl ) {
|
181 |
+
$url = $this->getPlugin()->makeUrlHttps($url);
|
182 |
+
} else if ( !is_null($force_ssl) && !$force_ssl ) {
|
183 |
+
$url = $this->getPlugin()->makeUrlHttp($url);
|
184 |
+
}
|
185 |
+
return $url;
|
186 |
+
}
|
187 |
+
|
188 |
+
/**
|
189 |
+
* Secure Post Link
|
190 |
+
*
|
191 |
+
* @param string $url
|
192 |
+
* @return string $url
|
193 |
+
*/
|
194 |
+
public function secure_post_link( $url ) {
|
195 |
+
$force_ssl = apply_filters('force_ssl', null, 0, $url);
|
196 |
+
if ( $force_ssl ) {
|
197 |
+
$url = $this->getPlugin()->makeUrlHttps($url);
|
198 |
+
} else if ( !is_null($force_ssl) && !$force_ssl ) {
|
199 |
+
$url = $this->getPlugin()->makeUrlHttp($url);
|
200 |
+
}
|
201 |
+
return $url;
|
202 |
+
}
|
203 |
+
|
204 |
+
/**
|
205 |
+
* Secure Admin
|
206 |
+
* WordPress HTTPS Filter - force_ssl
|
207 |
+
*
|
208 |
+
* @param boolean $force_ssl
|
209 |
+
* @param int $post_id
|
210 |
+
* @param string $url
|
211 |
+
* @return boolean $force_ssl
|
212 |
+
*/
|
213 |
+
public function secure_admin( $force_ssl, $post_id = 0, $url = '' ) {
|
214 |
+
if ( $url != '' && $this->getPlugin()->isUrlLocal($url) && ( strpos($url, 'wp-admin') !== false || strpos($url, 'wp-login') !== false ) ) {
|
215 |
+
if ( $this->getPlugin()->getSetting('exclusive_https') && !$this->getPlugin()->getSetting('ssl_admin') ) {
|
216 |
+
$force_ssl = false;
|
217 |
+
//TODO When logged in to HTTP and visiting an HTTPS page, admin links will always be forced to HTTPS, even if the user is not logged in via HTTPS. I need to find a way to detect this.
|
218 |
+
} else if ( ( ( $this->getPlugin()->isSsl() && !$this->getPlugin()->getSetting('exclusive_https') ) || $this->getPlugin()->getSetting('ssl_admin') ) ) {
|
219 |
+
$force_ssl = true;
|
220 |
+
}
|
221 |
+
}
|
222 |
+
return $force_ssl;
|
223 |
+
}
|
224 |
+
|
225 |
+
/**
|
226 |
+
* Secure Login
|
227 |
+
* WordPress HTTPS Filter - force_ssl
|
228 |
+
*
|
229 |
+
* @param boolean $force_ssl
|
230 |
+
* @param int $post_id
|
231 |
+
* @param string $url
|
232 |
+
* @return boolean $force_ssl
|
233 |
+
*/
|
234 |
+
public function secure_login( $force_ssl, $post_id = 0, $url = '' ) {
|
235 |
+
if ( $url != '' && $this->getPlugin()->isUrlLocal($url) ) {
|
236 |
+
if ( force_ssl_login() && preg_match('/wp-login\.php$/', $url) === 1 ) {
|
237 |
+
$force_ssl = true;
|
238 |
+
}
|
239 |
+
}
|
240 |
+
return $force_ssl;
|
241 |
+
}
|
242 |
+
|
243 |
+
/**
|
244 |
+
* Secure Post
|
245 |
+
* WordPress HTTPS Filter - force_ssl
|
246 |
+
*
|
247 |
+
* @param boolean $force_ssl
|
248 |
+
* @param int $post_id
|
249 |
+
* @param string $url
|
250 |
+
* @return boolean $force_ssl
|
251 |
+
*/
|
252 |
+
public function secure_post( $force_ssl, $post_id = 0, $url = '' ) {
|
253 |
+
global $wpdb;
|
254 |
+
|
255 |
+
if ( $url != '' && ($url_parts = parse_url($url)) ) {
|
256 |
+
if ( $this->getPlugin()->isUrlLocal($url) ) {
|
257 |
+
if ( $this->getPlugin()->getHttpsUrl()->getPath() != '/' ) {
|
258 |
+
if ( $this->getPlugin()->getSetting('ssl_host_diff') ) {
|
259 |
+
$url_parts['path'] = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), '', $url_parts['path']);
|
260 |
+
}
|
261 |
+
if ( $this->getPlugin()->getHttpUrl()->getPath() != '/' ) {
|
262 |
+
$url_parts['path'] = str_replace($this->getPlugin()->getHttpUrl()->getPath(), '', $url_parts['path']);
|
263 |
+
}
|
264 |
+
}
|
265 |
+
|
266 |
+
// qTranslate integration - strips language from beginning of url path
|
267 |
+
if ( defined('QTRANS_INIT') && constant('QTRANS_INIT') == true ) {
|
268 |
+
global $q_config;
|
269 |
+
if ( isset($q_config['enabled_languages']) ) {
|
270 |
+
foreach($q_config['enabled_languages'] as $language) {
|
271 |
+
$url_parts['path'] = preg_replace('/^\/' . $language . '\//', '/', $url_parts['path']);
|
272 |
+
}
|
273 |
+
}
|
274 |
+
}
|
275 |
+
|
276 |
+
if ( isset($post_id) && $post_id > 0 ) {
|
277 |
+
$post = $post_id;
|
278 |
+
} else if ( preg_match("/page_id=([\d]+)/", parse_url($url, PHP_URL_QUERY), $postID) ) {
|
279 |
+
$post = $postID[1];
|
280 |
+
} else if ( isset($url_parts['path']) && ( $url_parts['path'] == '' || $url_parts['path'] == '/' ) ) {
|
281 |
+
if ( get_option('show_on_front') == 'page' ) {
|
282 |
+
$post = get_option('page_on_front');
|
283 |
+
}
|
284 |
+
} else if ( isset($url_parts['path']) && ($post = get_page_by_path($url_parts['path'])) ) {
|
285 |
+
$post = $post->ID;
|
286 |
+
}
|
287 |
+
|
288 |
+
if ( is_multisite() && isset($url_parts['host']) && isset($url_parts['path']) ) {
|
289 |
+
$blog_id = false;
|
290 |
+
$url_path = '/';
|
291 |
+
$url_path_segments = explode('/', $url_parts['path']);
|
292 |
+
if ( sizeof($url_path_segments) > 1 ) {
|
293 |
+
foreach( $url_path_segments as $url_path_segment ) {
|
294 |
+
if ( !$blog_id && $url_path_segment != '' ) {
|
295 |
+
$url_path .= '/' . $url_path_segment . '/';
|
296 |
+
if ( $blog_id = get_blog_id_from_url( $url_parts['host'], $url_path) ) {
|
297 |
+
break;
|
298 |
+
}
|
299 |
+
}
|
300 |
+
}
|
301 |
+
}
|
302 |
+
if ( !$blog_id ) {
|
303 |
+
$blog_id = get_blog_id_from_url( $url_parts['host'], '/');
|
304 |
+
}
|
305 |
+
if ( $blog_id && $blog_id != $wpdb->blogid ) {
|
306 |
+
if ( $this->getPlugin()->getSetting('ssl_admin', $blog_id) && ( ! $this->getPlugin()->getSetting('ssl_host_diff', $blog_id) || ( $this->getPlugin()->getSetting('ssl_host_diff', $blog_id) && function_exists('is_user_logged_in') && is_user_logged_in() ) ) ) {
|
307 |
+
$force_ssl = true;
|
308 |
+
} else {
|
309 |
+
$force_ssl = false;
|
310 |
+
}
|
311 |
+
}
|
312 |
+
}
|
313 |
+
}
|
314 |
+
}
|
315 |
+
if ( isset($post) && (int) $post > 0 ) {
|
316 |
+
$force_ssl = (( get_post_meta($post, 'force_ssl', true) == 1 ) ? true : $force_ssl);
|
317 |
+
}
|
318 |
+
return $force_ssl;
|
319 |
+
}
|
320 |
+
|
321 |
+
/**
|
322 |
+
* Always secure pages when using a different SSL Host.
|
323 |
+
* WordPress HTTPS Filter - force_ssl
|
324 |
+
*
|
325 |
+
* @param boolean $force_ssl
|
326 |
+
* @param int $post_id
|
327 |
+
* @param string $url
|
328 |
+
* @return boolean $force_ssl
|
329 |
+
*/
|
330 |
+
public function secure_exclusive( $force_ssl, $post_id = 0, $url = '' ) {
|
331 |
+
if ( is_null($force_ssl) && $this->getPlugin()->isUrlLocal($url) && $this->getPlugin()->getSetting('exclusive_https') ) {
|
332 |
+
$force_ssl = false;
|
333 |
+
}
|
334 |
+
return $force_ssl;
|
335 |
+
}
|
336 |
+
|
337 |
+
/**
|
338 |
+
* Always secure pages when using a different SSL Host.
|
339 |
+
* WordPress HTTPS Filter - force_ssl
|
340 |
+
*
|
341 |
+
* @param boolean $force_ssl
|
342 |
+
* @param int $post_id
|
343 |
+
* @param string $url
|
344 |
+
* @return boolean $force_ssl
|
345 |
+
*/
|
346 |
+
public function secure_different_host_admin( $force_ssl, $post_id = 0, $url = '' ) {
|
347 |
+
if ( $post_id > 0 || ( $url != '' && $this->getPlugin()->isUrlLocal($url) ) ) {
|
348 |
+
if ( !$this->getPlugin()->getSetting('exclusive_https') && !$this->getPlugin()->getSetting('ssl_host_subdomain') && $this->getPlugin()->getSetting('ssl_host_diff') && $this->getPlugin()->getSetting('ssl_admin') && function_exists('is_user_logged_in') && is_user_logged_in() ) {
|
349 |
+
$force_ssl = true;
|
350 |
+
}
|
351 |
+
}
|
352 |
+
return $force_ssl;
|
353 |
+
}
|
354 |
+
|
355 |
+
/**
|
356 |
+
* Secure WordPress forms
|
357 |
+
* WordPress HTTPS Filter - force_ssl
|
358 |
+
*
|
359 |
+
* @param boolean $force_ssl
|
360 |
+
* @param int $post_id
|
361 |
+
* @param string $url
|
362 |
+
* @return boolean $force_ssl
|
363 |
+
*/
|
364 |
+
public function secure_wordpress_forms( $force_ssl, $post_id = 0, $url = '' ) {
|
365 |
+
if ( $this->getPlugin()->isSsl() && $this->getPlugin()->isUrlLocal($url) && ( strpos($url, 'wp-pass.php') !== false || strpos($url, 'wp-comments-post.php') !== false ) ) {
|
366 |
+
$force_ssl = true;
|
367 |
+
}
|
368 |
+
return $force_ssl;
|
369 |
+
}
|
370 |
+
|
371 |
+
/**
|
372 |
+
* Secure Child Post
|
373 |
+
* WordPress HTTPS Filter - force_ssl
|
374 |
+
*
|
375 |
+
* @param boolean $force_ssl
|
376 |
+
* @param int $post_id
|
377 |
+
* @param string $url
|
378 |
+
* @return boolean $force_ssl
|
379 |
+
*/
|
380 |
+
public function secure_child_post( $force_ssl, $post_id = 0, $url = '' ) {
|
381 |
+
if ( $post_id > 0 ) {
|
382 |
+
$postParent = get_post($post_id);
|
383 |
+
while ( $postParent->post_parent ) {
|
384 |
+
$postParent = get_post( $postParent->post_parent );
|
385 |
+
if ( get_post_meta($postParent->ID, 'force_ssl_children', true) == 1 ) {
|
386 |
+
$force_ssl = true;
|
387 |
+
break;
|
388 |
+
}
|
389 |
+
}
|
390 |
+
}
|
391 |
+
return $force_ssl;
|
392 |
+
}
|
393 |
+
|
394 |
+
/**
|
395 |
+
* Fix Enqueued Scripts
|
396 |
+
*
|
397 |
+
* @param none
|
398 |
+
* @return void
|
399 |
+
*/
|
400 |
+
public function fix_scripts() {
|
401 |
+
global $wp_scripts;
|
402 |
+
if ( isset($wp_scripts) && sizeof($wp_scripts->registered) > 0 ) {
|
403 |
+
foreach ( $wp_scripts->registered as $script ) {
|
404 |
+
if ( in_array($script->handle, $wp_scripts->queue) ) {
|
405 |
+
if ( strpos($script->src, 'http') === 0 ) {
|
406 |
+
if ( $this->getPlugin()->isSsl() ) {
|
407 |
+
$updated = $this->getPlugin()->makeUrlHttps($script->src);
|
408 |
+
$script->src = $updated;
|
409 |
+
} else {
|
410 |
+
$updated = $this->getPlugin()->makeUrlHttp($script->src);
|
411 |
+
$script->src = $updated;
|
412 |
+
}
|
413 |
+
if ( $script->src != $updated ) {
|
414 |
+
$log = '[FIXED] Element: <script> - ' . $url . ' => ' . $updated;
|
415 |
+
if ( ! in_array($log, $this->getPlugin()->getLogger()->getLog()) ) {
|
416 |
+
$this->getPlugin()->getLogger()->log($log);
|
417 |
+
}
|
418 |
+
}
|
419 |
+
}
|
420 |
+
}
|
421 |
+
}
|
422 |
+
}
|
423 |
+
}
|
424 |
+
|
425 |
+
/**
|
426 |
+
* Fix Enqueued Styles
|
427 |
+
*
|
428 |
+
* @param none
|
429 |
+
* @return void
|
430 |
+
*/
|
431 |
+
public function fix_styles() {
|
432 |
+
global $wp_styles;
|
433 |
+
if ( isset($wp_styles) && sizeof($wp_styles->registered) > 0 ) {
|
434 |
+
foreach ( (array)$wp_styles->registered as $style ) {
|
435 |
+
if ( in_array($style->handle, $wp_styles->queue) ) {
|
436 |
+
if ( strpos($style->src, 'http') === 0 ) {
|
437 |
+
if ( $this->getPlugin()->isSsl() ) {
|
438 |
+
$updated = $this->getPlugin()->makeUrlHttps($style->src);
|
439 |
+
$style->src = $updated;
|
440 |
+
} else {
|
441 |
+
$updated = $this->getPlugin()->makeUrlHttp($style->src);
|
442 |
+
$style->src = $updated;
|
443 |
+
}
|
444 |
+
if ( $style->src != $updated ) {
|
445 |
+
$log = '[FIXED] Element: <link> - ' . $url . ' => ' . $updated;
|
446 |
+
if ( ! in_array($log, $this->getPlugin()->getLogger()->getLog()) ) {
|
447 |
+
$this->getPlugin()->getLogger()->log($log);
|
448 |
+
}
|
449 |
+
}
|
450 |
+
}
|
451 |
+
}
|
452 |
+
}
|
453 |
+
}
|
454 |
+
}
|
455 |
+
|
456 |
+
/**
|
457 |
+
* Proxy Check
|
458 |
+
*
|
459 |
+
* If the server is on a proxy and not correctly reporting HTTPS, this
|
460 |
+
* JavaScript makes sure that the correct redirect takes place.
|
461 |
+
*
|
462 |
+
* @param none
|
463 |
+
* @return void
|
464 |
+
*/
|
465 |
+
public function proxy_check() {
|
466 |
+
if ( ! is_user_logged_in() ) {
|
467 |
+
return false;
|
468 |
+
}
|
469 |
+
$cookie_expiration = gmdate('D, d-M-Y H:i:s T', strtotime('now + 10 years'));
|
470 |
+
echo '<!-- WordPress HTTPS Proxy Check -->' . "\n";
|
471 |
+
echo '<script type="text/javascript">function getCookie(a){var b=document.cookie;var c=a+"=";var d=b.indexOf("; "+c);if(d==-1){d=b.indexOf(c);if(d!=0)return null}else{d+=2;var e=document.cookie.indexOf(";",d);if(e==-1){e=b.length}}return unescape(b.substring(d+c.length,e))}if(getCookie("wp_proxy")!=true){if(window.location.protocol=="https:"){document.cookie="wp_proxy=1; path=/; expires=' . $cookie_expiration . '"}else if(getCookie("wp_proxy")==null){document.cookie="wp_proxy=0; path=/; expires=' . $cookie_expiration . '"}if(getCookie("wp_proxy")!=null){window.location.reload()}else{document.write("You must enable cookies.")}}</script>' . "\n";
|
472 |
+
echo '<noscript>Your browser does not support JavaScript.</noscript>' . "\n";
|
473 |
+
exit();
|
474 |
+
}
|
475 |
+
|
476 |
+
/**
|
477 |
+
* Redirect Check
|
478 |
+
*
|
479 |
+
* Checks if the current page needs to be redirected
|
480 |
+
*
|
481 |
+
* @param none
|
482 |
+
* @return void
|
483 |
+
*/
|
484 |
+
public function redirect_check() {
|
485 |
+
global $post;
|
486 |
+
|
487 |
+
$force_ssl = apply_filters('force_ssl', null, ( $post ? $post->ID : null ), ( $this->getPlugin()->isSsl() ? 'https' : 'http' ) . '://' . ( isset($_SERVER['HTTP_X_FORWARDED_SERVER']) ? $_SERVER['HTTP_X_FORWARDED_SERVER'] : $_SERVER['HTTP_HOST'] ) . $_SERVER['REQUEST_URI'] );
|
488 |
+
|
489 |
+
if ( ! $this->getPlugin()->isSsl() && isset($force_ssl) && $force_ssl ) {
|
490 |
+
$scheme = 'https';
|
491 |
+
} else if ( $this->getPlugin()->isSsl() && isset($force_ssl) && ! $force_ssl ) {
|
492 |
+
$scheme = 'http';
|
493 |
+
}
|
494 |
+
|
495 |
+
if ( isset($scheme) ) {
|
496 |
+
$this->getPlugin()->redirect($scheme);
|
497 |
+
}
|
498 |
+
}
|
499 |
+
|
500 |
+
/**
|
501 |
+
* Set Cookie
|
502 |
+
* WordPress Hook - set_auth_cookie, set_logged_in_cookie
|
503 |
+
*
|
504 |
+
* @param string $cookie
|
505 |
+
* @param string $expire
|
506 |
+
* @param int $expiration
|
507 |
+
* @param int $user_id
|
508 |
+
* @param string $scheme
|
509 |
+
* @return void
|
510 |
+
*/
|
511 |
+
public function set_cookie($cookie, $expire, $expiration, $user_id, $scheme) {
|
512 |
+
if ( ( $scheme == 'secure_auth' && $this->getPlugin()->isSsl() ) || ( $this->getPlugin()->getSetting('ssl_admin') && ! $this->getPlugin()->getSetting('ssl_host_subdomain') ) ) {
|
513 |
+
$secure = true;
|
514 |
+
}
|
515 |
+
$secure = apply_filters('secure_auth_cookie', @$secure, $user_id);
|
516 |
+
|
517 |
+
if( $scheme == 'logged_in' ) {
|
518 |
+
$cookie_name = LOGGED_IN_COOKIE;
|
519 |
+
} elseif ( $secure ) {
|
520 |
+
$cookie_name = SECURE_AUTH_COOKIE;
|
521 |
+
$scheme = 'secure_auth';
|
522 |
+
} else {
|
523 |
+
$cookie_name = AUTH_COOKIE;
|
524 |
+
$scheme = 'auth';
|
525 |
+
$secure = false;
|
526 |
+
}
|
527 |
+
|
528 |
+
//$cookie_domain = COOKIE_DOMAIN;
|
529 |
+
$cookie_path = COOKIEPATH;
|
530 |
+
$cookie_path_site = SITECOOKIEPATH;
|
531 |
+
$cookie_path_plugins = PLUGINS_COOKIE_PATH;
|
532 |
+
$cookie_path_admin = ADMIN_COOKIE_PATH;
|
533 |
+
|
534 |
+
if ( $this->getPlugin()->isSsl() ) {
|
535 |
+
// If SSL Host is a subdomain, make cookie domain a wildcard
|
536 |
+
if ( $this->getPlugin()->getSetting('ssl_host_subdomain') ) {
|
537 |
+
$cookie_domain = '.' . $this->getPlugin()->getHttpsUrl()->getBaseHost();
|
538 |
+
// Otherwise, cookie domain set for different SSL Host
|
539 |
+
} else {
|
540 |
+
$cookie_domain = $this->getPlugin()->getHttpsUrl()->getHost();
|
541 |
+
}
|
542 |
+
|
543 |
+
if ( $this->getPlugin()->getHttpsUrl()->getPath() != '/' ) {
|
544 |
+
$cookie_path = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), '', $cookie_path);
|
545 |
+
$cookie_path_site = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), '', $cookie_path_site);
|
546 |
+
$cookie_path_plugins = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), '', $cookie_path_plugins);
|
547 |
+
}
|
548 |
+
|
549 |
+
if ( $this->getPlugin()->getHttpUrl()->getPath() != '/' ) {
|
550 |
+
$cookie_path = str_replace($this->getPlugin()->getHttpUrl()->getPath(), '', $cookie_path);
|
551 |
+
$cookie_path_site = str_replace($this->getPlugin()->getHttpUrl()->getPath(), '', $cookie_path_site);
|
552 |
+
$cookie_path_plugins = str_replace($this->getPlugin()->getHttpUrl()->getPath(), '', $cookie_path_plugins);
|
553 |
+
}
|
554 |
+
|
555 |
+
$cookie_path = rtrim($this->getPlugin()->getHttpsUrl()->getPath(), '/') . $cookie_path;
|
556 |
+
$cookie_path_site = rtrim($this->getPlugin()->getHttpsUrl()->getPath(), '/') . $cookie_path_site;
|
557 |
+
$cookie_path_plugins = rtrim($this->getPlugin()->getHttpsUrl()->getPath(), '/') . $cookie_path_plugins;
|
558 |
+
$cookie_path_admin = rtrim($cookie_path_site, '/') . '/wp-admin';
|
559 |
+
}
|
560 |
+
|
561 |
+
if ( $scheme == 'logged_in' ) {
|
562 |
+
setcookie($cookie_name, $cookie, $expire, $cookie_path, $cookie_domain, $secure, true);
|
563 |
+
if ( $cookie_path != $cookie_path_site ) {
|
564 |
+
setcookie($cookie_name, $cookie, $expire, $cookie_path_site, $cookie_domain, $secure, true);
|
565 |
+
}
|
566 |
+
} else {
|
567 |
+
setcookie($cookie_name, $cookie, $expire, $cookie_path_plugins, $cookie_domain, false, true);
|
568 |
+
setcookie($cookie_name, $cookie, $expire, $cookie_path_admin, $cookie_domain, false, true);
|
569 |
+
}
|
570 |
+
}
|
571 |
+
|
572 |
+
/**
|
573 |
+
* Removes redirect_count cookie.
|
574 |
+
*
|
575 |
+
* @param none
|
576 |
+
* @return void
|
577 |
+
*/
|
578 |
+
public function clear_redirect_count_cookie() {
|
579 |
+
if ( !headers_sent() && isset($_COOKIE['redirect_count']) ) {
|
580 |
+
setcookie('redirect_count', null, -time(), '/');
|
581 |
+
}
|
582 |
+
}
|
583 |
+
|
584 |
+
/**
|
585 |
+
* Clear Cookies
|
586 |
+
* WordPress Hook - clear_auth_cookie
|
587 |
+
*
|
588 |
+
* @param none
|
589 |
+
* @return void
|
590 |
+
*/
|
591 |
+
public function clear_cookies() {
|
592 |
+
if ( $this->getPlugin()->getSetting('ssl_host_subdomain') ) {
|
593 |
+
$cookie_domain = '.' . $this->getPlugin()->getHttpsUrl()->getBaseHost();
|
594 |
+
} else {
|
595 |
+
$cookie_domain = $this->getPlugin()->getHttpsUrl()->getHost();
|
596 |
+
}
|
597 |
+
|
598 |
+
$cookie_path = COOKIEPATH;
|
599 |
+
$cookie_path_site = SITECOOKIEPATH;
|
600 |
+
$cookie_path_plugins = PLUGINS_COOKIE_PATH;
|
601 |
+
|
602 |
+
if ( $this->getPlugin()->getHttpsUrl()->getPath() != '/' ) {
|
603 |
+
$cookie_path = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), '', $cookie_path);
|
604 |
+
$cookie_path_site = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), '', $cookie_path_site);
|
605 |
+
$cookie_path_plugins = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), '', $cookie_path_plugins);
|
606 |
+
}
|
607 |
+
|
608 |
+
if ( $this->getPlugin()->getHttpUrl()->getPath() != '/' ) {
|
609 |
+
$cookie_path = str_replace($this->getPlugin()->getHttpUrl()->getPath(), '', $cookie_path);
|
610 |
+
$cookie_path_site = str_replace($this->getPlugin()->getHttpUrl()->getPath(), '', $cookie_path_site);
|
611 |
+
$cookie_path_plugins = str_replace($this->getPlugin()->getHttpUrl()->getPath(), '', $cookie_path_plugins);
|
612 |
+
}
|
613 |
+
|
614 |
+
$cookie_path = rtrim($this->getPlugin()->getHttpsUrl()->getPath(), '/') . $cookie_path;
|
615 |
+
$cookie_path_site = rtrim($this->getPlugin()->getHttpsUrl()->getPath(), '/') . $cookie_path_site;
|
616 |
+
$cookie_path_plugins = rtrim($this->getPlugin()->getHttpsUrl()->getPath(), '/') . $cookie_path_plugins;
|
617 |
+
$cookie_path_admin = $cookie_path_site . 'wp-admin';
|
618 |
+
|
619 |
+
setcookie(AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_admin, $cookie_domain);
|
620 |
+
setcookie(AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_plugins, $cookie_domain);
|
621 |
+
setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_admin, $cookie_domain);
|
622 |
+
setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_plugins, $cookie_domain);
|
623 |
+
setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, $cookie_path, $cookie_domain);
|
624 |
+
setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, $cookie_path_site, $cookie_domain);
|
625 |
+
|
626 |
+
setcookie(AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_admin);
|
627 |
+
setcookie(AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_plugins);
|
628 |
+
setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_admin);
|
629 |
+
setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_plugins);
|
630 |
+
setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, $cookie_path);
|
631 |
+
setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, $cookie_path_site);
|
632 |
+
}
|
633 |
+
|
634 |
+
}
|
lib/WordPressHTTPS/Module/DomainMapping.php
ADDED
@@ -0,0 +1,105 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* Admin Domain Mapping Module
|
4 |
+
*
|
5 |
+
* Adds the settings page.
|
6 |
+
*
|
7 |
+
* @author Mike Ems
|
8 |
+
* @package WordPressHTTPS
|
9 |
+
*
|
10 |
+
*/
|
11 |
+
|
12 |
+
class WordPressHTTPS_Module_DomainMapping extends Mvied_Plugin_Module {
|
13 |
+
|
14 |
+
/**
|
15 |
+
* Initialize Module
|
16 |
+
*
|
17 |
+
* @param none
|
18 |
+
* @return void
|
19 |
+
*/
|
20 |
+
public function init() {
|
21 |
+
if ( is_admin() && isset($_GET['page']) && strpos($_GET['page'], $this->getPlugin()->getSlug()) !== false ) {
|
22 |
+
if ( $_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['action']) && $_POST['action'] == 'wphttps-domain-mapping' ) {
|
23 |
+
add_action('plugins_loaded', array(&$this, 'save'), 1);
|
24 |
+
}
|
25 |
+
|
26 |
+
// Add meta boxes
|
27 |
+
add_action('admin_init', array(&$this, 'add_meta_boxes'));
|
28 |
+
}
|
29 |
+
|
30 |
+
// Custom filter https_external_url
|
31 |
+
add_filter('https_external_url', array(&$this, 'map_url'), 10);
|
32 |
+
}
|
33 |
+
|
34 |
+
/**
|
35 |
+
* Domain Mapping
|
36 |
+
*
|
37 |
+
* @param string $url
|
38 |
+
* @return string $url
|
39 |
+
*/
|
40 |
+
public function map_url( $url ) {
|
41 |
+
if ( is_array($this->getPlugin()->getSetting('ssl_host_mapping')) && sizeof($this->getPlugin()->getSetting('ssl_host_mapping')) > 0 ) {
|
42 |
+
foreach( $this->getPlugin()->getSetting('ssl_host_mapping') as $http_domain => $https_domain ) {
|
43 |
+
preg_match('/' . $http_domain . '/', $url, $matches);
|
44 |
+
if ( sizeof($matches) > 0 ) {
|
45 |
+
$url = preg_replace('/' . $http_domain . '/', $https_domain, $url);
|
46 |
+
}
|
47 |
+
}
|
48 |
+
}
|
49 |
+
return $url;
|
50 |
+
}
|
51 |
+
|
52 |
+
/**
|
53 |
+
* Add meta boxes to WordPress HTTPS Settings page.
|
54 |
+
*
|
55 |
+
* @param none
|
56 |
+
* @return void
|
57 |
+
*/
|
58 |
+
public function add_meta_boxes() {
|
59 |
+
add_meta_box(
|
60 |
+
$this->getPlugin()->getSlug() . '_domain_mapping',
|
61 |
+
__( 'Domain Mapping', $this->getPlugin()->getSlug() ),
|
62 |
+
array($this->getPlugin()->getModule('Admin'), 'meta_box_render'),
|
63 |
+
'toplevel_page_' . $this->getPlugin()->getSlug(),
|
64 |
+
'main',
|
65 |
+
'core',
|
66 |
+
array( 'metabox' => 'domain_mapping' )
|
67 |
+
);
|
68 |
+
}
|
69 |
+
|
70 |
+
/**
|
71 |
+
* Save Domain Mapping
|
72 |
+
*
|
73 |
+
* @param array $settings
|
74 |
+
* @return void
|
75 |
+
*/
|
76 |
+
public function save() {
|
77 |
+
if ( !wp_verify_nonce($_POST['_wpnonce'], $this->getPlugin()->getSlug() . '-options') ) {
|
78 |
+
return false;
|
79 |
+
}
|
80 |
+
|
81 |
+
$message = "Domain Mapping saved.";
|
82 |
+
$errors = array();
|
83 |
+
$reload = false;
|
84 |
+
$logout = false;
|
85 |
+
if ( isset($_POST['domain_mapping-save']) ) {
|
86 |
+
$ssl_host_mapping = array();
|
87 |
+
for( $i=0; $i<sizeof($_POST['http_domain']); $i++ ) {
|
88 |
+
if ( isset($_POST['http_domain'][$i]) && $_POST['http_domain'][$i] != '' && isset($_POST['https_domain'][$i]) && $_POST['https_domain'][$i] != '' ) {
|
89 |
+
$ssl_host_mapping[$_POST['http_domain'][$i]] = $_POST['https_domain'][$i];
|
90 |
+
}
|
91 |
+
}
|
92 |
+
$this->getPlugin()->setSetting('ssl_host_mapping', $ssl_host_mapping);
|
93 |
+
} else if ( isset($_POST['domain_mapping-reset']) ) {
|
94 |
+
$this->getPlugin()->setSetting('ssl_host_mapping', WordPressHTTPS::$ssl_host_mapping);
|
95 |
+
$reload = true;
|
96 |
+
}
|
97 |
+
|
98 |
+
if ( $logout ) {
|
99 |
+
wp_logout();
|
100 |
+
}
|
101 |
+
|
102 |
+
require_once($this->getPlugin()->getDirectory() . '/admin/templates/ajax_message.php');
|
103 |
+
}
|
104 |
+
|
105 |
+
}
|
lib/WordPressHTTPS/Module/Filters.php
DELETED
@@ -1,324 +0,0 @@
|
|
1 |
-
<?php
|
2 |
-
/**
|
3 |
-
* Filters Module
|
4 |
-
*
|
5 |
-
* @author Mike Ems
|
6 |
-
* @package WordPressHTTPS
|
7 |
-
*
|
8 |
-
*/
|
9 |
-
|
10 |
-
class WordPressHTTPS_Module_Filters extends Mvied_Plugin_Module implements Mvied_Plugin_Module_Interface {
|
11 |
-
|
12 |
-
/**
|
13 |
-
* Initialize
|
14 |
-
*
|
15 |
-
* @param none
|
16 |
-
* @return void
|
17 |
-
*/
|
18 |
-
public function init() {
|
19 |
-
// Prevent WordPress' canonical redirect when using a different SSL Host
|
20 |
-
if ( $this->getPlugin()->getSetting('ssl_host_diff') && $this->getPlugin()->isSsl() ) {
|
21 |
-
remove_filter('template_redirect', 'redirect_canonical');
|
22 |
-
// Filter SSL Host path out of request
|
23 |
-
add_filter('request', array(&$this, 'request'), 10, 1);
|
24 |
-
// Add SSL Host path to rewrite rules
|
25 |
-
add_filter('rewrite_rules_array', array(&$this, 'rewrite_rules'), 10, 1);
|
26 |
-
}
|
27 |
-
|
28 |
-
// Add SSL Host to allowed redirect hosts
|
29 |
-
add_filter('allowed_redirect_hosts' , array(&$this, 'allowed_redirect_hosts'), 10, 1);
|
30 |
-
|
31 |
-
// Filter get_avatar
|
32 |
-
add_filter('get_avatar', array(&$this, 'get_avatar'), 10, 5);
|
33 |
-
|
34 |
-
// Filter URL's
|
35 |
-
add_filter('bloginfo_url', array(&$this, 'secure_url'), 10);
|
36 |
-
add_filter('includes_url', array(&$this, 'secure_url'), 10);
|
37 |
-
add_filter('plugins_url', array(&$this, 'secure_url'), 10);
|
38 |
-
add_filter('logout_url', array(&$this, 'secure_url'), 10);
|
39 |
-
add_filter('login_url', array(&$this, 'secure_url'), 10);
|
40 |
-
add_filter('wp_get_attachment_url', array(&$this, 'secure_url'), 10);
|
41 |
-
add_filter('template_directory_uri', array(&$this, 'secure_url'), 10);
|
42 |
-
add_filter('stylesheet_directory_uri', array(&$this, 'secure_url'), 10);
|
43 |
-
|
44 |
-
// Filter admin_url
|
45 |
-
add_filter('admin_url', array(&$this, 'admin_url'), 10, 3);
|
46 |
-
|
47 |
-
// Filter site_url
|
48 |
-
add_filter('site_url', array(&$this, 'site_url'), 10, 4);
|
49 |
-
|
50 |
-
// Filter force_ssl
|
51 |
-
add_filter('force_ssl', array(&$this, 'secure_different_host_admin'), 20, 3);
|
52 |
-
add_filter('force_ssl', array(&$this, 'secure_child_post'), 30, 3);
|
53 |
-
add_filter('force_ssl', array(&$this, 'secure_post'), 40, 3);
|
54 |
-
add_filter('force_ssl', array(&$this, 'secure_exclusive'), 50, 3);
|
55 |
-
|
56 |
-
$filters = array('page_link', 'preview_page_link', 'post_link', 'preview_page_link', 'post_type_link', 'attachment_link', 'day_link', 'month_link', 'year_link', 'comment_reply_link', 'category_link', 'author_link', 'archives_link', 'tag_link', 'search_link');
|
57 |
-
foreach( $filters as $filter ) {
|
58 |
-
add_filter($filter, array(&$this, 'secure_post_link'), 10);
|
59 |
-
}
|
60 |
-
}
|
61 |
-
|
62 |
-
/**
|
63 |
-
* Admin URL
|
64 |
-
* WordPress Filter - admin_url
|
65 |
-
*
|
66 |
-
* @param string $url
|
67 |
-
* @param string $path
|
68 |
-
* @param int $blog_id
|
69 |
-
* @return string $url
|
70 |
-
*/
|
71 |
-
public function admin_url( $url, $path, $blog_id ) {
|
72 |
-
if ( ( $this->getPlugin()->getSetting('ssl_admin') || ( ( is_admin() || $GLOBALS['pagenow'] == 'wp-login.php' ) && $this->getPlugin()->isSsl() ) ) && ( ! is_multisite() || ( is_multisite() && parse_url($url, PHP_URL_HOST) == $this->getPlugin()->getHttpsUrl()->getHost() ) ) ) {
|
73 |
-
$url = $this->getPlugin()->makeUrlHttps($url);
|
74 |
-
}
|
75 |
-
return $url;
|
76 |
-
}
|
77 |
-
|
78 |
-
/**
|
79 |
-
* Site URL
|
80 |
-
* WordPress Filter - site_url
|
81 |
-
*
|
82 |
-
* @param string $url
|
83 |
-
* @param string $path
|
84 |
-
* @param string $scheme
|
85 |
-
* @param int $blog_id
|
86 |
-
* @return string $url
|
87 |
-
*/
|
88 |
-
public function site_url( $url, $path, $scheme, $blog_id ) {
|
89 |
-
if ( $scheme == 'https' || ( $scheme != 'http' && $this->getPlugin()->isSsl() ) ) {
|
90 |
-
$url = $this->getPlugin()->makeUrlHttps($url);
|
91 |
-
}
|
92 |
-
return $url;
|
93 |
-
}
|
94 |
-
|
95 |
-
/**
|
96 |
-
* Allowed Redirect Hosts
|
97 |
-
* WordPress Filter - aloowed_redirect_hosts
|
98 |
-
*
|
99 |
-
* @param array $content
|
100 |
-
* @return array $content
|
101 |
-
*/
|
102 |
-
public function allowed_redirect_hosts( $content ) {
|
103 |
-
$content[] = $this->getPlugin()->getHttpsUrl()->getHost();
|
104 |
-
return $content;
|
105 |
-
}
|
106 |
-
|
107 |
-
/**
|
108 |
-
* Get Avatar
|
109 |
-
* WordPress Filter - get_avatar
|
110 |
-
*
|
111 |
-
* @param string $avatar
|
112 |
-
* @param string $id_or_email
|
113 |
-
* @param int $size
|
114 |
-
* @param string $alt
|
115 |
-
* @return string $avatar
|
116 |
-
*/
|
117 |
-
public function get_avatar( $avatar, $id_or_email, $size, $default, $alt ) {
|
118 |
-
if ( $this->getPlugin()->isSsl() ) {
|
119 |
-
// Set host to https://secure.gravatar.com
|
120 |
-
if ( $avatar = preg_replace('/\d\.gravatar\.com/', 'secure.gravatar.com', $avatar) ) {
|
121 |
-
$avatar = str_replace('http', 'https', str_replace('https', 'http', $avatar));
|
122 |
-
}
|
123 |
-
}
|
124 |
-
|
125 |
-
return $avatar;
|
126 |
-
}
|
127 |
-
|
128 |
-
/**
|
129 |
-
* Secure URL
|
130 |
-
* WordPress Filter - bloginfo_url, includes_url
|
131 |
-
*
|
132 |
-
* @param string $url
|
133 |
-
* @return string $url
|
134 |
-
*/
|
135 |
-
public function secure_url( $url = '' ) {
|
136 |
-
if ( $this->getPlugin()->isSsl() || ( $this->getPlugin()->getSetting('ssl_admin') && ( strpos($url, 'wp-admin') !== false || strpos($url, 'wp-login') !== false ) ) ) {
|
137 |
-
$url = rtrim($this->getPlugin()->makeUrlHttps(rtrim($url, '/') . '/'), '/');
|
138 |
-
} else if ( strpos(get_option('home'), 'https') !== 0 ) {
|
139 |
-
$url = rtrim($this->getPlugin()->makeUrlHttp(rtrim($url, '/') . '/'), '/');
|
140 |
-
}
|
141 |
-
return $url;
|
142 |
-
}
|
143 |
-
|
144 |
-
/**
|
145 |
-
* Filter Request
|
146 |
-
* WordPress Filter - request
|
147 |
-
*
|
148 |
-
* @param array $request
|
149 |
-
* @return array $request
|
150 |
-
*/
|
151 |
-
public function request( $request ) {
|
152 |
-
if ( !is_admin() && ( sizeof($request) == 1 || isset($request['pagename']) ) ) {
|
153 |
-
$pagename = str_replace(trim($this->getPlugin()->getHttpsUrl()->getPath(), '/') . '/', '', ( isset($request['pagename']) ? $request['pagename'] : $_SERVER['REQUEST_URI'] ));
|
154 |
-
$request['pagename'] = rtrim(rtrim($this->getPlugin()->getHttpUrl()->getPath(), '/') . '/' . $pagename, '/');
|
155 |
-
}
|
156 |
-
return $request;
|
157 |
-
}
|
158 |
-
|
159 |
-
/**
|
160 |
-
* Add rewrite rule to recognize additional path information on SSL Host
|
161 |
-
*
|
162 |
-
* @param array $rules
|
163 |
-
* @return array $rules
|
164 |
-
*/
|
165 |
-
public function rewrite_rules( $rules = array() ) {
|
166 |
-
$requestPath = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), '', $_SERVER['REQUEST_URI']);
|
167 |
-
if ( $this->getPlugin()->getHttpUrl()->getPath() != '/' ) {
|
168 |
-
$httpsPath = str_replace($this->getPlugin()->getHttpUrl()->getPath(), '', $this->getPlugin()->getHttpsUrl()->getPath());
|
169 |
-
} else {
|
170 |
-
$httpsPath = $this->getPlugin()->getHttpsUrl()->getPath();
|
171 |
-
}
|
172 |
-
if ( $httpsPath != '/' ) {
|
173 |
-
$rules['^' . $httpsPath . '([^\'"]+)'] = 'index.php?pagename=$matches[1]';
|
174 |
-
}
|
175 |
-
return $rules;
|
176 |
-
}
|
177 |
-
|
178 |
-
/**
|
179 |
-
* Secure Post Link
|
180 |
-
*
|
181 |
-
* @param string $url
|
182 |
-
* @return string $url
|
183 |
-
*/
|
184 |
-
public function secure_post_link( $url ) {
|
185 |
-
$force_ssl = apply_filters('force_ssl', null, 0, $url);
|
186 |
-
if ( $force_ssl ) {
|
187 |
-
$url = $this->getPlugin()->makeUrlHttps($url);
|
188 |
-
} else if ( $this->getPlugin()->getSetting('exclusive_https') ) {
|
189 |
-
$url = $this->getPlugin()->makeUrlHttp($url);
|
190 |
-
}
|
191 |
-
return $url;
|
192 |
-
}
|
193 |
-
|
194 |
-
/**
|
195 |
-
* Secure Post
|
196 |
-
* WordPress HTTPS Filter - force_ssl
|
197 |
-
*
|
198 |
-
* @param boolean $force_ssl
|
199 |
-
* @param int $post_id
|
200 |
-
* @param string $url
|
201 |
-
* @return boolean $force_ssl
|
202 |
-
*/
|
203 |
-
public function secure_post( $force_ssl, $post_id = 0, $url = '' ) {
|
204 |
-
if ( $url != '' ) {
|
205 |
-
$url_parts = parse_url($url);
|
206 |
-
if ( $this->getPlugin()->isUrlLocal($url) ) {
|
207 |
-
if ( $this->getPlugin()->getHttpsUrl()->getPath() != '/' ) {
|
208 |
-
if ( $this->getPlugin()->getSetting('ssl_host_diff') ) {
|
209 |
-
$url_parts['path'] = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), '', $url_parts['path']);
|
210 |
-
}
|
211 |
-
if ( $this->getPlugin()->getHttpUrl()->getPath() != '/' ) {
|
212 |
-
$url_parts['path'] = str_replace($this->getPlugin()->getHttpUrl()->getPath(), '', $url_parts['path']);
|
213 |
-
}
|
214 |
-
}
|
215 |
-
|
216 |
-
// qTranslate integration - strips language from beginning of url path
|
217 |
-
if ( defined('QTRANS_INIT') && constant('QTRANS_INIT') == true ) {
|
218 |
-
global $q_config;
|
219 |
-
if ( isset($q_config['enabled_languages']) ) {
|
220 |
-
foreach($q_config['enabled_languages'] as $language) {
|
221 |
-
$url_parts['path'] = preg_replace('/^\/' . $language . '\//', '/', $url_parts['path']);
|
222 |
-
}
|
223 |
-
}
|
224 |
-
}
|
225 |
-
|
226 |
-
// Check secure filters
|
227 |
-
if ( sizeof($this->getPlugin()->getSetting('secure_filter')) > 0 ) {
|
228 |
-
foreach( $this->getPlugin()->getSetting('secure_filter') as $filter ) {
|
229 |
-
if ( strpos($url, $filter) !== false ) {
|
230 |
-
$force_ssl = true;
|
231 |
-
}
|
232 |
-
}
|
233 |
-
}
|
234 |
-
|
235 |
-
if ( preg_match("/page_id=([\d]+)/", parse_url($url, PHP_URL_QUERY), $postID) ) {
|
236 |
-
$post = $postID[1];
|
237 |
-
} else if ( $url_parts['path'] == '' || $url_parts['path'] == '/' ) {
|
238 |
-
if ( get_option('show_on_front') == 'page' ) {
|
239 |
-
$post = get_option('page_on_front');
|
240 |
-
}
|
241 |
-
if ( $this->getPlugin()->getSetting('frontpage') ) {
|
242 |
-
$force_ssl = true;
|
243 |
-
}
|
244 |
-
} else if ( $post = get_page_by_path($url_parts['path']) ) {
|
245 |
-
$post = $post->ID;
|
246 |
-
//TODO When logged in to HTTP and visiting an HTTPS page, admin links will always be forced to HTTPS, even if the user is not logged in via HTTPS. I need to find a way to detect this.
|
247 |
-
} else if ( ( strpos($url_parts['path'], 'wp-admin') !== false || strpos($url_parts['path'], 'wp-login') !== false ) && ( $this->getPlugin()->isSsl() || $this->getPlugin()->getSetting('ssl_admin') ) ) {
|
248 |
-
if ( ! is_multisite() || ( is_multisite() && strpos($url_parts['host'], $this->getPlugin()->getHttpsUrl()->getHost()) !== false ) ) {
|
249 |
-
$force_ssl = true;
|
250 |
-
}
|
251 |
-
}
|
252 |
-
} else if ( is_multisite() ) {
|
253 |
-
// get_blog_details returns an object with a property of blog_id
|
254 |
-
if ( $blog_details = get_blog_details( array( 'domain' => $url_parts['host'] )) ) {
|
255 |
-
// set $blog_id using $blog_details->blog_id
|
256 |
-
$blog_id = $blog_details->blog_id;
|
257 |
-
if ( $this->getPlugin()->getSetting('ssl_admin', $blog_id) && $url_parts['scheme'] != 'https' && ( ! $this->getPlugin()->getSetting('ssl_host_diff', $blog_id) || ( $this->getPlugin()->getSetting('ssl_host_diff', $blog_id) && is_user_logged_in() ) ) ) {
|
258 |
-
$force_ssl = true;
|
259 |
-
}
|
260 |
-
}
|
261 |
-
}
|
262 |
-
}
|
263 |
-
if ( (int) $post > 0 ) {
|
264 |
-
$force_ssl = (( get_post_meta($post, 'force_ssl', true) == 1 ) ? true : $force_ssl);
|
265 |
-
}
|
266 |
-
return $force_ssl;
|
267 |
-
}
|
268 |
-
|
269 |
-
/**
|
270 |
-
* Always secure pages when using a different SSL Host.
|
271 |
-
* WordPress HTTPS Filter - force_ssl
|
272 |
-
*
|
273 |
-
* @param boolean $force_ssl
|
274 |
-
* @param int $post_id
|
275 |
-
* @param string $url
|
276 |
-
* @return boolean $force_ssl
|
277 |
-
*/
|
278 |
-
public function secure_exclusive( $force_ssl, $post_id = 0, $url = '' ) {
|
279 |
-
if ( is_null($force_ssl) && strpos(get_option('home'), 'https') !== 0 && $this->getPlugin()->getSetting('exclusive_https') ) {
|
280 |
-
$force_ssl = false;
|
281 |
-
}
|
282 |
-
return $force_ssl;
|
283 |
-
}
|
284 |
-
|
285 |
-
/**
|
286 |
-
* Always secure pages when using a different SSL Host.
|
287 |
-
* WordPress HTTPS Filter - force_ssl
|
288 |
-
*
|
289 |
-
* @param boolean $force_ssl
|
290 |
-
* @param int $post_id
|
291 |
-
* @param string $url
|
292 |
-
* @return boolean $force_ssl
|
293 |
-
*/
|
294 |
-
public function secure_different_host_admin( $force_ssl, $post_id = 0, $url = '' ) {
|
295 |
-
if ( ! $this->getPlugin()->getSetting('ssl_host_subdomain') && $this->getPlugin()->getSetting('ssl_host_diff') && $this->getPlugin()->getSetting('ssl_admin') && is_user_logged_in() ) {
|
296 |
-
$force_ssl = true;
|
297 |
-
}
|
298 |
-
return $force_ssl;
|
299 |
-
}
|
300 |
-
|
301 |
-
/**
|
302 |
-
* Secure Child Post
|
303 |
-
* WordPress HTTPS Filter - force_ssl
|
304 |
-
*
|
305 |
-
* @param boolean $force_ssl
|
306 |
-
* @param int $post_id
|
307 |
-
* @param string $url
|
308 |
-
* @return boolean $force_ssl
|
309 |
-
*/
|
310 |
-
public function secure_child_post( $force_ssl, $post_id = 0, $url = '' ) {
|
311 |
-
if ( $post_id > 0 ) {
|
312 |
-
$postParent = get_post($post_id);
|
313 |
-
while ( $postParent->post_parent ) {
|
314 |
-
$postParent = get_post( $postParent->post_parent );
|
315 |
-
if ( get_post_meta($postParent->ID, 'force_ssl_children', true) == 1 ) {
|
316 |
-
$force_ssl = true;
|
317 |
-
break;
|
318 |
-
}
|
319 |
-
}
|
320 |
-
}
|
321 |
-
return $force_ssl;
|
322 |
-
}
|
323 |
-
|
324 |
-
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
lib/WordPressHTTPS/Module/Hooks.php
DELETED
@@ -1,293 +0,0 @@
|
|
1 |
-
<?php
|
2 |
-
/**
|
3 |
-
* Hooks Module
|
4 |
-
*
|
5 |
-
* @author Mike Ems
|
6 |
-
* @package WordPressHTTPS
|
7 |
-
*
|
8 |
-
*/
|
9 |
-
|
10 |
-
class WordPressHTTPS_Module_Hooks extends Mvied_Plugin_Module implements Mvied_Plugin_Module_Interface {
|
11 |
-
|
12 |
-
/**
|
13 |
-
* Initialize
|
14 |
-
*
|
15 |
-
* @param none
|
16 |
-
* @return void
|
17 |
-
*/
|
18 |
-
public function init() {
|
19 |
-
if ( $this->getPlugin()->getSetting('ssl_host_diff') ) {
|
20 |
-
// Remove SSL Host authentication cookies on logout
|
21 |
-
add_action('clear_auth_cookie', array(&$this, 'clear_cookies'));
|
22 |
-
|
23 |
-
// Set authentication cookie
|
24 |
-
if ( $this->getPlugin()->isSsl() ) {
|
25 |
-
add_action('set_auth_cookie', array(&$this, 'set_cookie'), 10, 5);
|
26 |
-
add_action('set_logged_in_cookie', array(&$this, 'set_cookie'), 10, 5);
|
27 |
-
}
|
28 |
-
}
|
29 |
-
|
30 |
-
// Filter scripts
|
31 |
-
add_action('wp_print_scripts', array(&$this, 'fix_scripts'), 100, 0);
|
32 |
-
|
33 |
-
// Filter styles
|
34 |
-
add_action('wp_print_styles', array(&$this, 'fix_styles'), 100, 0);
|
35 |
-
|
36 |
-
// Filter redirects in admin panel
|
37 |
-
if ( is_admin() && ( $this->getPlugin()->getSetting('ssl_admin') || $this->getPlugin()->isSsl() ) ) {
|
38 |
-
add_action('wp_redirect', array($this->getPlugin(), 'redirectAdmin'), 10, 1);
|
39 |
-
}
|
40 |
-
|
41 |
-
// Run proxy check
|
42 |
-
if ( $this->getPlugin()->getSetting('ssl_proxy') === 'auto' ) {
|
43 |
-
// If page is not SSL and no proxy cookie is detected, run proxy check
|
44 |
-
if ( ! $this->getPlugin()->isSsl() && ! isset($_COOKIE['wp_proxy']) ) {
|
45 |
-
add_action('init', array(&$this, 'proxy_check'), 1);
|
46 |
-
add_action('admin_init', array(&$this, 'proxy_check'), 1);
|
47 |
-
// Update ssl_proxy setting if a proxy has been detected
|
48 |
-
} else if ( $this->getPlugin()->getSetting('ssl_proxy') !== true && isset($_COOKIE['wp_proxy']) && $_COOKIE['wp_proxy'] == 1 ) {
|
49 |
-
$this->getPlugin()->setSetting('ssl_proxy', 1);
|
50 |
-
// Update ssl_proxy if proxy is no longer detected
|
51 |
-
} else if ( $this->getPlugin()->getSetting('ssl_proxy') !== false && isset($_COOKIE['wp_proxy']) && $_COOKIE['wp_proxy'] != 1 ) {
|
52 |
-
$this->getPlugin()->setSetting('ssl_proxy', 0);
|
53 |
-
}
|
54 |
-
}
|
55 |
-
|
56 |
-
// Check if the page needs to be redirected
|
57 |
-
add_action('template_redirect', array(&$this, 'redirect_check'), 10, 1);
|
58 |
-
add_action('template_redirect', array(&$this, 'clear_redirect_count_cookie'), 9, 1);
|
59 |
-
}
|
60 |
-
|
61 |
-
/**
|
62 |
-
* Fix Enqueued Scripts
|
63 |
-
*
|
64 |
-
* @param none
|
65 |
-
* @return void
|
66 |
-
*/
|
67 |
-
public function fix_scripts() {
|
68 |
-
global $wp_scripts;
|
69 |
-
if ( isset($wp_scripts) && sizeof($wp_scripts->registered) > 0 ) {
|
70 |
-
foreach ( $wp_scripts->registered as $script ) {
|
71 |
-
if ( strpos($script->src, 'http') !== 0 ) {
|
72 |
-
$script->src = site_url($script->src);
|
73 |
-
}
|
74 |
-
if ( $this->getPlugin()->isSsl() ) {
|
75 |
-
$script->src = $this->getPlugin()->makeUrlHttps($script->src);
|
76 |
-
} else {
|
77 |
-
$script->src = $this->getPlugin()->makeUrlHttp($script->src);
|
78 |
-
}
|
79 |
-
}
|
80 |
-
}
|
81 |
-
}
|
82 |
-
|
83 |
-
/**
|
84 |
-
* Fix Enqueued Styles
|
85 |
-
*
|
86 |
-
* @param none
|
87 |
-
* @return void
|
88 |
-
*/
|
89 |
-
public function fix_styles() {
|
90 |
-
global $wp_styles;
|
91 |
-
if ( isset($wp_styles) && sizeof($wp_styles->registered) > 0 ) {
|
92 |
-
foreach ( (array)$wp_styles->registered as $style ) {
|
93 |
-
if ( strpos($style->src, 'http') !== 0 ) {
|
94 |
-
$style->src = site_url($style->src);
|
95 |
-
}
|
96 |
-
if ( $this->getPlugin()->isSsl() ) {
|
97 |
-
$style->src = $this->getPlugin()->makeUrlHttps($style->src);
|
98 |
-
} else {
|
99 |
-
$style->src = $this->getPlugin()->makeUrlHttp($style->src);
|
100 |
-
}
|
101 |
-
}
|
102 |
-
}
|
103 |
-
}
|
104 |
-
|
105 |
-
/**
|
106 |
-
* Proxy Check
|
107 |
-
*
|
108 |
-
* If the server is on a proxy and not correctly reporting HTTPS, this
|
109 |
-
* JavaScript makes sure that the correct redirect takes place.
|
110 |
-
*
|
111 |
-
* @param none
|
112 |
-
* @return void
|
113 |
-
*/
|
114 |
-
public function proxy_check() {
|
115 |
-
if ( ! is_user_logged_in() ) {
|
116 |
-
return false;
|
117 |
-
}
|
118 |
-
$cookie_expiration = gmdate('D, d-M-Y H:i:s T', strtotime('now + 10 years'));
|
119 |
-
echo '<!-- WordPress HTTPS Proxy Check -->' . "\n";
|
120 |
-
echo '<script type="text/javascript">function getCookie(a){var b=document.cookie;var c=a+"=";var d=b.indexOf("; "+c);if(d==-1){d=b.indexOf(c);if(d!=0)return null}else{d+=2;var e=document.cookie.indexOf(";",d);if(e==-1){e=b.length}}return unescape(b.substring(d+c.length,e))}if(getCookie("wp_proxy")!=true){if(window.location.protocol=="https:"){document.cookie="wp_proxy=1; path=/; expires=' . $cookie_expiration . '"}else if(getCookie("wp_proxy")==null){document.cookie="wp_proxy=0; path=/; expires=' . $cookie_expiration . '"}if(getCookie("wp_proxy")!=null){window.location.reload()}else{document.write("You must enable cookies.")}}</script>' . "\n";
|
121 |
-
echo '<noscript>Your browser does not support JavaScript.</noscript>' . "\n";
|
122 |
-
exit();
|
123 |
-
}
|
124 |
-
|
125 |
-
/**
|
126 |
-
* Redirect Check
|
127 |
-
*
|
128 |
-
* Checks if the current page needs to be redirected
|
129 |
-
*
|
130 |
-
* @param none
|
131 |
-
* @return void
|
132 |
-
*/
|
133 |
-
public function redirect_check() {
|
134 |
-
global $post;
|
135 |
-
|
136 |
-
// Force SSL Admin
|
137 |
-
if ( ( is_admin() || $GLOBALS['pagenow'] == 'wp-login.php' ) && $this->getPlugin()->getSetting('ssl_admin') && ! $this->getPlugin()->isSsl() ) {
|
138 |
-
$this->getPlugin()->redirect('https');
|
139 |
-
}
|
140 |
-
|
141 |
-
if ( ! (is_single() || is_page() || is_front_page() || is_home()) ) {
|
142 |
-
return false;
|
143 |
-
}
|
144 |
-
|
145 |
-
if ( $post->ID > 0 ) {
|
146 |
-
$force_ssl = apply_filters('force_ssl', null, $post->ID, ( $this->getPlugin()->isSsl() ? 'https' : 'http' ) . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
|
147 |
-
}
|
148 |
-
|
149 |
-
if ( ! $this->getPlugin()->isSsl() && isset($force_ssl) && $force_ssl ) {
|
150 |
-
$scheme = 'https';
|
151 |
-
} else if ( $this->getPlugin()->isSsl() && isset($force_ssl) && ! $force_ssl ) {
|
152 |
-
$scheme = 'http';
|
153 |
-
}
|
154 |
-
|
155 |
-
|
156 |
-
if ( isset($scheme) ) {
|
157 |
-
$this->getPlugin()->redirect($scheme);
|
158 |
-
}
|
159 |
-
}
|
160 |
-
|
161 |
-
/**
|
162 |
-
* Set Cookie
|
163 |
-
* WordPress Hook - set_auth_cookie, set_logged_in_cookie
|
164 |
-
*
|
165 |
-
* @param string $cookie
|
166 |
-
* @param string $expire
|
167 |
-
* @param int $expiration
|
168 |
-
* @param int $user_id
|
169 |
-
* @param string $scheme
|
170 |
-
* @return void
|
171 |
-
*/
|
172 |
-
public function set_cookie($cookie, $expire, $expiration, $user_id, $scheme) {
|
173 |
-
if ( ( $scheme == 'secure_auth' && $this->getPlugin()->isSsl() ) || ( $this->getPlugin()->getSetting('ssl_admin') && ! $this->getPlugin()->getSetting('ssl_host_subdomain') ) ) {
|
174 |
-
$secure = true;
|
175 |
-
}
|
176 |
-
$secure = apply_filters('secure_auth_cookie', @$secure, $user_id);
|
177 |
-
|
178 |
-
if( $scheme == 'logged_in' ) {
|
179 |
-
$cookie_name = LOGGED_IN_COOKIE;
|
180 |
-
} elseif ( $secure ) {
|
181 |
-
$cookie_name = SECURE_AUTH_COOKIE;
|
182 |
-
$scheme = 'secure_auth';
|
183 |
-
} else {
|
184 |
-
$cookie_name = AUTH_COOKIE;
|
185 |
-
$scheme = 'auth';
|
186 |
-
$secure = false;
|
187 |
-
}
|
188 |
-
|
189 |
-
//$cookie_domain = COOKIE_DOMAIN;
|
190 |
-
$cookie_path = COOKIEPATH;
|
191 |
-
$cookie_path_site = SITECOOKIEPATH;
|
192 |
-
$cookie_path_plugins = PLUGINS_COOKIE_PATH;
|
193 |
-
$cookie_path_admin = ADMIN_COOKIE_PATH;
|
194 |
-
|
195 |
-
if ( $this->getPlugin()->isSsl() ) {
|
196 |
-
// If SSL Host is a subdomain, make cookie domain a wildcard
|
197 |
-
if ( $this->getPlugin()->getSetting('ssl_host_subdomain') ) {
|
198 |
-
$cookie_domain = '.' . $this->getPlugin()->getHttpsUrl()->getBaseHost();
|
199 |
-
// Otherwise, cookie domain set for different SSL Host
|
200 |
-
} else {
|
201 |
-
$cookie_domain = $this->getPlugin()->getHttpsUrl()->getHost();
|
202 |
-
}
|
203 |
-
|
204 |
-
if ( $this->getPlugin()->getHttpsUrl()->getPath() != '/' ) {
|
205 |
-
$cookie_path = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), '', $cookie_path);
|
206 |
-
$cookie_path_site = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), '', $cookie_path_site);
|
207 |
-
$cookie_path_plugins = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), '', $cookie_path_plugins);
|
208 |
-
}
|
209 |
-
|
210 |
-
if ( $this->getPlugin()->getHttpUrl()->getPath() != '/' ) {
|
211 |
-
$cookie_path = str_replace($this->getPlugin()->getHttpUrl()->getPath(), '', $cookie_path);
|
212 |
-
$cookie_path_site = str_replace($this->getPlugin()->getHttpUrl()->getPath(), '', $cookie_path_site);
|
213 |
-
$cookie_path_plugins = str_replace($this->getPlugin()->getHttpUrl()->getPath(), '', $cookie_path_plugins);
|
214 |
-
}
|
215 |
-
|
216 |
-
$cookie_path = rtrim($this->getPlugin()->getHttpsUrl()->getPath(), '/') . $cookie_path;
|
217 |
-
$cookie_path_site = rtrim($this->getPlugin()->getHttpsUrl()->getPath(), '/') . $cookie_path_site;
|
218 |
-
$cookie_path_plugins = rtrim($this->getPlugin()->getHttpsUrl()->getPath(), '/') . $cookie_path_plugins;
|
219 |
-
$cookie_path_admin = rtrim($cookie_path_site, '/') . '/wp-admin';
|
220 |
-
}
|
221 |
-
|
222 |
-
if ( $scheme == 'logged_in' ) {
|
223 |
-
setcookie($cookie_name, $cookie, $expire, $cookie_path, $cookie_domain, $secure, true);
|
224 |
-
if ( $cookie_path != $cookie_path_site ) {
|
225 |
-
setcookie($cookie_name, $cookie, $expire, $cookie_path_site, $cookie_domain, $secure, true);
|
226 |
-
}
|
227 |
-
} else {
|
228 |
-
setcookie($cookie_name, $cookie, $expire, $cookie_path_plugins, $cookie_domain, false, true);
|
229 |
-
setcookie($cookie_name, $cookie, $expire, $cookie_path_admin, $cookie_domain, false, true);
|
230 |
-
}
|
231 |
-
}
|
232 |
-
|
233 |
-
/**
|
234 |
-
* Removes redirect_count cookie.
|
235 |
-
*
|
236 |
-
* @param none
|
237 |
-
* @return void
|
238 |
-
*/
|
239 |
-
public function clear_redirect_count_cookie() {
|
240 |
-
setcookie('redirect_count', null, -time(), '/');
|
241 |
-
}
|
242 |
-
|
243 |
-
/**
|
244 |
-
* Clear Cookies
|
245 |
-
* WordPress Hook - clear_auth_cookie
|
246 |
-
*
|
247 |
-
* @param none
|
248 |
-
* @return void
|
249 |
-
*/
|
250 |
-
public function clear_cookies() {
|
251 |
-
if ( $this->getPlugin()->getSetting('ssl_host_subdomain') ) {
|
252 |
-
$cookie_domain = '.' . $this->getPlugin()->getHttpsUrl()->getBaseHost();
|
253 |
-
} else {
|
254 |
-
$cookie_domain = $this->getPlugin()->getHttpsUrl()->getHost();
|
255 |
-
}
|
256 |
-
|
257 |
-
$cookie_path = COOKIEPATH;
|
258 |
-
$cookie_path_site = SITECOOKIEPATH;
|
259 |
-
$cookie_path_plugins = PLUGINS_COOKIE_PATH;
|
260 |
-
|
261 |
-
if ( $this->getPlugin()->getHttpsUrl()->getPath() != '/' ) {
|
262 |
-
$cookie_path = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), '', $cookie_path);
|
263 |
-
$cookie_path_site = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), '', $cookie_path_site);
|
264 |
-
$cookie_path_plugins = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), '', $cookie_path_plugins);
|
265 |
-
}
|
266 |
-
|
267 |
-
if ( $this->getPlugin()->getHttpUrl()->getPath() != '/' ) {
|
268 |
-
$cookie_path = str_replace($this->getPlugin()->getHttpUrl()->getPath(), '', $cookie_path);
|
269 |
-
$cookie_path_site = str_replace($this->getPlugin()->getHttpUrl()->getPath(), '', $cookie_path_site);
|
270 |
-
$cookie_path_plugins = str_replace($this->getPlugin()->getHttpUrl()->getPath(), '', $cookie_path_plugins);
|
271 |
-
}
|
272 |
-
|
273 |
-
$cookie_path = rtrim($this->getPlugin()->getHttpsUrl()->getPath(), '/') . $cookie_path;
|
274 |
-
$cookie_path_site = rtrim($this->getPlugin()->getHttpsUrl()->getPath(), '/') . $cookie_path_site;
|
275 |
-
$cookie_path_plugins = rtrim($this->getPlugin()->getHttpsUrl()->getPath(), '/') . $cookie_path_plugins;
|
276 |
-
$cookie_path_admin = $cookie_path_site . 'wp-admin';
|
277 |
-
|
278 |
-
setcookie(AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_admin, $cookie_domain);
|
279 |
-
setcookie(AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_plugins, $cookie_domain);
|
280 |
-
setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_admin, $cookie_domain);
|
281 |
-
setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_plugins, $cookie_domain);
|
282 |
-
setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, $cookie_path, $cookie_domain);
|
283 |
-
setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, $cookie_path_site, $cookie_domain);
|
284 |
-
|
285 |
-
setcookie(AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_admin);
|
286 |
-
setcookie(AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_plugins);
|
287 |
-
setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_admin);
|
288 |
-
setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_plugins);
|
289 |
-
setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, $cookie_path);
|
290 |
-
setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, $cookie_path_site);
|
291 |
-
}
|
292 |
-
|
293 |
-
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
lib/WordPressHTTPS/Module/Network.php
ADDED
@@ -0,0 +1,144 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* Network admin Settings Module
|
4 |
+
*
|
5 |
+
* Adds the network settings page.
|
6 |
+
*
|
7 |
+
* @author Mike Ems
|
8 |
+
* @package WordPressHTTPS
|
9 |
+
*
|
10 |
+
*/
|
11 |
+
|
12 |
+
class WordPressHTTPS_Module_Network extends Mvied_Plugin_Module {
|
13 |
+
|
14 |
+
/**
|
15 |
+
* Initialize Module
|
16 |
+
*
|
17 |
+
* @param none
|
18 |
+
* @return void
|
19 |
+
*/
|
20 |
+
public function init() {
|
21 |
+
if ( is_admin() && isset($_GET['page']) && strpos($_GET['page'], $this->getPlugin()->getSlug()) !== false ) {
|
22 |
+
// Network admin
|
23 |
+
if ( strpos($_SERVER['REQUEST_URI'], 'wp-admin/network') !== false ) {
|
24 |
+
if ( $_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['action']) && $_POST['action'] == 'wphttps-network' ) {
|
25 |
+
add_action('plugins_loaded', array(&$this, 'save'), 1);
|
26 |
+
}
|
27 |
+
|
28 |
+
// Add meta boxes
|
29 |
+
add_action('admin_init', array(&$this, 'add_meta_boxes'));
|
30 |
+
}
|
31 |
+
}
|
32 |
+
|
33 |
+
if ( is_multisite() ) {
|
34 |
+
//add_action('network_admin_menu', array(&$this, 'network_admin_menu'));
|
35 |
+
}
|
36 |
+
}
|
37 |
+
|
38 |
+
/**
|
39 |
+
* Network admin panel menu option
|
40 |
+
* WordPress Hook - network_admin_menu
|
41 |
+
*
|
42 |
+
* @param none
|
43 |
+
* @return void
|
44 |
+
*/
|
45 |
+
public function network_admin_menu() {
|
46 |
+
add_menu_page('HTTPS', 'HTTPS', 'manage_options', $this->getPlugin()->getSlug(), array(&$this, 'dispatch'), '', 88);
|
47 |
+
}
|
48 |
+
|
49 |
+
/**
|
50 |
+
* Add meta boxes to WordPress HTTPS Settings page.
|
51 |
+
*
|
52 |
+
* @param none
|
53 |
+
* @return void
|
54 |
+
*/
|
55 |
+
public function add_meta_boxes() {
|
56 |
+
add_meta_box(
|
57 |
+
$this->getPlugin()->getSlug() . '_settings',
|
58 |
+
__( 'Network Settings', $this->getPlugin()->getSlug() ),
|
59 |
+
array($this->getPlugin()->getModule('Admin'), 'meta_box_render'),
|
60 |
+
'toplevel_page_' . $this->getPlugin()->getSlug() . '_network',
|
61 |
+
'main',
|
62 |
+
'core',
|
63 |
+
array( 'metabox' => 'network' )
|
64 |
+
);
|
65 |
+
add_meta_box(
|
66 |
+
$this->getPlugin()->getSlug() . '_donate2',
|
67 |
+
__( 'Loading...', $this->getPlugin()->getSlug() ),
|
68 |
+
array($this->getPlugin()->getModule('Admin'), 'meta_box_render'),
|
69 |
+
'toplevel_page_' . $this->getPlugin()->getSlug() . '_network',
|
70 |
+
'main',
|
71 |
+
'low',
|
72 |
+
array( 'metabox' => 'ajax', 'url' => 'http://wordpresshttps.com/client/donate2.php' )
|
73 |
+
);
|
74 |
+
}
|
75 |
+
|
76 |
+
/**
|
77 |
+
* Dispatch request for settings page
|
78 |
+
*
|
79 |
+
* @param none
|
80 |
+
* @return void
|
81 |
+
*/
|
82 |
+
public function dispatch() {
|
83 |
+
if ( !current_user_can('manage_network_options') ) {
|
84 |
+
wp_die( __('You do not have sufficient permissions to access this page.') );
|
85 |
+
}
|
86 |
+
|
87 |
+
self::render();
|
88 |
+
}
|
89 |
+
|
90 |
+
/**
|
91 |
+
* Render settings page
|
92 |
+
*
|
93 |
+
* @param none
|
94 |
+
* @return void
|
95 |
+
*/
|
96 |
+
public function render() {
|
97 |
+
require_once($this->getPlugin()->getDirectory() . '/admin/templates/network.php');
|
98 |
+
}
|
99 |
+
|
100 |
+
/**
|
101 |
+
* Save Settings
|
102 |
+
*
|
103 |
+
* @param array $settings
|
104 |
+
* @return void
|
105 |
+
*/
|
106 |
+
public function save() {
|
107 |
+
if ( !wp_verify_nonce($_POST['_wpnonce'], $this->getPlugin()->getSlug() . '-options') ) {
|
108 |
+
return false;
|
109 |
+
}
|
110 |
+
|
111 |
+
$message = "Network settings saved.";
|
112 |
+
$errors = array();
|
113 |
+
$reload = false;
|
114 |
+
$logout = false;
|
115 |
+
if ( isset($_POST['network-settings-reset']) ) {
|
116 |
+
|
117 |
+
} else if ( isset($_POST['network-settings-save']) ) {
|
118 |
+
|
119 |
+
}
|
120 |
+
|
121 |
+
if ( $logout ) {
|
122 |
+
wp_logout();
|
123 |
+
}
|
124 |
+
|
125 |
+
if ( array_key_exists('ajax', $_POST) ) {
|
126 |
+
error_reporting(0);
|
127 |
+
while(@ob_end_clean());
|
128 |
+
if ( sizeof( $errors ) > 0 ) {
|
129 |
+
echo "<div class=\"error below-h2 fade wphttps-message\" id=\"message\">\n\t<ul>\n";
|
130 |
+
foreach ( $errors as $error ) {
|
131 |
+
echo "\t\t<li><p>".$error."</p></li>\n";
|
132 |
+
}
|
133 |
+
echo "\t</ul>\n</div>\n";
|
134 |
+
} else {
|
135 |
+
echo "<div class=\"updated below-h2 fade wphttps-message\" id=\"message\"><p>" . $message . "</p></div>\n";
|
136 |
+
if ( $logout || $reload ) {
|
137 |
+
echo "<script type=\"text/javascript\">window.location.reload();</script>";
|
138 |
+
}
|
139 |
+
}
|
140 |
+
exit();
|
141 |
+
}
|
142 |
+
}
|
143 |
+
|
144 |
+
}
|
lib/WordPressHTTPS/Module/Parser.php
CHANGED
@@ -7,7 +7,7 @@
|
|
7 |
*
|
8 |
*/
|
9 |
|
10 |
-
class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module
|
11 |
|
12 |
/**
|
13 |
* HTML
|
@@ -53,7 +53,7 @@ class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module implements Mvied_
|
|
53 |
$this->fixElements();
|
54 |
$this->fixCssElements();
|
55 |
$this->fixRelativeElements();
|
56 |
-
|
57 |
// Output logger contents to browsers console if in Debug Mode
|
58 |
if ( $this->getPlugin()->getSetting('debug') == true ) {
|
59 |
$this->consoleLog();
|
@@ -81,23 +81,35 @@ class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module implements Mvied_
|
|
81 |
*/
|
82 |
public function secureElement( $url, $type = '' ) {
|
83 |
$updated = false;
|
|
|
84 |
$upload_dir = wp_upload_dir();
|
85 |
$upload_path = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), $this->getPlugin()->getHttpUrl()->getPath(), parse_url($upload_dir['baseurl'], PHP_URL_PATH));
|
86 |
|
87 |
if ( ! is_admin() || ( is_admin() && strpos($url, $upload_path) === false ) ) {
|
88 |
$updated = $this->getPlugin()->makeUrlHttps($url);
|
89 |
-
|
|
|
|
|
|
|
|
|
90 |
}
|
91 |
-
|
92 |
// Add log entry if this change hasn't been logged
|
93 |
-
if ( $updated
|
94 |
$log = '[FIXED] Element: ' . ( $type != '' ? '<' . $type . '> ' : '' ) . $url . ' => ' . $updated;
|
95 |
-
|
96 |
-
|
|
|
|
|
|
|
|
|
|
|
97 |
}
|
98 |
if ( isset($log) && ! in_array($log, $this->getPlugin()->getLogger()->getLog()) ) {
|
99 |
$this->getPlugin()->getLogger()->log($log);
|
100 |
}
|
|
|
|
|
101 |
}
|
102 |
|
103 |
/**
|
@@ -133,22 +145,20 @@ class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module implements Mvied_
|
|
133 |
public function normalizeElements() {
|
134 |
$httpMatches = array();
|
135 |
$httpsMatches = array();
|
136 |
-
if ( $this->getPlugin()->getSetting('ssl_host_diff') && !is_admin()
|
137 |
$url = clone $this->getPlugin()->getHttpsUrl();
|
138 |
$url->setScheme('http');
|
139 |
-
preg_match_all('/(' . str_replace('/', '\/', preg_quote($url->toString())) . '[^\'"
|
140 |
|
141 |
-
|
142 |
-
|
143 |
-
|
144 |
-
preg_match_all('/(' . str_replace('/', '\/', preg_quote($url->toString())) . '[^\'"\)]*)[\'"]?/im', $this->_html, $httpMatches);
|
145 |
-
}
|
146 |
|
147 |
$matches = array_merge($httpMatches, $httpsMatches);
|
148 |
for ($i = 0; $i < sizeof($matches[0]); $i++) {
|
149 |
if ( isset($matches[1][$i]) ) {
|
150 |
$url_parts = parse_url($matches[1][$i]);
|
151 |
-
if ( $url_parts && strpos($url_parts['path'],
|
152 |
$this->_html = str_replace($url, $this->getPlugin()->makeUrlHttp($url), $this->_html);
|
153 |
}
|
154 |
}
|
@@ -164,9 +174,9 @@ class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module implements Mvied_
|
|
164 |
*/
|
165 |
public function fixElements() {
|
166 |
if ( is_admin() ) {
|
167 |
-
preg_match_all('/\<(script|link|img)[^>]+[\'"]((http|https):\/\/[^\'"
|
168 |
} else {
|
169 |
-
preg_match_all('/\<(script|link|img|input|embed|param)[^>]+[\'"]((http|https):\/\/[^\'"
|
170 |
}
|
171 |
|
172 |
for ($i = 0; $i < sizeof($matches[0]); $i++) {
|
@@ -176,7 +186,7 @@ class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module implements Mvied_
|
|
176 |
$scheme = $matches[3][$i];
|
177 |
$updated = false;
|
178 |
|
179 |
-
if ( $type == 'img' || $type == 'script' || $type == 'embed' ||
|
180 |
( $type == 'link' && ( strpos($html, 'stylesheet') !== false || strpos($html, 'pingback') !== false ) ) ||
|
181 |
( $type == 'form' && strpos($html, 'wp-pass.php') !== false ) ||
|
182 |
( $type == 'form' && strpos($html, 'commentform') !== false ) ||
|
@@ -184,7 +194,9 @@ class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module implements Mvied_
|
|
184 |
( $type == 'param' && strpos($html, 'movie') !== false )
|
185 |
) {
|
186 |
if ( $this->getPlugin()->isSsl() && ( $this->getPlugin()->getSetting('ssl_host_diff') || ( !$this->getPlugin()->getSetting('ssl_host_diff') && strpos($url, 'http://') === 0 ) ) ) {
|
187 |
-
|
|
|
|
|
188 |
} else if ( !$this->getPlugin()->isSsl() && strpos($url, 'https://') === 0 ) {
|
189 |
$this->unsecureElement($url, $type);
|
190 |
}
|
@@ -231,10 +243,12 @@ class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module implements Mvied_
|
|
231 |
( $type == 'input' && $attr == 'image' ) ||
|
232 |
( $type == 'input' && strpos($html, '_wp_http_referer') !== false )
|
233 |
) {
|
234 |
-
$
|
235 |
-
|
236 |
-
|
237 |
-
|
|
|
|
|
238 |
}
|
239 |
}
|
240 |
}
|
@@ -247,11 +261,11 @@ class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module implements Mvied_
|
|
247 |
* @return void
|
248 |
*/
|
249 |
public function fixExtensions() {
|
250 |
-
@preg_match_all('/(http|https):\/\/[^\'"\)\s]+[\'"\)]
|
251 |
-
for ($i = 0; $i < sizeof($matches[
|
252 |
-
$url = $matches[
|
253 |
$filename = basename($url);
|
254 |
-
$scheme = $matches[
|
255 |
|
256 |
foreach( $this->_extensions as $extension ) {
|
257 |
if ( $extension == 'js' ) {
|
@@ -261,7 +275,7 @@ class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module implements Mvied_
|
|
261 |
} else if ( in_array($extension, array('jpg', 'jpeg', 'png', 'gif')) ) {
|
262 |
$type = 'img';
|
263 |
} else {
|
264 |
-
|
265 |
}
|
266 |
|
267 |
if ( strpos($filename, '.' . $extension) !== false ) {
|
@@ -292,12 +306,16 @@ class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module implements Mvied_
|
|
292 |
$scheme = $matches[3][$i];
|
293 |
$updated = false;
|
294 |
|
|
|
|
|
|
|
|
|
295 |
$force_ssl = apply_filters('force_ssl', null, 0, $url );
|
296 |
|
297 |
if ( $force_ssl == true ) {
|
298 |
$updated = $this->getPlugin()->makeUrlHttps($url);
|
299 |
$this->_html = str_replace($html, str_replace($url, $updated, $html), $this->_html);
|
300 |
-
} else if (
|
301 |
$updated = $this->getPlugin()->makeUrlHttp($url);
|
302 |
$this->_html = str_replace($html, str_replace($url, $updated, $html), $this->_html);
|
303 |
}
|
7 |
*
|
8 |
*/
|
9 |
|
10 |
+
class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module {
|
11 |
|
12 |
/**
|
13 |
* HTML
|
53 |
$this->fixElements();
|
54 |
$this->fixCssElements();
|
55 |
$this->fixRelativeElements();
|
56 |
+
|
57 |
// Output logger contents to browsers console if in Debug Mode
|
58 |
if ( $this->getPlugin()->getSetting('debug') == true ) {
|
59 |
$this->consoleLog();
|
81 |
*/
|
82 |
public function secureElement( $url, $type = '' ) {
|
83 |
$updated = false;
|
84 |
+
$result = false;
|
85 |
$upload_dir = wp_upload_dir();
|
86 |
$upload_path = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), $this->getPlugin()->getHttpUrl()->getPath(), parse_url($upload_dir['baseurl'], PHP_URL_PATH));
|
87 |
|
88 |
if ( ! is_admin() || ( is_admin() && strpos($url, $upload_path) === false ) ) {
|
89 |
$updated = $this->getPlugin()->makeUrlHttps($url);
|
90 |
+
if ( $url != $updated ) {
|
91 |
+
$this->_html = str_replace($url, $updated, $this->_html);
|
92 |
+
} else {
|
93 |
+
$updated = false;
|
94 |
+
}
|
95 |
}
|
96 |
+
|
97 |
// Add log entry if this change hasn't been logged
|
98 |
+
if ( $updated ) {
|
99 |
$log = '[FIXED] Element: ' . ( $type != '' ? '<' . $type . '> ' : '' ) . $url . ' => ' . $updated;
|
100 |
+
$result = true;
|
101 |
+
} else if ( strpos($url, 'http://') === 0 ) {
|
102 |
+
if ( $this->getPlugin()->getSetting('remove_unsecure') ) {
|
103 |
+
$log = '[FIXED] Removed Unsecure Element: <' . $type . '> - ' . $url;
|
104 |
+
} else {
|
105 |
+
$log = '[WARNING] Unsecure Element: <' . $type . '> - ' . $url;
|
106 |
+
}
|
107 |
}
|
108 |
if ( isset($log) && ! in_array($log, $this->getPlugin()->getLogger()->getLog()) ) {
|
109 |
$this->getPlugin()->getLogger()->log($log);
|
110 |
}
|
111 |
+
|
112 |
+
return $result;
|
113 |
}
|
114 |
|
115 |
/**
|
145 |
public function normalizeElements() {
|
146 |
$httpMatches = array();
|
147 |
$httpsMatches = array();
|
148 |
+
if ( $this->getPlugin()->getSetting('ssl_host_diff') && !is_admin() ) {
|
149 |
$url = clone $this->getPlugin()->getHttpsUrl();
|
150 |
$url->setScheme('http');
|
151 |
+
preg_match_all('/(' . str_replace('/', '\/', preg_quote($url->toString())) . '[^\'"]*)[\'"]?/im', $this->_html, $httpsMatches);
|
152 |
|
153 |
+
$url = clone $this->getPlugin()->getHttpUrl();
|
154 |
+
$url->setScheme('https');
|
155 |
+
preg_match_all('/(' . str_replace('/', '\/', preg_quote($url->toString())) . '[^\'"]*)[\'"]?/im', $this->_html, $httpMatches);
|
|
|
|
|
156 |
|
157 |
$matches = array_merge($httpMatches, $httpsMatches);
|
158 |
for ($i = 0; $i < sizeof($matches[0]); $i++) {
|
159 |
if ( isset($matches[1][$i]) ) {
|
160 |
$url_parts = parse_url($matches[1][$i]);
|
161 |
+
if ( $url_parts && strpos($url_parts['path'], 'wp-admin') === false && strpos($url_parts['path'], 'wp-login') === false ) {
|
162 |
$this->_html = str_replace($url, $this->getPlugin()->makeUrlHttp($url), $this->_html);
|
163 |
}
|
164 |
}
|
174 |
*/
|
175 |
public function fixElements() {
|
176 |
if ( is_admin() ) {
|
177 |
+
preg_match_all('/\<(script|link|img)[^>]+[\'"]((http|https):\/\/[^\'"]+)[\'"][^>]*>(<\/(script|link|img|input|embed|param|iframe)>\s*)?/im', $this->_html, $matches);
|
178 |
} else {
|
179 |
+
preg_match_all('/\<(script|link|img|input|embed|param|iframe)[^>]+[\'"]((http|https):\/\/[^\'"]+)[\'"][^>]*>(<\/(script|link|img|input|embed|param|iframe)>\s*)?/im', $this->_html, $matches);
|
180 |
}
|
181 |
|
182 |
for ($i = 0; $i < sizeof($matches[0]); $i++) {
|
186 |
$scheme = $matches[3][$i];
|
187 |
$updated = false;
|
188 |
|
189 |
+
if ( $type == 'img' || $type == 'script' || $type == 'embed' || $type == 'iframe' ||
|
190 |
( $type == 'link' && ( strpos($html, 'stylesheet') !== false || strpos($html, 'pingback') !== false ) ) ||
|
191 |
( $type == 'form' && strpos($html, 'wp-pass.php') !== false ) ||
|
192 |
( $type == 'form' && strpos($html, 'commentform') !== false ) ||
|
194 |
( $type == 'param' && strpos($html, 'movie') !== false )
|
195 |
) {
|
196 |
if ( $this->getPlugin()->isSsl() && ( $this->getPlugin()->getSetting('ssl_host_diff') || ( !$this->getPlugin()->getSetting('ssl_host_diff') && strpos($url, 'http://') === 0 ) ) ) {
|
197 |
+
if ( !$this->secureElement($url, $type) && $this->getPlugin()->getSetting('remove_unsecure') ) {
|
198 |
+
$this->_html = str_replace($html, '', $this->_html);
|
199 |
+
}
|
200 |
} else if ( !$this->getPlugin()->isSsl() && strpos($url, 'https://') === 0 ) {
|
201 |
$this->unsecureElement($url, $type);
|
202 |
}
|
243 |
( $type == 'input' && $attr == 'image' ) ||
|
244 |
( $type == 'input' && strpos($html, '_wp_http_referer') !== false )
|
245 |
) {
|
246 |
+
if ( strpos($url_path, '//') !== 0 ) {
|
247 |
+
$updated = clone $this->getPlugin()->getHttpsUrl();
|
248 |
+
$updated->setPath($url_path);
|
249 |
+
$this->_html = str_replace($html, str_replace($url_path, $updated, $html), $this->_html);
|
250 |
+
$this->getPlugin()->getLogger()->log('[FIXED] Element: <' . $type . '> - ' . $url_path . ' => ' . $updated);
|
251 |
+
}
|
252 |
}
|
253 |
}
|
254 |
}
|
261 |
* @return void
|
262 |
*/
|
263 |
public function fixExtensions() {
|
264 |
+
@preg_match_all('/((http|https):\/\/[^\'"\)\s]+)[\'"\)]?/i', $this->_html, $matches);
|
265 |
+
for ($i = 0; $i < sizeof($matches[1]); $i++) {
|
266 |
+
$url = $matches[1][$i];
|
267 |
$filename = basename($url);
|
268 |
+
$scheme = $matches[2][$i];
|
269 |
|
270 |
foreach( $this->_extensions as $extension ) {
|
271 |
if ( $extension == 'js' ) {
|
275 |
} else if ( in_array($extension, array('jpg', 'jpeg', 'png', 'gif')) ) {
|
276 |
$type = 'img';
|
277 |
} else {
|
278 |
+
continue;
|
279 |
}
|
280 |
|
281 |
if ( strpos($filename, '.' . $extension) !== false ) {
|
306 |
$scheme = $matches[3][$i];
|
307 |
$updated = false;
|
308 |
|
309 |
+
if ( !$this->getPlugin()->isUrlLocal($url) ) {
|
310 |
+
continue;
|
311 |
+
}
|
312 |
+
|
313 |
$force_ssl = apply_filters('force_ssl', null, 0, $url );
|
314 |
|
315 |
if ( $force_ssl == true ) {
|
316 |
$updated = $this->getPlugin()->makeUrlHttps($url);
|
317 |
$this->_html = str_replace($html, str_replace($url, $updated, $html), $this->_html);
|
318 |
+
} else if ( !is_null($force_ssl) && !$force_ssl ) {
|
319 |
$updated = $this->getPlugin()->makeUrlHttp($url);
|
320 |
$this->_html = str_replace($html, str_replace($url, $updated, $html), $this->_html);
|
321 |
}
|
lib/WordPressHTTPS/Module/{Admin/Post.php → Post.php}
RENAMED
@@ -1,6 +1,6 @@
|
|
1 |
<?php
|
2 |
/**
|
3 |
-
*
|
4 |
*
|
5 |
* Adds settings to the edit post screen.
|
6 |
*
|
@@ -9,7 +9,7 @@
|
|
9 |
*
|
10 |
*/
|
11 |
|
12 |
-
class
|
13 |
|
14 |
/**
|
15 |
* Initialize Module
|
1 |
<?php
|
2 |
/**
|
3 |
+
* Post Module
|
4 |
*
|
5 |
* Adds settings to the edit post screen.
|
6 |
*
|
9 |
*
|
10 |
*/
|
11 |
|
12 |
+
class WordPressHTTPS_Module_Post extends Mvied_Plugin_Module {
|
13 |
|
14 |
/**
|
15 |
* Initialize Module
|
lib/WordPressHTTPS/Module/{Admin/Settings.php → Settings.php}
RENAMED
@@ -9,7 +9,7 @@
|
|
9 |
*
|
10 |
*/
|
11 |
|
12 |
-
class
|
13 |
|
14 |
/**
|
15 |
* Initialize Module
|
@@ -19,16 +19,34 @@ class WordPressHTTPS_Module_Admin_Settings extends Mvied_Plugin_Module implement
|
|
19 |
*/
|
20 |
public function init() {
|
21 |
if ( is_admin() && isset($_GET['page']) && strpos($_GET['page'], $this->getPlugin()->getSlug()) !== false ) {
|
22 |
-
if ( $_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['action']) && $_POST['action'] == '
|
23 |
add_action('plugins_loaded', array(&$this, 'save'), 1);
|
24 |
}
|
25 |
-
|
|
|
26 |
add_action('admin_init', array(&$this, 'add_meta_boxes'));
|
27 |
|
28 |
// Add scripts
|
29 |
-
add_action('admin_enqueue_scripts', array(&$this, '
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
30 |
}
|
31 |
-
|
32 |
}
|
33 |
|
34 |
/**
|
@@ -44,26 +62,26 @@ class WordPressHTTPS_Module_Admin_Settings extends Mvied_Plugin_Module implement
|
|
44 |
array($this->getPlugin()->getModule('Admin'), 'meta_box_render'),
|
45 |
'toplevel_page_' . $this->getPlugin()->getSlug(),
|
46 |
'main',
|
47 |
-
'
|
48 |
array( 'metabox' => 'settings' )
|
49 |
);
|
50 |
add_meta_box(
|
51 |
-
$this->getPlugin()->getSlug() . '
|
52 |
-
__( '
|
53 |
array($this->getPlugin()->getModule('Admin'), 'meta_box_render'),
|
54 |
'toplevel_page_' . $this->getPlugin()->getSlug(),
|
55 |
-
'
|
56 |
-
'
|
57 |
-
array( 'metabox' => '
|
58 |
);
|
59 |
add_meta_box(
|
60 |
-
$this->getPlugin()->getSlug() . '
|
61 |
-
__( '
|
62 |
array($this->getPlugin()->getModule('Admin'), 'meta_box_render'),
|
63 |
'toplevel_page_' . $this->getPlugin()->getSlug(),
|
64 |
'side',
|
65 |
-
'
|
66 |
-
array( 'metabox' => 'ajax', 'url' => 'http://wordpresshttps.com/client/
|
67 |
);
|
68 |
add_meta_box(
|
69 |
$this->getPlugin()->getSlug() . '_rate',
|
@@ -83,22 +101,13 @@ class WordPressHTTPS_Module_Admin_Settings extends Mvied_Plugin_Module implement
|
|
83 |
'core',
|
84 |
array( 'metabox' => 'ajax', 'url' => 'http://wordpresshttps.com/client/donate.php' )
|
85 |
);
|
86 |
-
add_meta_box(
|
87 |
-
$this->getPlugin()->getSlug() . '_support',
|
88 |
-
__( 'Support', $this->getPlugin()->getSlug() ),
|
89 |
-
array($this->getPlugin()->getModule('Admin'), 'meta_box_render'),
|
90 |
-
'toplevel_page_' . $this->getPlugin()->getSlug(),
|
91 |
-
'side',
|
92 |
-
'core',
|
93 |
-
array( 'metabox' => 'ajax', 'url' => 'http://wordpresshttps.com/client/support.php' )
|
94 |
-
);
|
95 |
add_meta_box(
|
96 |
$this->getPlugin()->getSlug() . '_donate2',
|
97 |
__( 'Loading...', $this->getPlugin()->getSlug() ),
|
98 |
array($this->getPlugin()->getModule('Admin'), 'meta_box_render'),
|
99 |
'toplevel_page_' . $this->getPlugin()->getSlug(),
|
100 |
'main',
|
101 |
-
'
|
102 |
array( 'metabox' => 'ajax', 'url' => 'http://wordpresshttps.com/client/donate2.php' )
|
103 |
);
|
104 |
}
|
@@ -124,8 +133,8 @@ class WordPressHTTPS_Module_Admin_Settings extends Mvied_Plugin_Module implement
|
|
124 |
* @param none
|
125 |
* @return void
|
126 |
*/
|
127 |
-
public function
|
128 |
-
wp_enqueue_style($this->getPlugin()->getSlug() . '-admin-page', $this->getPlugin()->getPluginUrl() . '/admin/css/settings.css', $this->getPlugin()->getVersion()
|
129 |
wp_enqueue_script('jquery-form');
|
130 |
wp_enqueue_script('post');
|
131 |
|
@@ -141,7 +150,7 @@ class WordPressHTTPS_Module_Admin_Settings extends Mvied_Plugin_Module implement
|
|
141 |
* @return void
|
142 |
*/
|
143 |
public function render() {
|
144 |
-
require_once('admin/templates/settings.php');
|
145 |
}
|
146 |
|
147 |
/**
|
@@ -151,16 +160,15 @@ class WordPressHTTPS_Module_Admin_Settings extends Mvied_Plugin_Module implement
|
|
151 |
* @return void
|
152 |
*/
|
153 |
public function save() {
|
|
|
|
|
|
|
|
|
|
|
154 |
$errors = array();
|
155 |
$reload = false;
|
156 |
$logout = false;
|
157 |
-
if ( isset($_POST['settings-
|
158 |
-
foreach ($this->getPlugin()->getSettings() as $key => $default) {
|
159 |
-
$this->getPlugin()->setSetting($key, $default);
|
160 |
-
}
|
161 |
-
$this->getPlugin()->install();
|
162 |
-
$reload = true;
|
163 |
-
} else if ( isset($_POST['settings-save']) ) {
|
164 |
foreach ($this->getPlugin()->getSettings() as $key => $default) {
|
165 |
if ( !array_key_exists($key, $_POST) && $default == 0 ) {
|
166 |
$_POST[$key] = 0;
|
@@ -173,6 +181,7 @@ class WordPressHTTPS_Module_Admin_Settings extends Mvied_Plugin_Module implement
|
|
173 |
if ( strpos($_POST[$key], 'http://') === false && strpos($_POST[$key], 'https://') === false ) {
|
174 |
$_POST[$key] = 'https://' . $_POST[$key];
|
175 |
}
|
|
|
176 |
$ssl_host = WordPressHTTPS_Url::fromString($_POST[$key]);
|
177 |
|
178 |
// Add Port
|
@@ -194,7 +203,7 @@ class WordPressHTTPS_Module_Admin_Settings extends Mvied_Plugin_Module implement
|
|
194 |
if ( $this->getPlugin()->isSsl() ) {
|
195 |
$logout = true;
|
196 |
}
|
197 |
-
$_POST[$key] = $ssl_host->setPort('');
|
198 |
/*} else {
|
199 |
$errors[] = '<strong>SSL Host</strong> - Invalid WordPress installation at ' . $ssl_host;
|
200 |
$_POST[$key] = get_option($key);
|
@@ -211,9 +220,8 @@ class WordPressHTTPS_Module_Admin_Settings extends Mvied_Plugin_Module implement
|
|
211 |
$reload = true;
|
212 |
}
|
213 |
} else if ( $key == 'ssl_admin' ) {
|
214 |
-
if ( force_ssl_admin()
|
215 |
-
$errors[] = '<strong>SSL Admin</strong> - FORCE_SSL_ADMIN
|
216 |
-
$_POST[$key] = 0;
|
217 |
// If forcing SSL Admin and currently not SSL, logout user
|
218 |
} else if ( $_POST[$key] == 1 && !$this->getPlugin()->isSsl() ) {
|
219 |
$logout = true;
|
@@ -233,12 +241,11 @@ class WordPressHTTPS_Module_Admin_Settings extends Mvied_Plugin_Module implement
|
|
233 |
$this->getPlugin()->setSetting($key, $_POST[$key]);
|
234 |
}
|
235 |
}
|
236 |
-
} else if ( isset($_POST['
|
237 |
-
$
|
238 |
-
|
239 |
-
|
240 |
-
|
241 |
-
$this->getPlugin()->setSetting('secure_filter', array());
|
242 |
$reload = true;
|
243 |
}
|
244 |
|
@@ -246,23 +253,7 @@ class WordPressHTTPS_Module_Admin_Settings extends Mvied_Plugin_Module implement
|
|
246 |
wp_logout();
|
247 |
}
|
248 |
|
249 |
-
|
250 |
-
error_reporting(0);
|
251 |
-
while(@ob_end_clean());
|
252 |
-
if ( sizeof( $errors ) > 0 ) {
|
253 |
-
echo "<div class=\"error below-h2 fade wphttps-message\" id=\"message\">\n\t<ul>\n";
|
254 |
-
foreach ( $errors as $error ) {
|
255 |
-
echo "\t\t<li><p>".$error."</p></li>\n";
|
256 |
-
}
|
257 |
-
echo "\t</ul>\n</div>\n";
|
258 |
-
} else {
|
259 |
-
echo "<div class=\"updated below-h2 fade wphttps-message\" id=\"message\"><p>Settings saved.</p></div>\n";
|
260 |
-
if ( $logout || $reload ) {
|
261 |
-
echo "<script type=\"text/javascript\">window.location.reload();</script>";
|
262 |
-
}
|
263 |
-
}
|
264 |
-
exit();
|
265 |
-
}
|
266 |
}
|
267 |
|
268 |
}
|
9 |
*
|
10 |
*/
|
11 |
|
12 |
+
class WordPressHTTPS_Module_Settings extends Mvied_Plugin_Module {
|
13 |
|
14 |
/**
|
15 |
* Initialize Module
|
19 |
*/
|
20 |
public function init() {
|
21 |
if ( is_admin() && isset($_GET['page']) && strpos($_GET['page'], $this->getPlugin()->getSlug()) !== false ) {
|
22 |
+
if ( $_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['action']) && $_POST['action'] == 'wphttps-settings' ) {
|
23 |
add_action('plugins_loaded', array(&$this, 'save'), 1);
|
24 |
}
|
25 |
+
|
26 |
+
// Add meta boxes
|
27 |
add_action('admin_init', array(&$this, 'add_meta_boxes'));
|
28 |
|
29 |
// Add scripts
|
30 |
+
add_action('admin_enqueue_scripts', array(&$this, 'admin_enqueue_scripts'));
|
31 |
+
}
|
32 |
+
|
33 |
+
// Add admin menus
|
34 |
+
add_action('admin_menu', array(&$this, 'admin_menu'));
|
35 |
+
}
|
36 |
+
|
37 |
+
/**
|
38 |
+
* Admin panel menu option
|
39 |
+
* WordPress Hook - admin_menu
|
40 |
+
*
|
41 |
+
* @param none
|
42 |
+
* @return void
|
43 |
+
*/
|
44 |
+
public function admin_menu() {
|
45 |
+
if ( $this->getPlugin()->getSetting('admin_menu') === 'side' ) {
|
46 |
+
add_menu_page('HTTPS', 'HTTPS', 'manage_options', $this->getPlugin()->getSlug(), array($this->getPlugin()->getModule('Settings'), 'dispatch'), '', 88);
|
47 |
+
} else {
|
48 |
+
add_options_page('HTTPS', 'HTTPS', 'manage_options', $this->getPlugin()->getSlug(), array($this->getPlugin()->getModule('Settings'), 'dispatch'));
|
49 |
}
|
|
|
50 |
}
|
51 |
|
52 |
/**
|
62 |
array($this->getPlugin()->getModule('Admin'), 'meta_box_render'),
|
63 |
'toplevel_page_' . $this->getPlugin()->getSlug(),
|
64 |
'main',
|
65 |
+
'high',
|
66 |
array( 'metabox' => 'settings' )
|
67 |
);
|
68 |
add_meta_box(
|
69 |
+
$this->getPlugin()->getSlug() . '_updates',
|
70 |
+
__( 'Developer Updates', $this->getPlugin()->getSlug() ),
|
71 |
array($this->getPlugin()->getModule('Admin'), 'meta_box_render'),
|
72 |
'toplevel_page_' . $this->getPlugin()->getSlug(),
|
73 |
+
'side',
|
74 |
+
'high',
|
75 |
+
array( 'metabox' => 'ajax', 'url' => 'http://wordpresshttps.com/client/updates.php' )
|
76 |
);
|
77 |
add_meta_box(
|
78 |
+
$this->getPlugin()->getSlug() . '_support',
|
79 |
+
__( 'Support', $this->getPlugin()->getSlug() ),
|
80 |
array($this->getPlugin()->getModule('Admin'), 'meta_box_render'),
|
81 |
'toplevel_page_' . $this->getPlugin()->getSlug(),
|
82 |
'side',
|
83 |
+
'high',
|
84 |
+
array( 'metabox' => 'ajax', 'url' => 'http://wordpresshttps.com/client/support.php' )
|
85 |
);
|
86 |
add_meta_box(
|
87 |
$this->getPlugin()->getSlug() . '_rate',
|
101 |
'core',
|
102 |
array( 'metabox' => 'ajax', 'url' => 'http://wordpresshttps.com/client/donate.php' )
|
103 |
);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
104 |
add_meta_box(
|
105 |
$this->getPlugin()->getSlug() . '_donate2',
|
106 |
__( 'Loading...', $this->getPlugin()->getSlug() ),
|
107 |
array($this->getPlugin()->getModule('Admin'), 'meta_box_render'),
|
108 |
'toplevel_page_' . $this->getPlugin()->getSlug(),
|
109 |
'main',
|
110 |
+
'low',
|
111 |
array( 'metabox' => 'ajax', 'url' => 'http://wordpresshttps.com/client/donate2.php' )
|
112 |
);
|
113 |
}
|
133 |
* @param none
|
134 |
* @return void
|
135 |
*/
|
136 |
+
public function admin_enqueue_scripts() {
|
137 |
+
wp_enqueue_style($this->getPlugin()->getSlug() . '-admin-page', $this->getPlugin()->getPluginUrl() . '/admin/css/settings.css', array(), $this->getPlugin()->getVersion());
|
138 |
wp_enqueue_script('jquery-form');
|
139 |
wp_enqueue_script('post');
|
140 |
|
150 |
* @return void
|
151 |
*/
|
152 |
public function render() {
|
153 |
+
require_once($this->getPlugin()->getDirectory() . '/admin/templates/settings.php');
|
154 |
}
|
155 |
|
156 |
/**
|
160 |
* @return void
|
161 |
*/
|
162 |
public function save() {
|
163 |
+
if ( !wp_verify_nonce($_POST['_wpnonce'], $this->getPlugin()->getSlug() . '-options') ) {
|
164 |
+
return false;
|
165 |
+
}
|
166 |
+
|
167 |
+
$message = "Settings saved.";
|
168 |
$errors = array();
|
169 |
$reload = false;
|
170 |
$logout = false;
|
171 |
+
if ( isset($_POST['settings-save']) ) {
|
|
|
|
|
|
|
|
|
|
|
|
|
172 |
foreach ($this->getPlugin()->getSettings() as $key => $default) {
|
173 |
if ( !array_key_exists($key, $_POST) && $default == 0 ) {
|
174 |
$_POST[$key] = 0;
|
181 |
if ( strpos($_POST[$key], 'http://') === false && strpos($_POST[$key], 'https://') === false ) {
|
182 |
$_POST[$key] = 'https://' . $_POST[$key];
|
183 |
}
|
184 |
+
|
185 |
$ssl_host = WordPressHTTPS_Url::fromString($_POST[$key]);
|
186 |
|
187 |
// Add Port
|
203 |
if ( $this->getPlugin()->isSsl() ) {
|
204 |
$logout = true;
|
205 |
}
|
206 |
+
$_POST[$key] = $ssl_host->setPort('')->toString();
|
207 |
/*} else {
|
208 |
$errors[] = '<strong>SSL Host</strong> - Invalid WordPress installation at ' . $ssl_host;
|
209 |
$_POST[$key] = get_option($key);
|
220 |
$reload = true;
|
221 |
}
|
222 |
} else if ( $key == 'ssl_admin' ) {
|
223 |
+
if ( force_ssl_admin() && $this->getPlugin()->getSetting('ssl_host_diff') ) {
|
224 |
+
$errors[] = '<strong>SSL Admin</strong> - FORCE_SSL_ADMIN should not be set to true in your wp-config.php while using a non-default SSL Host.';
|
|
|
225 |
// If forcing SSL Admin and currently not SSL, logout user
|
226 |
} else if ( $_POST[$key] == 1 && !$this->getPlugin()->isSsl() ) {
|
227 |
$logout = true;
|
241 |
$this->getPlugin()->setSetting($key, $_POST[$key]);
|
242 |
}
|
243 |
}
|
244 |
+
} else if ( isset($_POST['settings-reset']) ) {
|
245 |
+
foreach ($this->getPlugin()->getSettings() as $key => $default) {
|
246 |
+
$this->getPlugin()->setSetting($key, $default);
|
247 |
+
}
|
248 |
+
$this->getPlugin()->install();
|
|
|
249 |
$reload = true;
|
250 |
}
|
251 |
|
253 |
wp_logout();
|
254 |
}
|
255 |
|
256 |
+
require_once($this->getPlugin()->getDirectory() . '/admin/templates/ajax_message.php');
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
257 |
}
|
258 |
|
259 |
}
|
lib/WordPressHTTPS/Module/UrlFilters.php
ADDED
@@ -0,0 +1,103 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* Admin Url Filters Module
|
4 |
+
*
|
5 |
+
* Adds the settings page.
|
6 |
+
*
|
7 |
+
* @author Mike Ems
|
8 |
+
* @package WordPressHTTPS
|
9 |
+
*
|
10 |
+
*/
|
11 |
+
|
12 |
+
class WordPressHTTPS_Module_UrlFilters extends Mvied_Plugin_Module {
|
13 |
+
|
14 |
+
/**
|
15 |
+
* Initialize Module
|
16 |
+
*
|
17 |
+
* @param none
|
18 |
+
* @return void
|
19 |
+
*/
|
20 |
+
public function init() {
|
21 |
+
if ( is_admin() && isset($_GET['page']) && strpos($_GET['page'], $this->getPlugin()->getSlug()) !== false ) {
|
22 |
+
if ( $_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['action']) && $_POST['action'] == 'wphttps-filters' ) {
|
23 |
+
add_action('plugins_loaded', array(&$this, 'save'), 1);
|
24 |
+
}
|
25 |
+
|
26 |
+
// Add meta boxes
|
27 |
+
add_action('admin_init', array(&$this, 'add_meta_boxes'));
|
28 |
+
}
|
29 |
+
|
30 |
+
add_filter('force_ssl', array(&$this, 'secure_filter_url'), 10, 3);
|
31 |
+
}
|
32 |
+
|
33 |
+
/**
|
34 |
+
* Secure Filter URL
|
35 |
+
* WordPress HTTPS Filter - force_ssl
|
36 |
+
*
|
37 |
+
* @param boolean $force_ssl
|
38 |
+
* @param int $post_id
|
39 |
+
* @param string $url
|
40 |
+
* @return boolean $force_ssl
|
41 |
+
*/
|
42 |
+
public function secure_filter_url( $force_ssl, $post_id = 0, $url = '' ) {
|
43 |
+
// Check secure filters
|
44 |
+
if ( is_null($force_ssl) && sizeof((array)$this->getPlugin()->getSetting('secure_filter')) > 0 ) {
|
45 |
+
foreach( $this->getPlugin()->getSetting('secure_filter') as $filter ) {
|
46 |
+
if ( preg_match('/' . str_replace('/', '\/', $filter) . '/', $url) === 1 ) {
|
47 |
+
$force_ssl = true;
|
48 |
+
}
|
49 |
+
}
|
50 |
+
}
|
51 |
+
return $force_ssl;
|
52 |
+
}
|
53 |
+
|
54 |
+
/**
|
55 |
+
* Add meta boxes to WordPress HTTPS Settings page.
|
56 |
+
*
|
57 |
+
* @param none
|
58 |
+
* @return void
|
59 |
+
*/
|
60 |
+
public function add_meta_boxes() {
|
61 |
+
add_meta_box(
|
62 |
+
$this->getPlugin()->getSlug() . '_filters',
|
63 |
+
__( 'URL Filters', $this->getPlugin()->getSlug() ),
|
64 |
+
array($this->getPlugin()->getModule('Admin'), 'meta_box_render'),
|
65 |
+
'toplevel_page_' . $this->getPlugin()->getSlug(),
|
66 |
+
'main',
|
67 |
+
'default',
|
68 |
+
array( 'metabox' => 'filters' )
|
69 |
+
);
|
70 |
+
}
|
71 |
+
|
72 |
+
/**
|
73 |
+
* Save Url Filters
|
74 |
+
*
|
75 |
+
* @param array $settings
|
76 |
+
* @return void
|
77 |
+
*/
|
78 |
+
public function save() {
|
79 |
+
if ( !wp_verify_nonce($_POST['_wpnonce'], $this->getPlugin()->getSlug() . '-options') ) {
|
80 |
+
return false;
|
81 |
+
}
|
82 |
+
|
83 |
+
$message = "URL Filters saved.";
|
84 |
+
$errors = array();
|
85 |
+
$reload = false;
|
86 |
+
$logout = false;
|
87 |
+
if ( isset($_POST['filters-save']) ) {
|
88 |
+
$filters = array_map('trim', explode("\n", $_POST['secure_filter']));
|
89 |
+
$filters = array_filter($filters); // Removes blank array items
|
90 |
+
$this->getPlugin()->setSetting('secure_filter', $filters);
|
91 |
+
} else if ( isset($_POST['filters-reset']) ) {
|
92 |
+
$this->getPlugin()->setSetting('secure_filter', array());
|
93 |
+
$reload = true;
|
94 |
+
}
|
95 |
+
|
96 |
+
if ( $logout ) {
|
97 |
+
wp_logout();
|
98 |
+
}
|
99 |
+
|
100 |
+
require_once($this->getPlugin()->getDirectory() . '/admin/templates/ajax_message.php');
|
101 |
+
}
|
102 |
+
|
103 |
+
}
|
lib/WordPressHTTPS/Url.php
CHANGED
@@ -376,7 +376,7 @@ class WordPressHTTPS_Url {
|
|
376 |
if ( function_exists('curl_init') ) {
|
377 |
$ch = curl_init();
|
378 |
|
379 |
-
curl_setopt($ch, CURLOPT_URL,
|
380 |
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);
|
381 |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $verify_ssl);
|
382 |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
@@ -413,7 +413,7 @@ class WordPressHTTPS_Url {
|
|
413 |
if ( function_exists('curl_init') ) {
|
414 |
$ch = curl_init();
|
415 |
|
416 |
-
curl_setopt($ch, CURLOPT_URL,
|
417 |
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);
|
418 |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $verify_ssl);
|
419 |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
@@ -479,7 +479,7 @@ class WordPressHTTPS_Url {
|
|
479 |
public static function fromString( $string ) {
|
480 |
$url = new WordPressHTTPS_Url;
|
481 |
|
482 |
-
@preg_match_all('/((http|https):\/\/[^\'"]+[\'"]
|
483 |
if ( isset($url_parts[1][0]) ) {
|
484 |
if ( $url_parts = parse_url( $url_parts[1][0] ) ) {
|
485 |
foreach( $url_parts as $key => $value ) {
|
376 |
if ( function_exists('curl_init') ) {
|
377 |
$ch = curl_init();
|
378 |
|
379 |
+
curl_setopt($ch, CURLOPT_URL, $this->toString());
|
380 |
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);
|
381 |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $verify_ssl);
|
382 |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
413 |
if ( function_exists('curl_init') ) {
|
414 |
$ch = curl_init();
|
415 |
|
416 |
+
curl_setopt($ch, CURLOPT_URL, $this->toString());
|
417 |
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);
|
418 |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $verify_ssl);
|
419 |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
479 |
public static function fromString( $string ) {
|
480 |
$url = new WordPressHTTPS_Url;
|
481 |
|
482 |
+
@preg_match_all('/((http|https):\/\/[^\'"]+)[\'"\)]?/i', $string, $url_parts);
|
483 |
if ( isset($url_parts[1][0]) ) {
|
484 |
if ( $url_parts = parse_url( $url_parts[1][0] ) ) {
|
485 |
foreach( $url_parts as $key => $value ) {
|
readme.txt
CHANGED
@@ -4,7 +4,8 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_i
|
|
4 |
Tags: security, encryption, ssl, shared ssl, private ssl, public ssl, private ssl, http, https
|
5 |
Requires at least: 3.0
|
6 |
Tested up to: 3.4
|
7 |
-
Stable tag: 3.
|
|
|
8 |
|
9 |
WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
|
10 |
|
@@ -16,19 +17,6 @@ If you're having partially encrypted/mixed content errors or other problems, ple
|
|
16 |
1. Activate the plugin through the 'Plugins' menu in WordPress.
|
17 |
|
18 |
== Frequently Asked Questions ==
|
19 |
-
= I can't get into my admin panel after updating. How do I fix it? =
|
20 |
-
Go to /wp-content/plugins/wordpress-https/wordpress-https.php and uncomment (remove the two forward slashes before) the line below, or go to your wp-config.php file and add this line. Hit any page on your site, and then remove it or comment it out again.
|
21 |
-
`define('WPHTTPS_RESET', true);`
|
22 |
-
|
23 |
-
= How do I make my whole website secure? =
|
24 |
-
To make your entire website secure, you simply need to change your site url to use HTTPS instead of HTTP. Please read <a href="http://codex.wordpress.org/Changing_The_Site_URL" target="_blank">how to change the site url</a>.
|
25 |
-
|
26 |
-
= How do I make only certain pages secure? =
|
27 |
-
The plugin adds a meta box to the add/edit post screen entitled HTTPS. In that meta box, a checkbox for 'Secure Post' has been added to make this process easy. See Screenshots if you're having a hard time finding it.
|
28 |
-
|
29 |
-
= I'm getting 404 errors on all of my pages. Why? =
|
30 |
-
If you're using a public/shared SSL, try disabling your custom permalink structure. Some public/shared SSL's have issues with WordPress' permalinks because of the way they are configured. If you continue to recieve 404 errors, there is no way to use WordPress with that particular public/shared SSL with WordPress.
|
31 |
-
|
32 |
= How do I fix partially encrypted/mixed content errors? =
|
33 |
To identify what is causing your page(s) to be insecure, please follow the instructions below.
|
34 |
<ol>
|
@@ -39,19 +27,38 @@ To identify what is causing your page(s) to be insecure, please follow the instr
|
|
39 |
</ol>
|
40 |
For each item that is making your page partially encrypted, you should see an entry in the console similar to "The page at https://www.example.com/ displayed insecure content from http://www.example.com/." Note that the URL that is loading insecure content is HTTP and not HTTPS.
|
41 |
|
42 |
-
|
43 |
<ul>
|
44 |
-
<li>
|
45 |
-
<li>
|
46 |
-
<li>YouTube videos - YouTube allows videos to use HTTPS. <a href="http://support.google.com/youtube/bin/answer.py?hl=en&answer=171780&expand=UseHTTPS">How to embed a YouTube video</a>.</li>
|
47 |
-
<li>Google Maps - Using Google Maps API V3, you can use HTTPS. Using V2, HTTPS requires a Google Maps API Premiere account. (<a href="http://code.google.com/apis/maps/faq.html#ssl" target="_blank">source</a>)</li>
|
48 |
</ul>
|
49 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
50 |
= Is there a hook or filter to force pages to be secure? =
|
51 |
Yes! Here is an example of how to use the 'force_ssl' filter to force a page to be secure.
|
52 |
`function custom_force_ssl( $force_ssl, $post_id = 0, $url = '' ) {
|
53 |
if ( $post_id == 5 ) {
|
54 |
-
|
55 |
}
|
56 |
return $force_ssl;
|
57 |
}
|
@@ -72,10 +79,17 @@ add_filter('force_ssl', 'store_force_ssl', 10, 3);`
|
|
72 |
1. WordPress HTTPS Settings screen
|
73 |
2. Force SSL checkbox added to add/edit posts screen
|
74 |
|
75 |
-
== To Do ==
|
76 |
-
* SSL Domain Mapping
|
77 |
-
|
78 |
== Changelog ==
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
79 |
= 3.1.2 =
|
80 |
* Bug Fix - Redirects should no longer remove URL parameters.
|
81 |
* Bug Fix - Removed loginout filter that was changing links to plain text.
|
@@ -233,17 +247,5 @@ add_filter('force_ssl', 'store_force_ssl', 10, 3);`
|
|
233 |
* Initial Release.
|
234 |
|
235 |
== Upgrade Notice ==
|
236 |
-
=
|
237 |
-
|
238 |
-
= 1.6.1 =
|
239 |
-
Version 1.6.1 fixes a bug with using a static page for the posts page.
|
240 |
-
= 1.0.1 =
|
241 |
-
Version 1.0.1 fixes a bug in 1.0 that made it to release. Apologies!
|
242 |
-
= 1.0 =
|
243 |
-
Version 1.0 gives you the ability to disable WordPress 3.0+ from changing all of your page, category and post links to HTTPS.
|
244 |
-
= 0.5.1 =
|
245 |
-
Fixes `PHP Warning: Invalid argument supplied for foreach()` error.
|
246 |
-
= 0.3 =
|
247 |
-
Version 0.3 gives you the option to change external elements to HTTPS if the external server allows the elements to be accessed via HTTPS.
|
248 |
-
= 0.2 =
|
249 |
-
Version 0.1 did not correctly detect HTTPS on IIS and possibly other servers. Please update to version 0.2 to fix this issue.
|
4 |
Tags: security, encryption, ssl, shared ssl, private ssl, public ssl, private ssl, http, https
|
5 |
Requires at least: 3.0
|
6 |
Tested up to: 3.4
|
7 |
+
Stable tag: 3.2
|
8 |
+
License: GPLv3
|
9 |
|
10 |
WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
|
11 |
|
17 |
1. Activate the plugin through the 'Plugins' menu in WordPress.
|
18 |
|
19 |
== Frequently Asked Questions ==
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
20 |
= How do I fix partially encrypted/mixed content errors? =
|
21 |
To identify what is causing your page(s) to be insecure, please follow the instructions below.
|
22 |
<ol>
|
27 |
</ol>
|
28 |
For each item that is making your page partially encrypted, you should see an entry in the console similar to "The page at https://www.example.com/ displayed insecure content from http://www.example.com/." Note that the URL that is loading insecure content is HTTP and not HTTPS.
|
29 |
|
30 |
+
Once you have identified the insecure elements, you need to figure out what theme or plugin is causing these elements to be loaded. Although WordPress HTTPS does its best to fix all insecure content, there are a few cases that are impossible to fix. Here are some typical examples.
|
31 |
<ul>
|
32 |
+
<li>The element is external (not hosted on your server) and is not available over HTTPS. These elements will have to be removed from the page by disabling or modifying the theme or plugin that is adding the element.</li>
|
33 |
+
<li>The element is internal (hosted on your server) but does not get changed to HTTPS. This is often due to a background image in CSS or an image or file path in JavaScript being hard-coded to HTTP inside of a CSS file. The plugin can not fix these. The image paths must be changed to relative links. For example `http://www.example.com/wp-content/themes/mytheme/images/background.jpg` to simply `/wp-content/themes/mytheme/images/background.jpg`. Ensure you copy the entire path, including the prepended slash (very important).</li>
|
|
|
|
|
34 |
</ul>
|
35 |
|
36 |
+
= I can't get into my admin panel. How do I fix it? =
|
37 |
+
Go to /wp-content/plugins/wordpress-https/wordpress-https.php and uncomment (remove the two forward slashes before) the line below, or go to your wp-config.php file and add this line. Hit any page on your site, and then remove it or comment it out again.
|
38 |
+
`define('WPHTTPS_RESET', true);`
|
39 |
+
|
40 |
+
= How do I make my whole website secure? =
|
41 |
+
To make your entire website secure, you simply need to change your site url to use HTTPS instead of HTTP. Please read <a href="http://codex.wordpress.org/Changing_The_Site_URL" target="_blank">how to change the site url</a>.
|
42 |
+
Alternatively, you can use URL Filters in the WordPress HTTPS Settings to secure your entire site by putting just '/' as a filter. This will cause any URL with a forward slash to be secure (all of them).
|
43 |
+
|
44 |
+
= How do I make only certain pages secure? =
|
45 |
+
The plugin adds a meta box to the add/edit post screen entitled HTTPS. In that meta box, a checkbox for 'Secure Post' has been added to make this process easy. See Screenshots if you're having a hard time finding it.
|
46 |
+
Alternatively, you can use URL Filters to secure post and pages by their permalink.
|
47 |
+
|
48 |
+
= I'm using Force SSL Administration and all of the links to the front-end of my site are HTTPS. Why? =
|
49 |
+
For many users this behavior is desirable. If you would like links the the front-end of your site to be HTTP, enable Force SSL Exclusively and do not secure your front-end pages.
|
50 |
+
|
51 |
+
= I'm getting 404 errors on all of my pages. Why? =
|
52 |
+
If you're using a public/shared SSL, try disabling your custom permalink structure. Some public/shared SSL's have issues with WordPress' permalinks because of the way they are configured. If you continue to recieve 404 errors, there may be no way to use WordPress with that particular public/shared SSL.
|
53 |
+
|
54 |
+
= I'm receiving a blank page with no error. What gives? =
|
55 |
+
This is most commonly due to PHP's memory limit being too low. Check your Apache error logs just to be sure. Talk to your hosting provider about increading PHP's memory limit.
|
56 |
+
|
57 |
= Is there a hook or filter to force pages to be secure? =
|
58 |
Yes! Here is an example of how to use the 'force_ssl' filter to force a page to be secure.
|
59 |
`function custom_force_ssl( $force_ssl, $post_id = 0, $url = '' ) {
|
60 |
if ( $post_id == 5 ) {
|
61 |
+
$force_ssl = true;
|
62 |
}
|
63 |
return $force_ssl;
|
64 |
}
|
79 |
1. WordPress HTTPS Settings screen
|
80 |
2. Force SSL checkbox added to add/edit posts screen
|
81 |
|
|
|
|
|
|
|
82 |
== Changelog ==
|
83 |
+
= 3.2 =
|
84 |
+
* Added domain mapping. Domain mapping allows you to map external domains that host their HTTPS content on a different domain.
|
85 |
+
* Added Remove Unsecure Elements option. If possible, this option removes external elements from the page that can not be loaded over HTTPS, preventing insecure content errors without modifying any code.
|
86 |
+
* ClouldFlare support.
|
87 |
+
* Substantial memory optimization.
|
88 |
+
* Removed Secure Front Page option. This can now be achieved through URL Filters.
|
89 |
+
* Bug Fix - Visiting the admin panel over HTTP when using Shared SSL should no longer log the user out, but will now redirect accordingly.
|
90 |
+
* Bug Fix - Random 404 errors should be gone.
|
91 |
+
* Bug Fix - Fixed bug where a bad setting for ssl_host would cause the code to fail.
|
92 |
+
* Bug Fix - CSS backgrounds that do not have quotes should no longer break debug output.
|
93 |
= 3.1.2 =
|
94 |
* Bug Fix - Redirects should no longer remove URL parameters.
|
95 |
* Bug Fix - Removed loginout filter that was changing links to plain text.
|
247 |
* Initial Release.
|
248 |
|
249 |
== Upgrade Notice ==
|
250 |
+
= 3.2 =
|
251 |
+
You may lose your SSL Host setting upon upgrading if it is not default (matching your Site URL).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
screenshot-1.png
CHANGED
Binary file
|
uninstall.php
CHANGED
@@ -6,22 +6,42 @@ if ( !defined('WP_UNINSTALL_PLUGIN') ) {
|
|
6 |
die();
|
7 |
}
|
8 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
9 |
// Delete WordPress HTTPS options
|
10 |
-
|
11 |
-
|
12 |
-
|
13 |
-
|
14 |
-
|
15 |
-
delete_option(
|
16 |
-
|
17 |
-
|
18 |
-
|
19 |
-
delete_option('wordpress-https_ssl_proxy');
|
20 |
-
delete_option('wordpress-https_ssl_host_subdomain');
|
21 |
-
delete_option('wordpress-https_version');
|
22 |
-
delete_option('wordpress-https_debug');
|
23 |
-
delete_option('wordpress-https_admin_menu');
|
24 |
-
delete_option('wordpress-https_secure_filter');
|
25 |
|
26 |
// Delete force_ssl custom_field from posts and pages
|
27 |
delete_metadata('post', null, 'force_ssl', null, true);
|
6 |
die();
|
7 |
}
|
8 |
|
9 |
+
$options = array(
|
10 |
+
'wordpress-https_external_urls',
|
11 |
+
'wordpress-https_secure_external_urls',
|
12 |
+
'wordpress-https_unsecure_external_urls',
|
13 |
+
'wordpress-https_ssl_host',
|
14 |
+
'wordpress-https_ssl_host_diff',
|
15 |
+
'wordpress-https_ssl_port',
|
16 |
+
'wordpress-https_exclusive_https',
|
17 |
+
'wordpress-https_frontpage',
|
18 |
+
'wordpress-https_ssl_login',
|
19 |
+
'wordpress-https_ssl_admin',
|
20 |
+
'wordpress-https_ssl_proxy',
|
21 |
+
'wordpress-https_ssl_host_subdomain',
|
22 |
+
'wordpress-https_version',
|
23 |
+
'wordpress-https_debug',
|
24 |
+
'wordpress-https_admin_menu',
|
25 |
+
'wordpress-https_secure_filter',
|
26 |
+
'wordpress-https_ssl_host_mapping'
|
27 |
+
);
|
28 |
+
|
29 |
+
if ( is_multisite() && is_network_admin() ) {
|
30 |
+
$blogs = $wpdb->get_col($wpdb->prepare("SELECT blog_id FROM " . $wpdb->blogs));
|
31 |
+
} else {
|
32 |
+
$blogs = array($wpdb->blogid);
|
33 |
+
}
|
34 |
+
|
35 |
// Delete WordPress HTTPS options
|
36 |
+
foreach ( $blogs as $blog_id ) {
|
37 |
+
foreach( $options as $option ) {
|
38 |
+
if ( is_multisite() ) {
|
39 |
+
delete_blog_option($blog_id, $option);
|
40 |
+
} else {
|
41 |
+
delete_option($option);
|
42 |
+
}
|
43 |
+
}
|
44 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
45 |
|
46 |
// Delete force_ssl custom_field from posts and pages
|
47 |
delete_metadata('post', null, 'force_ssl', null, true);
|
wordpress-https.php
CHANGED
@@ -4,7 +4,7 @@
|
|
4 |
Plugin URI: http://mvied.com/projects/wordpress-https/
|
5 |
Description: WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
|
6 |
Author: Mike Ems
|
7 |
-
Version: 3.
|
8 |
Author URI: http://mvied.com/
|
9 |
*/
|
10 |
|
@@ -25,16 +25,9 @@
|
|
25 |
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
26 |
*/
|
27 |
|
28 |
-
$include_paths = array(
|
29 |
-
get_include_path(),
|
30 |
-
dirname(__FILE__),
|
31 |
-
dirname(__FILE__) . '/lib'
|
32 |
-
);
|
33 |
-
set_include_path(implode(PATH_SEPARATOR, $include_paths));
|
34 |
-
|
35 |
function wphttps_autoloader($class) {
|
36 |
-
$filename = str_replace('_',
|
37 |
-
@include $filename;
|
38 |
}
|
39 |
spl_autoload_register('wphttps_autoloader');
|
40 |
|
@@ -48,13 +41,12 @@ spl_autoload_register('wphttps_autoloader');
|
|
48 |
if ( function_exists('get_bloginfo') && ! defined('WP_UNINSTALL_PLUGIN') ) {
|
49 |
$wordpress_https = new WordPressHTTPS;
|
50 |
$wordpress_https->setSlug('wordpress-https');
|
51 |
-
$wordpress_https->setVersion('3.
|
52 |
$wordpress_https->setLogger(WordPressHTTPS_Logger::getInstance());
|
53 |
-
$wordpress_https->setPluginUrl(plugins_url('', __FILE__));
|
54 |
$wordpress_https->setDirectory(dirname(__FILE__));
|
55 |
$wordpress_https->setModuleDirectory(dirname(__FILE__) . '/lib/WordPressHTTPS/Module/');
|
56 |
|
57 |
-
//Load Modules
|
58 |
$wordpress_https->loadModules();
|
59 |
|
60 |
// If WPHTTPS_RESET global is defined, reset settings
|
@@ -66,6 +58,7 @@ if ( function_exists('get_bloginfo') && ! defined('WP_UNINSTALL_PLUGIN') ) {
|
|
66 |
|
67 |
// Initialize Plugin
|
68 |
$wordpress_https->init();
|
|
|
69 |
|
70 |
// Register activation hook. Must be called outside of a class.
|
71 |
register_activation_hook(__FILE__, array($wordpress_https, 'install'));
|
4 |
Plugin URI: http://mvied.com/projects/wordpress-https/
|
5 |
Description: WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
|
6 |
Author: Mike Ems
|
7 |
+
Version: 3.2
|
8 |
Author URI: http://mvied.com/
|
9 |
*/
|
10 |
|
25 |
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
26 |
*/
|
27 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
28 |
function wphttps_autoloader($class) {
|
29 |
+
$filename = str_replace('_', DIRECTORY_SEPARATOR, $class) . '.php';
|
30 |
+
@include dirname(__FILE__) . DIRECTORY_SEPARATOR . 'lib' . DIRECTORY_SEPARATOR . $filename;
|
31 |
}
|
32 |
spl_autoload_register('wphttps_autoloader');
|
33 |
|
41 |
if ( function_exists('get_bloginfo') && ! defined('WP_UNINSTALL_PLUGIN') ) {
|
42 |
$wordpress_https = new WordPressHTTPS;
|
43 |
$wordpress_https->setSlug('wordpress-https');
|
44 |
+
$wordpress_https->setVersion('3.2');
|
45 |
$wordpress_https->setLogger(WordPressHTTPS_Logger::getInstance());
|
|
|
46 |
$wordpress_https->setDirectory(dirname(__FILE__));
|
47 |
$wordpress_https->setModuleDirectory(dirname(__FILE__) . '/lib/WordPressHTTPS/Module/');
|
48 |
|
49 |
+
// Load Modules
|
50 |
$wordpress_https->loadModules();
|
51 |
|
52 |
// If WPHTTPS_RESET global is defined, reset settings
|
58 |
|
59 |
// Initialize Plugin
|
60 |
$wordpress_https->init();
|
61 |
+
$wordpress_https->setPluginUrl(plugins_url('', __FILE__));
|
62 |
|
63 |
// Register activation hook. Must be called outside of a class.
|
64 |
register_activation_hook(__FILE__, array($wordpress_https, 'install'));
|