WordPress HTTPS (SSL) - Version 3.3.5

Version Description

  • Enhanced multisite support and testing.
  • Slightly adjusted settings page column widths.
  • Now using admin-ajax.php for settings page.
  • Added detection and conflict fixes for a few popular E-commerce plugins: WooCommerce, WP E-commerce and Jigoshop
  • Bug Fix - Password protected pages in WordPress 3.5+ should now be properly secured.
  • Bug Fix - The SSL Admin setting should now be properly retained when using FORCE_SSL_ADMIN.
  • Bug Fix - Links to the home page should now properly be set to HTTP when using Force SSL Exclusively.
  • Bug Fix - Installations with a non-default wp-content folder location should no longer experience issues with the WordPress HTTPS settings page.
Download this release

Release Info

Developer Mvied
Plugin Icon wp plugin WordPress HTTPS (SSL)
Version 3.3.5
Comparing to
See all releases

Code changes from version 3.3.0 to 3.3.5

Files changed (19) hide show
  1. admin/css/settings.css +6 -3
  2. admin/js/metabox.php +0 -26
  3. admin/templates/ajax_message.php +1 -1
  4. admin/templates/metabox/ajax.php +9 -12
  5. admin/templates/metabox/domain_mapping.php +18 -13
  6. admin/templates/metabox/filters.php +18 -10
  7. admin/templates/metabox/network.php +15 -13
  8. admin/templates/metabox/settings.php +22 -9
  9. lib/WordPressHTTPS.php +43 -23
  10. lib/WordPressHTTPS/Module/Core.php +32 -8
  11. lib/WordPressHTTPS/Module/DomainMapping.php +33 -22
  12. lib/WordPressHTTPS/Module/Ecommerce.php +101 -0
  13. lib/WordPressHTTPS/Module/Network.php +33 -54
  14. lib/WordPressHTTPS/Module/Parser.php +63 -20
  15. lib/WordPressHTTPS/Module/Settings.php +125 -81
  16. lib/WordPressHTTPS/Module/UrlFilters.php +30 -19
  17. lib/WordPressHTTPS/Url.php +16 -1
  18. readme.txt +14 -7
  19. wordpress-https.php +5 -3
admin/css/settings.css CHANGED
@@ -20,14 +20,17 @@
20
  }
21
 
22
  #wphttps-main #poststuff .column-primary {
23
- width: 60%;
24
  padding: 0;
25
  }
26
  #wphttps-main #poststuff .column-secondary {
27
- width: 40%;
28
  float: right;
29
  padding: 0;
30
  }
 
 
 
31
 
32
  #wphttps-main #message {
33
  margin: 15px 0 0 0;
@@ -87,7 +90,7 @@
87
  #wphttps-main #settings-reset,
88
  #wphttps-main #network-settings-reset,
89
  #wphttps-main #filters-reset,
90
- #wphttps-main #domain_mapping-reset {
91
  float: left;
92
  margin-right: 10px;
93
  }
20
  }
21
 
22
  #wphttps-main #poststuff .column-primary {
23
+ width: 72%;
24
  padding: 0;
25
  }
26
  #wphttps-main #poststuff .column-secondary {
27
+ width: 28%;
28
  float: right;
29
  padding: 0;
30
  }
31
+ #wphttps-main #poststuff .postbox {
32
+ min-width: auto;
33
+ }
34
 
35
  #wphttps-main #message {
36
  margin: 15px 0 0 0;
90
  #wphttps-main #settings-reset,
91
  #wphttps-main #network-settings-reset,
92
  #wphttps-main #filters-reset,
93
+ #wphttps-main #domain-mapping-reset {
94
  float: left;
95
  margin-right: 10px;
96
  }
admin/js/metabox.php DELETED
@@ -1,26 +0,0 @@
1
- <?php
2
-
3
- require_once(realpath(dirname(__FILE__) . '/../../../../..') . '/wp-load.php');
4
-
5
- // Disable errors
6
- error_reporting(0);
7
-
8
- // Set headers
9
- header("Status: 200");
10
- header("HTTP/1.1 200 OK");
11
- header('Content-Type: text/html');
12
- header('Cache-Control: no-store, no-cache, must-revalidate');
13
- header('Cache-Control: post-check=0, pre-check=0', FALSE);
14
- header('Pragma: no-cache');
15
- header("Vary: Accept-Encoding");
16
-
17
- if ( ! wp_verify_nonce($_POST['_nonce'], 'wordpress-https') ) {
18
- exit;
19
- }
20
-
21
- $content = WordPressHTTPS_Url::fromString( $_POST['url'] )->getContent();
22
-
23
- if ( $content ) {
24
- echo $content;
25
- }
26
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
admin/templates/ajax_message.php CHANGED
@@ -1,6 +1,6 @@
1
  <?php
2
 
3
- if ( array_key_exists('ajax', $_POST) ) {
4
  error_reporting(0);
5
  while(@ob_end_clean());
6
  if ( sizeof( $errors ) > 0 ) {
1
  <?php
2
 
3
+ if ( isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest' ) {
4
  error_reporting(0);
5
  while(@ob_end_clean());
6
  if ( sizeof( $errors ) > 0 ) {
admin/templates/metabox/ajax.php CHANGED
@@ -6,18 +6,15 @@ jQuery(document).ready(function($) {
6
 
7
  $('#<?php echo $metabox['id']; ?> .handlediv').append( loading );
8
  $('#<?php echo $metabox['id']; ?> .handlediv .loading').fadeIn('fast');
9
- $.ajax({
10
- type: 'post',
11
- url: '<?php echo parse_url((( $this->getPlugin()->isSsl() ) ? $this->getPlugin()->makeUrlHttps($this->getPlugin()->getPluginUrl()) : $this->getPlugin()->getPluginUrl()), PHP_URL_PATH); ?>/admin/js/metabox.php',
12
- data: {
13
- id : '<?php echo $metabox['id']; ?>',
14
- url : '<?php echo $metabox['args']['url']; ?>',
15
- _nonce : '<?php echo $nonce; ?>'
16
- },
17
- success: function(response) {
18
- $('#<?php echo $metabox['id']; ?> .inside').html(response);
19
- $('#<?php echo $metabox['id']; ?> .handlediv .loading').fadeIn(0).fadeOut('fast');
20
- }
21
  });
22
  });
23
  </script>
6
 
7
  $('#<?php echo $metabox['id']; ?> .handlediv').append( loading );
8
  $('#<?php echo $metabox['id']; ?> .handlediv .loading').fadeIn('fast');
9
+
10
+ $.post(ajaxurl, {
11
+ action : '<?php echo $this->getPlugin()->getSlug(); ?>_ajax_metabox',
12
+ id : '<?php echo $metabox['id']; ?>',
13
+ url : '<?php echo $metabox['args']['url']; ?>',
14
+ _nonce : '<?php echo $nonce; ?>'
15
+ }, function(response) {
16
+ $('#<?php echo $metabox['id']; ?> .inside').html(response);
17
+ $('#<?php echo $metabox['id']; ?> .handlediv .loading').fadeIn(0).fadeOut('fast');
 
 
 
18
  });
19
  });
20
  </script>
admin/templates/metabox/domain_mapping.php CHANGED
@@ -1,5 +1,6 @@
1
  <form name="<?php echo $this->getPlugin()->getSlug(); ?>_domain_mapping_form" id="<?php echo $this->getPlugin()->getSlug(); ?>_domain_mapping_form" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
2
- <?php settings_fields($this->getPlugin()->getSlug()); ?>
 
3
 
4
  <p><?php printf( __('Domain mapping allows you to map external domains that host their HTTPS content on a different domain. You may use %s regular expressions %s','wordpress-https'),'<a href="#TB_inline?height=155&width=350&inlineId=regex-help&" class="thickbox" title="' . __('Regular Expressions Help','wordpress-https') . '">', '</a>') ; ?>.</p>
5
 
@@ -56,24 +57,28 @@
56
  </tr>
57
  </table>
58
 
59
- <input type="hidden" name="action" value="wphttps-domain-mapping" />
60
-
61
  <p class="button-controls">
62
- <input type="submit" name="domain_mapping-save" value="<?php _e('Save Changes','wordpress-https'); ?>" class="button-primary" id="domain_mapping-save" />
63
- <input type="submit" name="domain_mapping-reset" value="<?php _e('Reset','wordpress-https'); ?>" class="button-secondary" id="domain_mapping-reset" />
64
  <img alt="<?php _e('Waiting...','wordpress-https'); ?>" src="<?php echo admin_url('/images/wpspin_light.gif'); ?>" class="waiting submit-waiting" />
65
  </p>
66
  </form>
67
  <script type="text/javascript">
68
  jQuery(document).ready(function($) {
69
- $('#<?php echo $this->getPlugin()->getSlug(); ?>_domain_mapping_form').submit(function() {
70
- $('#<?php echo $this->getPlugin()->getSlug(); ?>_domain_mapping_form .submit-waiting').show();
71
- }).ajaxForm({
72
- data: { ajax: '1'},
73
- success: function(responseText, textStatus, XMLHttpRequest) {
74
- $('#<?php echo $this->getPlugin()->getSlug(); ?>_domain_mapping_form .submit-waiting').hide();
75
- $('#message-body').html(responseText).fadeOut(0).fadeIn().delay(5000).fadeOut();
76
- }
 
 
 
 
 
 
77
  });
78
 
79
  if ( $('#domain_mapping tr').length <= 1 ) {
1
  <form name="<?php echo $this->getPlugin()->getSlug(); ?>_domain_mapping_form" id="<?php echo $this->getPlugin()->getSlug(); ?>_domain_mapping_form" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
2
+ <?php wp_nonce_field($this->getPlugin()->getSlug()); ?>
3
+ <input type="hidden" name="action" id="action" value="" />
4
 
5
  <p><?php printf( __('Domain mapping allows you to map external domains that host their HTTPS content on a different domain. You may use %s regular expressions %s','wordpress-https'),'<a href="#TB_inline?height=155&width=350&inlineId=regex-help&" class="thickbox" title="' . __('Regular Expressions Help','wordpress-https') . '">', '</a>') ; ?>.</p>
6
 
57
  </tr>
58
  </table>
59
 
 
 
60
  <p class="button-controls">
61
+ <input type="submit" name="domain-mapping-save" value="<?php _e('Save Changes','wordpress-https'); ?>" class="button-primary" id="domain-mapping-save" />
62
+ <input type="submit" name="domain-mapping-reset" value="<?php _e('Reset','wordpress-https'); ?>" class="button-secondary" id="domain-mapping-reset" />
63
  <img alt="<?php _e('Waiting...','wordpress-https'); ?>" src="<?php echo admin_url('/images/wpspin_light.gif'); ?>" class="waiting submit-waiting" />
64
  </p>
65
  </form>
66
  <script type="text/javascript">
67
  jQuery(document).ready(function($) {
68
+ var form = $('#<?php echo $this->getPlugin()->getSlug(); ?>_domain_mapping_form').first();
69
+ $('#domain-mapping-save').click(function() {
70
+ $(form).find('input[name="action"]').val('<?php echo $this->getPlugin()->getSlug(); ?>_domain_mapping_save');
71
+ });
72
+ $('#domain-mapping-reset').click(function() {
73
+ $(form).find('input[name="action"]').val('<?php echo $this->getPlugin()->getSlug(); ?>_domain_mapping_reset');
74
+ });
75
+ $(form).submit(function(e) {
76
+ e.preventDefault();
77
+ $(form).find('.submit-waiting').show();
78
+ $.post(ajaxurl, $(form).serialize(), function(response) {
79
+ $(form).find('.submit-waiting').hide();
80
+ $('#message-body').html(response).fadeOut(0).fadeIn().delay(5000).fadeOut();
81
+ });
82
  });
83
 
84
  if ( $('#domain_mapping tr').length <= 1 ) {
admin/templates/metabox/filters.php CHANGED
@@ -1,5 +1,7 @@
1
  <form name="<?php echo $this->getPlugin()->getSlug(); ?>_filters_form" id="<?php echo $this->getPlugin()->getSlug(); ?>_filters_form" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
2
- <?php settings_fields($this->getPlugin()->getSlug()); ?>
 
 
3
  <table class="form-table">
4
  <tr valign="top" id="secure_filter_row">
5
  <th scope="row">
@@ -11,7 +13,7 @@
11
  </td>
12
  </tr>
13
  </table>
14
- <input type="hidden" name="action" value="wphttps-filters" />
15
  <p class="button-controls">
16
  <input type="submit" name="filters-save" value="<?php _e('Save Changes','wordpress-https'); ?>" class="button-primary" id="filters-save" />
17
  <input type="submit" name="filters-reset" value="<?php _e('Reset','wordpress-https'); ?>" class="button-secondary" id="filters-reset" />
@@ -21,14 +23,20 @@
21
 
22
  <script type="text/javascript">
23
  jQuery(document).ready(function($) {
24
- $('#<?php echo $this->getPlugin()->getSlug(); ?>_filters_form').submit(function() {
25
- $('#<?php echo $this->getPlugin()->getSlug(); ?>_filters_form .submit-waiting').show();
26
- }).ajaxForm({
27
- data: { ajax: '1'},
28
- success: function(responseText, textStatus, XMLHttpRequest) {
29
- $('#<?php echo $this->getPlugin()->getSlug(); ?>_filters_form .submit-waiting').hide();
30
- $('#message-body').html(responseText).fadeOut(0).fadeIn().delay(5000).fadeOut();
31
- }
 
 
 
 
 
 
32
  });
33
 
34
  $('#filters-reset').click(function(e, el) {
1
  <form name="<?php echo $this->getPlugin()->getSlug(); ?>_filters_form" id="<?php echo $this->getPlugin()->getSlug(); ?>_filters_form" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
2
+ <?php wp_nonce_field($this->getPlugin()->getSlug()); ?>
3
+ <input type="hidden" name="action" id="action" value="" />
4
+
5
  <table class="form-table">
6
  <tr valign="top" id="secure_filter_row">
7
  <th scope="row">
13
  </td>
14
  </tr>
15
  </table>
16
+
17
  <p class="button-controls">
18
  <input type="submit" name="filters-save" value="<?php _e('Save Changes','wordpress-https'); ?>" class="button-primary" id="filters-save" />
19
  <input type="submit" name="filters-reset" value="<?php _e('Reset','wordpress-https'); ?>" class="button-secondary" id="filters-reset" />
23
 
24
  <script type="text/javascript">
25
  jQuery(document).ready(function($) {
26
+ var form = $('#<?php echo $this->getPlugin()->getSlug(); ?>_filters_form').first();
27
+ $('#filters-save').click(function() {
28
+ $(form).find('input[name="action"]').val('<?php echo $this->getPlugin()->getSlug(); ?>_filters_save');
29
+ });
30
+ $('#filters-reset').click(function() {
31
+ $(form).find('input[name="action"]').val('<?php echo $this->getPlugin()->getSlug(); ?>_filters_reset');
32
+ });
33
+ $(form).submit(function(e) {
34
+ e.preventDefault();
35
+ $(form).find('.submit-waiting').show();
36
+ $.post(ajaxurl, $(form).serialize(), function(response) {
37
+ $(form).find('.submit-waiting').hide();
38
+ $('#message-body').html(response).fadeOut(0).fadeIn().delay(5000).fadeOut();
39
+ });
40
  });
41
 
42
  $('#filters-reset').click(function(e, el) {
admin/templates/metabox/network.php CHANGED
@@ -1,5 +1,6 @@
1
- <form name="<?php echo $this->getPlugin()->getSlug(); ?>_settings_form" id="<?php echo $this->getPlugin()->getSlug(); ?>_settings_form" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
2
- <?php settings_fields($this->getPlugin()->getSlug()); ?>
 
3
 
4
  <table id="blog-table">
5
  <thead>
@@ -26,7 +27,7 @@
26
  <tr>
27
  <td class="blog-blog"><strong><?php echo preg_replace('/http[s]?:\/\//', '', get_site_url($blog_id)); ?></strong></td>
28
  <td class="blog-host"><input name="blog[<?php echo $blog_id; ?>][ssl_host]" type="text" class="regular-text code" value="<?php echo $ssl_host; ?>" /></td>
29
- <td class="blog-ssl_admin"><input type="hidden" name="blog[<?php echo $blog_id; ?>][ssl_admin]" value="0" /><input name="blog[<?php echo $blog_id; ?>][ssl_admin]" type="checkbox" value="1"<?php echo ((force_ssl_admin()) ? ' disabled="disabled" title="FORCE_SSL_ADMIN is true in wp-config.php"' : (($this->getPlugin()->getSetting('ssl_admin', $blog_id)) ? ' checked="checked"' : '') ); ?> /></td>
30
  <td class="blog-exclusive_https"><input type="hidden" name="blog[<?php echo $blog_id; ?>][exclusive_https]" value="0" /><input name="blog[<?php echo $blog_id; ?>][exclusive_https]" type="checkbox" value="1"<?php echo (($this->getPlugin()->getSetting('exclusive_https', $blog_id)) ? ' checked="checked"' : ''); ?> /></td>
31
  <td class="blog-remove_unsecure"><input type="hidden" name="blog[<?php echo $blog_id; ?>][remove_unsecure]" value="0" /><input name="blog[<?php echo $blog_id; ?>][remove_unsecure]" type="checkbox" value="1"<?php echo (($this->getPlugin()->getSetting('remove_unsecure', $blog_id)) ? ' checked="checked"' : ''); ?> /></td>
32
  <td class="blog-debug"><input type="hidden" name="blog[<?php echo $blog_id; ?>][debug]" value="0" /><input name="blog[<?php echo $blog_id; ?>][debug]" type="checkbox" value="1"<?php echo (($this->getPlugin()->getSetting('debug', $blog_id)) ? ' checked="checked"' : ''); ?> /></td>
@@ -80,8 +81,6 @@
80
 
81
  </table>
82
 
83
- <input type="hidden" name="action" value="wphttps-network" />
84
-
85
  <p class="button-controls">
86
  <input type="submit" name="network-settings-save" value="<?php _e('Save Changes','wordpress-https'); ?>" class="button-primary" id="network-settings-save" />
87
  <img alt="<?php _e('Waiting...','wordpress-https'); ?>" src="<?php echo admin_url('/images/wpspin_light.gif'); ?>" class="waiting submit-waiting" />
@@ -89,14 +88,17 @@
89
  </form>
90
  <script type="text/javascript">
91
  jQuery(document).ready(function($) {
92
- $('#<?php echo $this->getPlugin()->getSlug(); ?>_settings_form').submit(function() {
93
- $('#<?php echo $this->getPlugin()->getSlug(); ?>_settings_form .submit-waiting').show();
94
- }).ajaxForm({
95
- data: { ajax: '1'},
96
- success: function(responseText, textStatus, XMLHttpRequest) {
97
- $('#<?php echo $this->getPlugin()->getSlug(); ?>_settings_form .submit-waiting').hide();
98
- $('#message-body').html(responseText).fadeOut(0).fadeIn().delay(5000).fadeOut();
99
- }
 
 
 
100
  });
101
  });
102
  </script>
1
+ <form name="<?php echo $this->getPlugin()->getSlug(); ?>_network_settings_form" id="<?php echo $this->getPlugin()->getSlug(); ?>_network_settings_form" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
2
+ <?php wp_nonce_field($this->getPlugin()->getSlug()); ?>
3
+ <input type="hidden" name="action" id="action" value="" />
4
 
5
  <table id="blog-table">
6
  <thead>
27
  <tr>
28
  <td class="blog-blog"><strong><?php echo preg_replace('/http[s]?:\/\//', '', get_site_url($blog_id)); ?></strong></td>
29
  <td class="blog-host"><input name="blog[<?php echo $blog_id; ?>][ssl_host]" type="text" class="regular-text code" value="<?php echo $ssl_host; ?>" /></td>
30
+ <td class="blog-ssl_admin"><input type="hidden" name="blog[<?php echo $blog_id; ?>][ssl_admin]" value="<?php echo ((force_ssl_admin() && $this->getPlugin()->getSetting('ssl_admin', $blog_id) == 1) ? 1 : 0); ?>" /><input name="blog[<?php echo $blog_id; ?>][ssl_admin]" type="checkbox" value="1"<?php echo ((force_ssl_admin()) ? ' disabled="disabled" title="FORCE_SSL_ADMIN is true in wp-config.php"' : '') . ($this->getPlugin()->getSetting('ssl_admin', $blog_id) ? ' checked="checked"' : ''); ?> /></td>
31
  <td class="blog-exclusive_https"><input type="hidden" name="blog[<?php echo $blog_id; ?>][exclusive_https]" value="0" /><input name="blog[<?php echo $blog_id; ?>][exclusive_https]" type="checkbox" value="1"<?php echo (($this->getPlugin()->getSetting('exclusive_https', $blog_id)) ? ' checked="checked"' : ''); ?> /></td>
32
  <td class="blog-remove_unsecure"><input type="hidden" name="blog[<?php echo $blog_id; ?>][remove_unsecure]" value="0" /><input name="blog[<?php echo $blog_id; ?>][remove_unsecure]" type="checkbox" value="1"<?php echo (($this->getPlugin()->getSetting('remove_unsecure', $blog_id)) ? ' checked="checked"' : ''); ?> /></td>
33
  <td class="blog-debug"><input type="hidden" name="blog[<?php echo $blog_id; ?>][debug]" value="0" /><input name="blog[<?php echo $blog_id; ?>][debug]" type="checkbox" value="1"<?php echo (($this->getPlugin()->getSetting('debug', $blog_id)) ? ' checked="checked"' : ''); ?> /></td>
81
 
82
  </table>
83
 
 
 
84
  <p class="button-controls">
85
  <input type="submit" name="network-settings-save" value="<?php _e('Save Changes','wordpress-https'); ?>" class="button-primary" id="network-settings-save" />
86
  <img alt="<?php _e('Waiting...','wordpress-https'); ?>" src="<?php echo admin_url('/images/wpspin_light.gif'); ?>" class="waiting submit-waiting" />
88
  </form>
89
  <script type="text/javascript">
90
  jQuery(document).ready(function($) {
91
+ var form = $('#<?php echo $this->getPlugin()->getSlug(); ?>_network_settings_form').first();
92
+ $('#network-settings-save').click(function() {
93
+ $(form).find('input[name="action"]').val('<?php echo $this->getPlugin()->getSlug(); ?>_network_settings_save');
94
+ });
95
+ $(form).submit(function(e) {
96
+ e.preventDefault();
97
+ $(form).find('.submit-waiting').show();
98
+ $.post(ajaxurl, $(form).serialize(), function(response) {
99
+ $(form).find('.submit-waiting').hide();
100
+ $('#message-body').html(response).fadeOut(0).fadeIn().delay(5000).fadeOut();
101
+ });
102
  });
103
  });
104
  </script>
admin/templates/metabox/settings.php CHANGED
@@ -8,7 +8,8 @@
8
  $ssl_host = rtrim($ssl_host, '/');
9
  ?>
10
  <form name="<?php echo $this->getPlugin()->getSlug(); ?>_settings_form" id="<?php echo $this->getPlugin()->getSlug(); ?>_settings_form" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
11
- <?php settings_fields($this->getPlugin()->getSlug()); ?>
 
12
 
13
  <table class="form-table">
14
  <tr valign="top" id="ssl_host_row">
@@ -29,7 +30,7 @@
29
  <td>
30
  <fieldset>
31
  <label for="ssl_admin">
32
- <input type="hidden" name="ssl_admin" value="0" />
33
  <input name="ssl_admin" type="checkbox" id="ssl_admin" value="1"<?php echo ((force_ssl_admin()) ? ' checked="checked" disabled="disabled" title="FORCE_SSL_ADMIN is true in wp-config.php"' : (($this->getPlugin()->getSetting('ssl_admin')) ? ' checked="checked"' : '') ); ?> />
34
  <p class="description"><?php printf( __('Always use HTTPS while in the admin panel. This setting is identical to %s FORCE_SSL_ADMIN','wordpress-https'),'<a href="http://codex.wordpress.org/Administration_Over_SSL#Example_2" target="_blank">'); ?></a>.</p>
35
  </label>
@@ -43,7 +44,7 @@
43
  <label for="exclusive_https">
44
  <input type="hidden" name="exclusive_https" value="0" />
45
  <input name="exclusive_https" type="checkbox" id="exclusive_https" value="1"<?php echo (($this->getPlugin()->getSetting('exclusive_https')) ? ' checked="checked"' : ''); ?> />
46
- <p class="description"><?php printf( __('Any page that is not secured via %s Force SSL %s or URL Filters will be redirected to HTTP.','wordpress-https'),'<a href="' . parse_url($this->getPlugin()->getPluginUrl(), PHP_URL_PATH) . '/screenshot-2.png" class="thickbox">', '</a> '); ?></a>.</p>
47
  </label>
48
  </fieldset>
49
  </td>
@@ -100,7 +101,6 @@
100
  </tr>
101
  </table>
102
 
103
- <input type="hidden" name="action" value="wphttps-settings" />
104
  <input type="hidden" name="ssl_host_subdomain" value="<?php echo (($this->getPlugin()->getSetting('ssl_host_subdomain') != 1) ? 0 : 1); ?>" />
105
  <input type="hidden" name="ssl_host_diff" value="<?php echo (($this->getPlugin()->getSetting('ssl_host_diff') != 1) ? 0 : 1); ?>" />
106
 
@@ -112,15 +112,28 @@
112
  </form>
113
  <script type="text/javascript">
114
  jQuery(document).ready(function($) {
115
- $('#<?php echo $this->getPlugin()->getSlug(); ?>_settings_form').submit(function() {
116
- $('#<?php echo $this->getPlugin()->getSlug(); ?>_settings_form .submit-waiting').show();
117
- }).ajaxForm({
118
- data: { ajax: '1'},
 
 
 
 
 
 
 
 
 
 
 
 
 
119
  success: function(responseText, textStatus, XMLHttpRequest) {
120
  $('#<?php echo $this->getPlugin()->getSlug(); ?>_settings_form .submit-waiting').hide();
121
  $('#message-body').html(responseText).fadeOut(0).fadeIn().delay(5000).fadeOut();
122
  }
123
- });
124
 
125
  $('#settings-reset').click(function(e, el) {
126
  if ( ! confirm('<?php _e('Are you sure you want to reset all WordPress HTTPS settings?','wordpress-https'); ?>') ) {
8
  $ssl_host = rtrim($ssl_host, '/');
9
  ?>
10
  <form name="<?php echo $this->getPlugin()->getSlug(); ?>_settings_form" id="<?php echo $this->getPlugin()->getSlug(); ?>_settings_form" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
11
+ <?php wp_nonce_field($this->getPlugin()->getSlug()); ?>
12
+ <input type="hidden" name="action" id="action" value="" />
13
 
14
  <table class="form-table">
15
  <tr valign="top" id="ssl_host_row">
30
  <td>
31
  <fieldset>
32
  <label for="ssl_admin">
33
+ <input type="hidden" name="ssl_admin" value="<?php echo ((force_ssl_admin() && $this->getPlugin()->getSetting('ssl_admin') == 1) ? 1 : 0); ?>" />
34
  <input name="ssl_admin" type="checkbox" id="ssl_admin" value="1"<?php echo ((force_ssl_admin()) ? ' checked="checked" disabled="disabled" title="FORCE_SSL_ADMIN is true in wp-config.php"' : (($this->getPlugin()->getSetting('ssl_admin')) ? ' checked="checked"' : '') ); ?> />
35
  <p class="description"><?php printf( __('Always use HTTPS while in the admin panel. This setting is identical to %s FORCE_SSL_ADMIN','wordpress-https'),'<a href="http://codex.wordpress.org/Administration_Over_SSL#Example_2" target="_blank">'); ?></a>.</p>
36
  </label>
44
  <label for="exclusive_https">
45
  <input type="hidden" name="exclusive_https" value="0" />
46
  <input name="exclusive_https" type="checkbox" id="exclusive_https" value="1"<?php echo (($this->getPlugin()->getSetting('exclusive_https')) ? ' checked="checked"' : ''); ?> />
47
+ <p class="description"><?php printf( __('Any page that is not secured via %s Force SSL %s or URL Filters will be redirected to HTTP.','wordpress-https'),'<a href="' . parse_url($this->getPlugin()->getPluginUrl(), PHP_URL_PATH) . '/screenshot-2.png" class="thickbox">', '</a> '); ?></a></p>
48
  </label>
49
  </fieldset>
50
  </td>
101
  </tr>
102
  </table>
103
 
 
104
  <input type="hidden" name="ssl_host_subdomain" value="<?php echo (($this->getPlugin()->getSetting('ssl_host_subdomain') != 1) ? 0 : 1); ?>" />
105
  <input type="hidden" name="ssl_host_diff" value="<?php echo (($this->getPlugin()->getSetting('ssl_host_diff') != 1) ? 0 : 1); ?>" />
106
 
112
  </form>
113
  <script type="text/javascript">
114
  jQuery(document).ready(function($) {
115
+ var form = $('#<?php echo $this->getPlugin()->getSlug(); ?>_settings_form').first();
116
+ $('#settings-save').click(function() {
117
+ $(form).find('input[name="action"]').val('<?php echo $this->getPlugin()->getSlug(); ?>_settings_save');
118
+ });
119
+ $('#settings-reset').click(function() {
120
+ $(form).find('input[name="action"]').val('<?php echo $this->getPlugin()->getSlug(); ?>_settings_reset');
121
+ });
122
+ $(form).submit(function(e) {
123
+ e.preventDefault();
124
+ $(form).find('.submit-waiting').show();
125
+ $.post(ajaxurl, $(form).serialize(), function(response) {
126
+ $(form).find('.submit-waiting').hide();
127
+ $('#message-body').html(response).fadeOut(0).fadeIn().delay(5000).fadeOut();
128
+ });
129
+ });
130
+
131
+ /*.ajaxForm({
132
  success: function(responseText, textStatus, XMLHttpRequest) {
133
  $('#<?php echo $this->getPlugin()->getSlug(); ?>_settings_form .submit-waiting').hide();
134
  $('#message-body').html(responseText).fadeOut(0).fadeIn().delay(5000).fadeOut();
135
  }
136
+ });*/
137
 
138
  $('#settings-reset').click(function(e, el) {
139
  if ( ! confirm('<?php _e('Are you sure you want to reset all WordPress HTTPS settings?','wordpress-https'); ?>') ) {
lib/WordPressHTTPS.php CHANGED
@@ -95,19 +95,22 @@ class WordPressHTTPS extends Mvied_Plugin {
95
  */
96
  public function getHttpsUrl() {
97
  if ( !isset($this->_https_url) ) {
98
- $this->_https_url = WordPressHTTPS_Url::fromString('https://' . parse_url(get_bloginfo('template_url'), PHP_URL_HOST) . parse_url(home_url('/'), PHP_URL_PATH));
 
99
 
100
- // If using a different host for SSL
101
- if ( is_string($this->getSetting('ssl_host')) && $this->getSetting('ssl_host') != '' && $this->getSetting('ssl_host') != $this->_https_url->toString() ) {
102
- // Assign HTTPS URL to SSL Host
103
- $this->setSetting('ssl_host_diff', 1);
104
  $ssl_host = rtrim($this->getSetting('ssl_host'), '/') . '/';
105
- if ( strpos($ssl_host, 'http://') === false && strpos($ssl_host, 'https://') === false ) {
106
- $ssl_host = 'https://' . $ssl_host;
 
 
 
 
 
 
 
 
107
  }
108
- $this->_https_url = WordPressHTTPS_Url::fromString( $ssl_host );
109
- } else {
110
- $this->setSetting('ssl_host_diff', 0);
111
  }
112
 
113
  // Prepend SSL Host path
@@ -121,7 +124,27 @@ class WordPressHTTPS extends Mvied_Plugin {
121
 
122
  return $this->_https_url;
123
  }
124
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
125
  /**
126
  * Initialize
127
  *
@@ -163,7 +186,11 @@ class WordPressHTTPS extends Mvied_Plugin {
163
  foreach ( $this->getSettings() as $option => $value ) {
164
  if ( is_multisite() ) {
165
  if ( add_blog_option($blog_id, $option, $value) && isset($defaults[$option]) ) {
166
- $value = $defaults[$option];
 
 
 
 
167
  $this->setSetting($option, $value, $blog_id);
168
  }
169
  } else {
@@ -195,17 +222,9 @@ class WordPressHTTPS extends Mvied_Plugin {
195
  }
196
  }
197
 
198
- // Checks to see if the SSL Host is a subdomain
199
- $http_domain = $this->getHttpUrl()->getBaseHost();
200
- $https_domain = $this->getHttpsUrl()->getBaseHost();
201
-
202
- if ( $this->getHttpsUrl()->setScheme('http')->toString() != $this->getHttpUrl()->toString() && $http_domain == $https_domain ) {
203
- $subdomain = true;
204
- } else {
205
- $subdomain = false;
206
- }
207
  foreach ( $blogs as $blog_id ) {
208
- $this->setSetting('ssl_host_subdomain', $subdomain, $blog_id);
209
  }
210
  }
211
 
@@ -218,7 +237,8 @@ class WordPressHTTPS extends Mvied_Plugin {
218
  * @return boolean
219
  */
220
  public function isUrlLocal($url) {
221
- if ( ($url_parts = parse_url($url)) && isset($url_parts['host']) && $this->getHttpUrl()->getHost() != $url_parts['host'] && $this->getHttpsUrl()->getHost() != $url_parts['host'] ) {
 
222
  return false;
223
  }
224
  return true;
95
  */
96
  public function getHttpsUrl() {
97
  if ( !isset($this->_https_url) ) {
98
+ $this->_https_url = clone $this->getHttpUrl();
99
+ $this->_https_url->setScheme('https');
100
 
101
+ if ( is_string($this->getSetting('ssl_host')) && $this->getSetting('ssl_host') != '' ) {
 
 
 
102
  $ssl_host = rtrim($this->getSetting('ssl_host'), '/') . '/';
103
+ // If using a different host for SSL
104
+ if ( $ssl_host != $this->_https_url->toString() ) {
105
+ // Assign HTTPS URL to SSL Host
106
+ $this->setSetting('ssl_host_diff', 1);
107
+ if ( strpos($ssl_host, 'http://') === false && strpos($ssl_host, 'https://') === false ) {
108
+ $ssl_host = 'https://' . $ssl_host;
109
+ }
110
+ $this->_https_url = WordPressHTTPS_Url::fromString( $ssl_host );
111
+ } else {
112
+ $this->setSetting('ssl_host_diff', 0);
113
  }
 
 
 
114
  }
115
 
116
  // Prepend SSL Host path
124
 
125
  return $this->_https_url;
126
  }
127
+
128
+ /**
129
+ * Get domains local to the WordPress installation.
130
+ *
131
+ * @param none
132
+ * @return array $hosts Array of domains local to the WordPress installation.
133
+ */
134
+ public function getLocalDomains() {
135
+ global $wpdb;
136
+ $hosts = array(
137
+ $this->getHttpUrl()->getHost(),
138
+ $this->getHttpsUrl()->getHost()
139
+ );
140
+
141
+ if ( is_multisite() && is_subdomain_install() ) {
142
+ $multisite_hosts = $wpdb->get_col($wpdb->prepare("SELECT domain FROM " . $wpdb->blogs, NULL));
143
+ $hosts = array_merge($hosts, $multisite_hosts);
144
+ }
145
+ return $hosts;
146
+ }
147
+
148
  /**
149
  * Initialize
150
  *
186
  foreach ( $this->getSettings() as $option => $value ) {
187
  if ( is_multisite() ) {
188
  if ( add_blog_option($blog_id, $option, $value) && isset($defaults[$option]) ) {
189
+ if ( $option == 'ssl_host' && strpos($value, 'https://') !== 0 ) {
190
+ $value = 'https://' . rtrim($defaults[$option], '/') . '/';
191
+ } else {
192
+ $value = $defaults[$option];
193
+ }
194
  $this->setSetting($option, $value, $blog_id);
195
  }
196
  } else {
222
  }
223
  }
224
 
225
+ $is_subdomain = $this->getHttpsUrl()->isSubdomain($this->getHttpUrl());
 
 
 
 
 
 
 
 
226
  foreach ( $blogs as $blog_id ) {
227
+ $this->setSetting('ssl_host_subdomain', $is_subdomain, $blog_id);
228
  }
229
  }
230
 
237
  * @return boolean
238
  */
239
  public function isUrlLocal($url) {
240
+ $hosts = $this->getLocalDomains();
241
+ if ( ($url_parts = parse_url($url)) && isset($url_parts['host']) && !in_array($url_parts['host'], $hosts) ) {
242
  return false;
243
  }
244
  return true;
lib/WordPressHTTPS/Module/Core.php CHANGED
@@ -31,7 +31,6 @@ class WordPressHTTPS_Module_Core extends Mvied_Plugin_Module {
31
  add_filter('logout_url', array(&$this, 'secure_url'), 10);
32
  add_filter('login_url', array(&$this, 'secure_url'), 10);
33
  add_filter('network_admin_url', array(&$this, 'secure_url'), 10);
34
- add_filter('admin_url', array(&$this, 'secure_url'), 10);
35
 
36
  // Filter Element URL's
37
  add_filter('get_avatar', array(&$this, 'element_url'), 10);
@@ -41,8 +40,11 @@ class WordPressHTTPS_Module_Core extends Mvied_Plugin_Module {
41
  add_filter('plugins_url', array(&$this, 'element_url'), 10);
42
  add_filter('includes_url', array(&$this, 'element_url'), 10);
43
 
44
- // Filter site_url, excluding admin panel. Admin_url filter should catch everything.
45
- if ( !is_admin() ) {
 
 
 
46
  add_filter('site_url', array(&$this, 'site_url'), 10, 4);
47
  }
48
 
@@ -174,6 +176,30 @@ class WordPressHTTPS_Module_Core extends Mvied_Plugin_Module {
174
  return $rules;
175
  }
176
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
177
  /**
178
  * Site URL
179
  * WordPress Filter - site_url
@@ -186,6 +212,7 @@ class WordPressHTTPS_Module_Core extends Mvied_Plugin_Module {
186
  */
187
  public function site_url( $url, $path, $scheme, $blog_id ) {
188
  $force_ssl = apply_filters('force_ssl', null, 0, $url);
 
189
  if ( $scheme != 'http' && $force_ssl ) {
190
  $url = $this->getPlugin()->makeUrlHttps($url);
191
  } else if ( !is_null($force_ssl) && !$force_ssl ) {
@@ -235,10 +262,7 @@ class WordPressHTTPS_Module_Core extends Mvied_Plugin_Module {
235
  }
236
  }
237
  }
238
- // Catches base URL's used by low-level WordPress code
239
- if ( is_admin() && $this->getPlugin()->isSsl() && ($url_parts = parse_url($url)) && ( !isset($url_parts['path']) || trim($url_parts['path'], '/') == '' ) ) {
240
- $force_ssl = true;
241
- }
242
  return $force_ssl;
243
  }
244
 
@@ -347,7 +371,7 @@ class WordPressHTTPS_Module_Core extends Mvied_Plugin_Module {
347
  * @return boolean $force_ssl
348
  */
349
  public function secure_wordpress_forms( $force_ssl, $post_id = 0, $url = '' ) {
350
- if ( $this->getPlugin()->isSsl() && $this->getPlugin()->isUrlLocal($url) && ( strpos($url, 'wp-pass.php') !== false || strpos($url, 'wp-comments-post.php') !== false ) ) {
351
  $force_ssl = true;
352
  }
353
  return $force_ssl;
31
  add_filter('logout_url', array(&$this, 'secure_url'), 10);
32
  add_filter('login_url', array(&$this, 'secure_url'), 10);
33
  add_filter('network_admin_url', array(&$this, 'secure_url'), 10);
 
34
 
35
  // Filter Element URL's
36
  add_filter('get_avatar', array(&$this, 'element_url'), 10);
40
  add_filter('plugins_url', array(&$this, 'element_url'), 10);
41
  add_filter('includes_url', array(&$this, 'element_url'), 10);
42
 
43
+ // Filter admin_url in admin
44
+ if ( is_admin() ) {
45
+ add_filter('admin_url', array(&$this, 'admin_url'), 10, 2);
46
+ // Filter site_url publicly
47
+ } else {
48
  add_filter('site_url', array(&$this, 'site_url'), 10, 4);
49
  }
50
 
176
  return $rules;
177
  }
178
 
179
+ /**
180
+ * Admin URL
181
+ * WordPress Filter - admin_url
182
+ *
183
+ * @param string $url
184
+ * @param string $scheme
185
+ * @return string $url
186
+ */
187
+ public function admin_url( $url, $scheme ) {
188
+ $force_ssl = apply_filters('force_ssl', null, 0, $url);
189
+
190
+ // Catches base URL's used by low-level WordPress code
191
+ if ( is_null($force_ssl) && is_admin() && $this->getPlugin()->isSsl() && ($url_parts = parse_url($url)) && ( !isset($url_parts['path']) || trim($url_parts['path'], '/') == '' ) ) {
192
+ $force_ssl = true;
193
+ }
194
+
195
+ if ( $scheme != 'http' && $force_ssl ) {
196
+ $url = $this->getPlugin()->makeUrlHttps($url);
197
+ } else if ( !is_null($force_ssl) && !$force_ssl ) {
198
+ $url = $this->getPlugin()->makeUrlHttp($url);
199
+ }
200
+ return $url;
201
+ }
202
+
203
  /**
204
  * Site URL
205
  * WordPress Filter - site_url
212
  */
213
  public function site_url( $url, $path, $scheme, $blog_id ) {
214
  $force_ssl = apply_filters('force_ssl', null, 0, $url);
215
+
216
  if ( $scheme != 'http' && $force_ssl ) {
217
  $url = $this->getPlugin()->makeUrlHttps($url);
218
  } else if ( !is_null($force_ssl) && !$force_ssl ) {
262
  }
263
  }
264
  }
265
+
 
 
 
266
  return $force_ssl;
267
  }
268
 
371
  * @return boolean $force_ssl
372
  */
373
  public function secure_wordpress_forms( $force_ssl, $post_id = 0, $url = '' ) {
374
+ if ( $this->getPlugin()->isSsl() && $this->getPlugin()->isUrlLocal($url) && ( strpos($url, 'wp-pass.php') !== false || strpos($url, 'wp-login.php?action=') !== false || strpos($url, 'wp-comments-post.php') !== false ) ) {
375
  $force_ssl = true;
376
  }
377
  return $force_ssl;
lib/WordPressHTTPS/Module/DomainMapping.php CHANGED
@@ -18,13 +18,13 @@ class WordPressHTTPS_Module_DomainMapping extends Mvied_Plugin_Module {
18
  * @return void
19
  */
20
  public function init() {
21
- if ( is_admin() && isset($_GET['page']) && strpos($_GET['page'], $this->getPlugin()->getSlug()) !== false ) {
22
- if ( $_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['action']) && $_POST['action'] == 'wphttps-domain-mapping' ) {
23
- add_action('plugins_loaded', array(&$this, 'save'), 1);
 
 
 
24
  }
25
-
26
- // Add meta boxes
27
- add_action('admin_init', array(&$this, 'add_meta_boxes'));
28
  }
29
 
30
  // Custom filter https_external_url
@@ -67,6 +67,26 @@ class WordPressHTTPS_Module_DomainMapping extends Mvied_Plugin_Module {
67
  );
68
  }
69
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
70
  /**
71
  * Save Domain Mapping
72
  *
@@ -74,30 +94,21 @@ class WordPressHTTPS_Module_DomainMapping extends Mvied_Plugin_Module {
74
  * @return void
75
  */
76
  public function save() {
77
- if ( !wp_verify_nonce($_POST['_wpnonce'], $this->getPlugin()->getSlug() . '-options') ) {
78
  return false;
79
  }
80
 
81
  $message = "Domain Mapping saved.";
82
  $errors = array();
83
  $reload = false;
84
- $logout = false;
85
- if ( isset($_POST['domain_mapping-save']) ) {
86
- $ssl_host_mapping = array();
87
- for( $i=0; $i<sizeof($_POST['http_domain']); $i++ ) {
88
- if ( isset($_POST['http_domain'][$i]) && $_POST['http_domain'][$i] != '' && isset($_POST['https_domain'][$i]) && $_POST['https_domain'][$i] != '' ) {
89
- $ssl_host_mapping[$_POST['http_domain'][$i]] = $_POST['https_domain'][$i];
90
- }
91
- }
92
- $this->getPlugin()->setSetting('ssl_host_mapping', $ssl_host_mapping);
93
- } else if ( isset($_POST['domain_mapping-reset']) ) {
94
- $this->getPlugin()->setSetting('ssl_host_mapping', WordPressHTTPS::$ssl_host_mapping);
95
- $reload = true;
96
- }
97
 
98
- if ( $logout ) {
99
- wp_logout();
 
 
 
100
  }
 
101
 
102
  require_once($this->getPlugin()->getDirectory() . '/admin/templates/ajax_message.php');
103
  }
18
  * @return void
19
  */
20
  public function init() {
21
+ if ( is_admin() ) {
22
+ add_action('wp_ajax_' . $this->getPlugin()->getSlug() . '_domain_mapping_save', array(&$this, 'save'));
23
+ add_action('wp_ajax_' . $this->getPlugin()->getSlug() . '_domain_mapping_reset', array(&$this, 'reset'));
24
+ if ( isset($_GET['page']) && strpos($_GET['page'], $this->getPlugin()->getSlug()) !== false ) {
25
+ // Add meta boxes
26
+ add_action('admin_init', array(&$this, 'add_meta_boxes'));
27
  }
 
 
 
28
  }
29
 
30
  // Custom filter https_external_url
67
  );
68
  }
69
 
70
+ /**
71
+ * Reset Domain Mapping
72
+ *
73
+ * @param array $settings
74
+ * @return void
75
+ */
76
+ public function reset() {
77
+ if ( !wp_verify_nonce($_POST['_wpnonce'], $this->getPlugin()->getSlug()) ) {
78
+ return false;
79
+ }
80
+
81
+ $message = "Domain Mapping reset.";
82
+ $errors = array();
83
+ $reload = true;
84
+
85
+ $this->getPlugin()->setSetting('ssl_host_mapping', WordPressHTTPS::$ssl_host_mapping);
86
+
87
+ require_once($this->getPlugin()->getDirectory() . '/admin/templates/ajax_message.php');
88
+ }
89
+
90
  /**
91
  * Save Domain Mapping
92
  *
94
  * @return void
95
  */
96
  public function save() {
97
+ if ( !wp_verify_nonce($_POST['_wpnonce'], $this->getPlugin()->getSlug()) ) {
98
  return false;
99
  }
100
 
101
  $message = "Domain Mapping saved.";
102
  $errors = array();
103
  $reload = false;
 
 
 
 
 
 
 
 
 
 
 
 
 
104
 
105
+ $ssl_host_mapping = array();
106
+ for( $i=0; $i<sizeof($_POST['http_domain']); $i++ ) {
107
+ if ( isset($_POST['http_domain'][$i]) && $_POST['http_domain'][$i] != '' && isset($_POST['https_domain'][$i]) && $_POST['https_domain'][$i] != '' ) {
108
+ $ssl_host_mapping[str_replace('\\\\', '\\', $_POST['http_domain'][$i])] = str_replace('\\\\', '\\', $_POST['https_domain'][$i]);
109
+ }
110
  }
111
+ $this->getPlugin()->setSetting('ssl_host_mapping', $ssl_host_mapping);
112
 
113
  require_once($this->getPlugin()->getDirectory() . '/admin/templates/ajax_message.php');
114
  }
lib/WordPressHTTPS/Module/Ecommerce.php ADDED
@@ -0,0 +1,101 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * E-commerce Module
4
+ *
5
+ * @author Mike Ems
6
+ * @package WordPressHTTPS
7
+ *
8
+ */
9
+
10
+ class WordPressHTTPS_Module_Ecommerce extends Mvied_Plugin_Module {
11
+
12
+ /**
13
+ * Initialize
14
+ *
15
+ * @param none
16
+ * @return void
17
+ */
18
+ public function init() {
19
+ if ( class_exists('Woocommerce') ) {
20
+ add_filter('force_ssl', array(&$this, 'secure_woocommerce'), 40, 3);
21
+ }
22
+ if ( defined('WPSC_VERSION') ) {
23
+ add_filter('force_ssl', array(&$this, 'secure_wpecommerce'), 40, 3);
24
+ }
25
+ if ( defined('JIGOSHOP_VERSION') ) {
26
+ add_filter('force_ssl', array(&$this, 'secure_jigoshop'), 40, 3);
27
+ }
28
+ }
29
+
30
+ /**
31
+ * Secure WooCommerce
32
+ * WordPress HTTPS Filter - force_ssl
33
+ *
34
+ * @param boolean $force_ssl
35
+ * @param int $post_id
36
+ * @param string $url
37
+ * @return boolean $force_ssl
38
+ */
39
+ public function secure_woocommerce( $force_ssl, $post_id = 0, $url = '' ) {
40
+ if ( !is_admin() && $post_id > 0 ) {
41
+ $woocommerce_checkout_pages = array(
42
+ get_option('woocommerce_checkout_page_id'),
43
+ get_option('woocommerce_pay_page_id')
44
+ );
45
+ $woocommerce_account_pages = array(
46
+ get_option('woocommerce_myaccount_page_id'),
47
+ get_option('woocommerce_edit_address_page_id'),
48
+ get_option('woocommerce_view_order_page_id'),
49
+ get_option('woocommerce_change_password_page_id')
50
+ );
51
+ if ( get_option('woocommerce_force_ssl_checkout') == 'yes' ) {
52
+ $secure_pages = array_merge($woocommerce_checkout_pages, $woocommerce_account_pages);
53
+ if ( in_array($post_id, $secure_pages) ) {
54
+ $force_ssl = true;
55
+ } else if ( get_option('woocommerce_unforce_ssl_checkout') === 'yes' && !in_array($post_id, $secure_pages) ) {
56
+ $force_ssl = false;
57
+ }
58
+ }
59
+ }
60
+ return $force_ssl;
61
+ }
62
+
63
+ /**
64
+ * Secure Jigoshop
65
+ * WordPress HTTPS Filter - force_ssl
66
+ *
67
+ * @param boolean $force_ssl
68
+ * @param int $post_id
69
+ * @param string $url
70
+ * @return boolean $force_ssl
71
+ */
72
+ public function secure_jigoshop( $force_ssl, $post_id = 0, $url = '' ) {
73
+ if ( !is_admin() && $post_id > 0 ) {
74
+ if ( get_option('jigoshop_force_ssl_checkout') === 'yes' && $post_id == get_option('jigoshop_checkout_page_id') ) {
75
+ $force_ssl = true;
76
+ }
77
+ }
78
+ return $force_ssl;
79
+ }
80
+
81
+ /**
82
+ * Secure WP E-commerce
83
+ * WordPress HTTPS Filter - force_ssl
84
+ *
85
+ * @param boolean $force_ssl
86
+ * @param int $post_id
87
+ * @param string $url
88
+ * @return boolean $force_ssl
89
+ */
90
+ public function secure_wpecommerce( $force_ssl, $post_id = 0, $url = '' ) {
91
+ global $wp_query;
92
+
93
+ if ( !is_admin() && $post_id > 0 ) {
94
+ if ( get_option('wpsc_force_ssl') === '1' && strpos( $wp_query->post->post_content, '[shoppingcart]' ) !== false ) {
95
+ $force_ssl = true;
96
+ }
97
+ }
98
+ return $force_ssl;
99
+ }
100
+
101
+ }
lib/WordPressHTTPS/Module/Network.php CHANGED
@@ -18,13 +18,9 @@ class WordPressHTTPS_Module_Network extends Mvied_Plugin_Module {
18
  * @return void
19
  */
20
  public function init() {
21
- if ( is_admin() && isset($_GET['page']) && strpos($_GET['page'], $this->getPlugin()->getSlug()) !== false ) {
22
- // Network admin
23
- if ( strpos($_SERVER['REQUEST_URI'], 'wp-admin/network') !== false ) {
24
- if ( $_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['action']) && $_POST['action'] == 'wphttps-network' ) {
25
- add_action('plugins_loaded', array(&$this, 'save'), 1);
26
- }
27
-
28
  // Add meta boxes
29
  add_action('admin_init', array(&$this, 'add_meta_boxes'));
30
 
@@ -118,7 +114,7 @@ class WordPressHTTPS_Module_Network extends Mvied_Plugin_Module {
118
  * @return void
119
  */
120
  public function save() {
121
- if ( !wp_verify_nonce($_POST['_wpnonce'], $this->getPlugin()->getSlug() . '-options') ) {
122
  return false;
123
  }
124
 
@@ -126,62 +122,45 @@ class WordPressHTTPS_Module_Network extends Mvied_Plugin_Module {
126
  $errors = array();
127
  $reload = false;
128
  $logout = false;
129
- if ( isset($_POST['network-settings-save']) ) {
130
- if ( isset($_POST['blog']) && is_array($_POST['blog']) && sizeof($_POST['blog']) > 0 ) {
131
- foreach( $_POST['blog'] as $blog_id => $setting ) {
132
- foreach( $setting as $key => $value ) {
133
- if ( $key == 'ssl_host' && $value != '' ) {
134
- $blog_url = WordPressHTTPS_Url::fromString(get_site_url($blog_id, '', 'https'));
135
- $value = strtolower($value);
136
- // Add Scheme
137
- if ( strpos($value, 'http://') === false && strpos($value, 'https://') === false ) {
138
- $value = 'https://' . $value;
139
- }
140
-
141
- $ssl_host = WordPressHTTPS_Url::fromString($value);
142
-
143
- // Add Port
144
- $port = (($blog_url->getPort() && $blog_url->getPort() != 80 && $blog_url->getPort() != 443) ? $port : null);
145
- $ssl_host->setPort($port);
146
-
147
- // Add Path
148
- if ( strpos($ssl_host->getPath(), $blog_url->getPath()) !== true ) {
149
- $path = '/'. ltrim(str_replace(rtrim($blog_url->getPath(), '/'), '', $ssl_host->getPath()), '/');
150
- $ssl_host->setPath(rtrim($path, '/') . $blog_url->getPath());
151
- }
152
- $ssl_host->setPath(rtrim($ssl_host->getPath(), '/') . '/');
153
- $value = $ssl_host->toString();
154
  }
155
- $this->getPlugin()->setSetting($key, $value, $blog_id);
 
156
  }
 
157
  }
158
  }
159
- if ( isset($_POST['blog_default']) && is_array($_POST['blog_default']) && sizeof($_POST['blog_default']) > 0 ) {
160
- $this->getPlugin()->setSetting('network_defaults', $_POST['blog_default']);
161
- }
162
  }
163
 
164
  if ( $logout ) {
165
  wp_logout();
166
  }
167
 
168
- if ( array_key_exists('ajax', $_POST) ) {
169
- error_reporting(0);
170
- while(@ob_end_clean());
171
- if ( sizeof( $errors ) > 0 ) {
172
- echo "<div class=\"error below-h2 fade wphttps-message\" id=\"message\">\n\t<ul>\n";
173
- foreach ( $errors as $error ) {
174
- echo "\t\t<li><p>".$error."</p></li>\n";
175
- }
176
- echo "\t</ul>\n</div>\n";
177
- } else {
178
- echo "<div class=\"updated below-h2 fade wphttps-message\" id=\"message\"><p>" . $message . "</p></div>\n";
179
- if ( $logout || $reload ) {
180
- echo "<script type=\"text/javascript\">window.location.reload();</script>";
181
- }
182
- }
183
- exit();
184
- }
185
  }
186
 
187
  }
18
  * @return void
19
  */
20
  public function init() {
21
+ if ( is_admin() ) {
22
+ add_action('wp_ajax_' . $this->getPlugin()->getSlug() . '_network_settings_save', array(&$this, 'save'));
23
+ if ( isset($_GET['page']) && strpos($_GET['page'], $this->getPlugin()->getSlug()) !== false && strpos($_SERVER['REQUEST_URI'], 'wp-admin/network') !== false ) {
 
 
 
 
24
  // Add meta boxes
25
  add_action('admin_init', array(&$this, 'add_meta_boxes'));
26
 
114
  * @return void
115
  */
116
  public function save() {
117
+ if ( !wp_verify_nonce($_POST['_wpnonce'], $this->getPlugin()->getSlug()) ) {
118
  return false;
119
  }
120
 
122
  $errors = array();
123
  $reload = false;
124
  $logout = false;
125
+
126
+ if ( isset($_POST['blog']) && is_array($_POST['blog']) && sizeof($_POST['blog']) > 0 ) {
127
+ foreach( $_POST['blog'] as $blog_id => $setting ) {
128
+ foreach( $setting as $key => $value ) {
129
+ if ( $key == 'ssl_host' && $value != '' ) {
130
+ $blog_url = WordPressHTTPS_Url::fromString(get_site_url($blog_id, '', 'https'));
131
+ $value = strtolower($value);
132
+ // Add Scheme
133
+ if ( strpos($value, 'http://') === false && strpos($value, 'https://') === false ) {
134
+ $value = 'https://' . $value;
135
+ }
136
+
137
+ $ssl_host = WordPressHTTPS_Url::fromString($value);
138
+
139
+ // Add Port
140
+ $port = (($blog_url->getPort() && $blog_url->getPort() != 80 && $blog_url->getPort() != 443) ? $port : null);
141
+ $ssl_host->setPort($port);
142
+
143
+ // Add Path
144
+ if ( strpos($ssl_host->getPath(), $blog_url->getPath()) !== true ) {
145
+ $path = '/'. ltrim(str_replace(rtrim($blog_url->getPath(), '/'), '', $ssl_host->getPath()), '/');
146
+ $ssl_host->setPath(rtrim($path, '/') . $blog_url->getPath());
 
 
 
147
  }
148
+ $ssl_host->setPath(rtrim($ssl_host->getPath(), '/') . '/');
149
+ $value = $ssl_host->toString();
150
  }
151
+ $this->getPlugin()->setSetting($key, $value, $blog_id);
152
  }
153
  }
154
+ }
155
+ if ( isset($_POST['blog_default']) && is_array($_POST['blog_default']) && sizeof($_POST['blog_default']) > 0 ) {
156
+ $this->getPlugin()->setSetting('network_defaults', $_POST['blog_default']);
157
  }
158
 
159
  if ( $logout ) {
160
  wp_logout();
161
  }
162
 
163
+ require_once($this->getPlugin()->getDirectory() . '/admin/templates/ajax_message.php');
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
164
  }
165
 
166
  }
lib/WordPressHTTPS/Module/Parser.php CHANGED
@@ -68,7 +68,7 @@ class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module {
68
  *
69
  * @param string $url
70
  * @param string $type
71
- * @return void
72
  */
73
  public function secureElement( $url, $type = '' ) {
74
  $updated = false;
@@ -108,10 +108,13 @@ class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module {
108
  *
109
  * @param string $url
110
  * @param string $type
111
- * @return void
112
  */
113
  public function unsecureElement( $url, $type = '' ) {
114
  $updated = false;
 
 
 
115
 
116
  if ( ! is_admin() || ( is_admin() && strpos($url, $upload_path) === false ) ) {
117
  $updated = $this->getPlugin()->makeUrlHttp($url);
@@ -121,10 +124,13 @@ class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module {
121
  // Add log entry if this change hasn't been logged
122
  if ( $updated && $url != $updated ) {
123
  $log = '[FIXED] Element: ' . ( $type != '' ? '<' . $type . '> ' : '' ) . $url . ' => ' . $updated;
 
124
  }
125
  if ( isset($log) && ! in_array($log, $this->getPlugin()->getLogger()->getLog()) ) {
126
  $this->getPlugin()->getLogger()->log($log);
127
  }
 
 
128
  }
129
 
130
  /**
@@ -180,6 +186,7 @@ class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module {
180
  if ( $type == 'img' || $type == 'script' || $type == 'embed' || $type == 'iframe' ||
181
  ( $type == 'link' && ( strpos($html, 'stylesheet') !== false || strpos($html, 'pingback') !== false ) ) ||
182
  ( $type == 'form' && strpos($html, 'wp-pass.php') !== false ) ||
 
183
  ( $type == 'form' && strpos($html, 'commentform') !== false ) ||
184
  ( $type == 'input' && strpos($html, 'image') !== false ) ||
185
  ( $type == 'param' && strpos($html, 'movie') !== false )
@@ -298,6 +305,9 @@ class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module {
298
  $scheme = $matches[3][$i];
299
  $updated = false;
300
  $post_id = null;
 
 
 
301
 
302
  if ( !$this->getPlugin()->isUrlLocal($url) ) {
303
  continue;
@@ -334,39 +344,72 @@ class WordPressHTTPS_Module_Parser extends Mvied_Plugin_Module {
334
  }
335
 
336
  if ( is_multisite() && isset($url_parts['host']) ) {
337
- $blog_id = false;
338
- $url_path = '/';
339
- $url_path_segments = explode('/', $url_parts['path']);
340
- if ( sizeof($url_path_segments) > 1 ) {
341
- foreach( $url_path_segments as $url_path_segment ) {
342
- if ( !$blog_id && $url_path_segment != '' ) {
343
- $url_path .= '/' . $url_path_segment . '/';
344
- if ( $blog_id = get_blog_id_from_url( $url_parts['host'], $url_path) ) {
345
- break;
 
 
346
  }
347
  }
348
  }
349
  }
350
- if ( !$blog_id ) {
351
- $blog_id = get_blog_id_from_url( $url_parts['host'], '/');
352
- }
353
- if ( $blog_id && $blog_id != $wpdb->blogid ) {
354
- if ( $this->getPlugin()->getSetting('ssl_admin', $blog_id) && ( ! $this->getPlugin()->getSetting('ssl_host_diff', $blog_id) || ( $this->getPlugin()->getSetting('ssl_host_diff', $blog_id) && function_exists('is_user_logged_in') && is_user_logged_in() ) ) ) {
 
 
 
 
 
 
355
  $force_ssl = true;
356
- } else {
357
  $force_ssl = false;
 
 
358
  }
359
  }
360
  }
361
  }
362
 
363
- $force_ssl = apply_filters('force_ssl', null, ( isset($post_id) ? $post_id : 0 ), $url );
 
 
 
364
 
365
  if ( $force_ssl == true ) {
366
- $updated = $this->getPlugin()->makeUrlHttps($url);
 
 
 
 
 
 
 
 
 
 
 
367
  $this->_html = str_replace($html, str_replace($url, $updated, $html), $this->_html);
368
  } else if ( !is_null($force_ssl) && !$force_ssl ) {
369
- $updated = $this->getPlugin()->makeUrlHttp($url);
 
 
 
 
 
 
 
 
 
370
  $this->_html = str_replace($html, str_replace($url, $updated, $html), $this->_html);
371
  }
372
 
68
  *
69
  * @param string $url
70
  * @param string $type
71
+ * @return boolean
72
  */
73
  public function secureElement( $url, $type = '' ) {
74
  $updated = false;
108
  *
109
  * @param string $url
110
  * @param string $type
111
+ * @return boolean
112
  */
113
  public function unsecureElement( $url, $type = '' ) {
114
  $updated = false;
115
+ $result = false;
116
+ $upload_dir = wp_upload_dir();
117
+ $upload_path = str_replace($this->getPlugin()->getHttpsUrl()->getPath(), $this->getPlugin()->getHttpUrl()->getPath(), parse_url($upload_dir['baseurl'], PHP_URL_PATH));
118
 
119
  if ( ! is_admin() || ( is_admin() && strpos($url, $upload_path) === false ) ) {
120
  $updated = $this->getPlugin()->makeUrlHttp($url);
124
  // Add log entry if this change hasn't been logged
125
  if ( $updated && $url != $updated ) {
126
  $log = '[FIXED] Element: ' . ( $type != '' ? '<' . $type . '> ' : '' ) . $url . ' => ' . $updated;
127
+ $result = true;
128
  }
129
  if ( isset($log) && ! in_array($log, $this->getPlugin()->getLogger()->getLog()) ) {
130
  $this->getPlugin()->getLogger()->log($log);
131
  }
132
+
133
+ return $result;
134
  }
135
 
136
  /**
186
  if ( $type == 'img' || $type == 'script' || $type == 'embed' || $type == 'iframe' ||
187
  ( $type == 'link' && ( strpos($html, 'stylesheet') !== false || strpos($html, 'pingback') !== false ) ) ||
188
  ( $type == 'form' && strpos($html, 'wp-pass.php') !== false ) ||
189
+ ( $type == 'form' && strpos($html, 'wp-login.php?action=postpass') !== false ) ||
190
  ( $type == 'form' && strpos($html, 'commentform') !== false ) ||
191
  ( $type == 'input' && strpos($html, 'image') !== false ) ||
192
  ( $type == 'param' && strpos($html, 'movie') !== false )
305
  $scheme = $matches[3][$i];
306
  $updated = false;
307
  $post_id = null;
308
+ $blog_id = null;
309
+ $force_ssl = null;
310
+ $url_path = '/';
311
 
312
  if ( !$this->getPlugin()->isUrlLocal($url) ) {
313
  continue;
344
  }
345
 
346
  if ( is_multisite() && isset($url_parts['host']) ) {
347
+ if ( is_subdomain_install() ) {
348
+ $blog_id = get_blog_id_from_url( $url_parts['host'], '/');
349
+ } else {
350
+ $url_path_segments = explode('/', $url_parts['path']);
351
+ if ( sizeof($url_path_segments) > 1 ) {
352
+ foreach( $url_path_segments as $url_path_segment ) {
353
+ if ( is_null($blog_id) && $url_path_segment != '' ) {
354
+ $url_path .= $url_path_segment . '/';
355
+ if ( $blog_id = get_blog_id_from_url( $url_parts['host'], $url_path) ) {
356
+ break;
357
+ }
358
  }
359
  }
360
  }
361
  }
362
+
363
+ if ( !is_null($blog_id) && $blog_id != $wpdb->blogid ) {
364
+ // URL Filters
365
+ if ( sizeof((array)$this->getPlugin()->getSetting('secure_filter', $blog_id)) > 0 ) {
366
+ foreach( $this->getPlugin()->getSetting('secure_filter', $blog_id) as $filter ) {
367
+ if ( preg_match('/' . str_replace('/', '\/', $filter) . '/', $url) === 1 ) {
368
+ $force_ssl = true;
369
+ }
370
+ }
371
+ }
372
+ if ( ( $this->getPlugin()->getSetting('ssl_admin', $blog_id) || defined('FORCE_SSL_ADMIN') && constant('FORCE_SSL_ADMIN') ) && strpos($url_parts['path'], 'wp-admin') !== false && ( ! $this->getPlugin()->getSetting('ssl_host_diff', $blog_id) || ( $this->getPlugin()->getSetting('ssl_host_diff', $blog_id) && function_exists('is_user_logged_in') && is_user_logged_in() ) ) ) {
373
  $force_ssl = true;
374
+ } else if ( is_null($force_ssl) && $this->getPlugin()->getSetting('exclusive_https', $blog_id) ) {
375
  $force_ssl = false;
376
+ } else if ( strpos($url, 'https://') === 0 ) {
377
+ $force_ssl = true;
378
  }
379
  }
380
  }
381
  }
382
 
383
+ // Only apply force_ssl filters for current blog
384
+ if ( is_null($blog_id) ) {
385
+ $force_ssl = apply_filters('force_ssl', null, ( isset($post_id) ? $post_id : 0 ), $url );
386
+ }
387
 
388
  if ( $force_ssl == true ) {
389
+ if ( is_null($blog_id) ) {
390
+ $updated = $this->getPlugin()->makeUrlHttps($url);
391
+ } else {
392
+ if ( $ssl_host = $this->getPlugin()->getSetting('ssl_host', $blog_id) ) {
393
+ if ( is_subdomain_install() ) {
394
+ $host = $url_parts['host'] . '/';
395
+ } else {
396
+ $host = $url_parts['host'] . $url_path;
397
+ }
398
+ $updated = str_replace($url_parts['scheme'] . '://' . $host, $ssl_host, $url);
399
+ }
400
+ }
401
  $this->_html = str_replace($html, str_replace($url, $updated, $html), $this->_html);
402
  } else if ( !is_null($force_ssl) && !$force_ssl ) {
403
+ if ( is_null($blog_id) ) {
404
+ $updated = $this->getPlugin()->makeUrlHttp($url);
405
+ } else {
406
+ if ( is_subdomain_install() ) {
407
+ $host = $url_parts['host'] . '/';
408
+ } else {
409
+ $host = $url_parts['host'] . $url_path;
410
+ }
411
+ $updated = str_replace($url_parts['scheme'] . '://' . $host, get_home_url($blog_id, '/'), $url);
412
+ }
413
  $this->_html = str_replace($html, str_replace($url, $updated, $html), $this->_html);
414
  }
415
 
lib/WordPressHTTPS/Module/Settings.php CHANGED
@@ -18,20 +18,21 @@ class WordPressHTTPS_Module_Settings extends Mvied_Plugin_Module {
18
  * @return void
19
  */
20
  public function init() {
21
- if ( is_admin() && isset($_GET['page']) && strpos($_GET['page'], $this->getPlugin()->getSlug()) !== false ) {
22
- if ( $_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['action']) && $_POST['action'] == 'wphttps-settings' ) {
23
- add_action('plugins_loaded', array(&$this, 'save'), 1);
24
- }
 
 
 
25
 
26
- // Add meta boxes
27
- add_action('admin_init', array(&$this, 'add_meta_boxes'));
 
28
 
29
- // Add scripts
30
- add_action('admin_enqueue_scripts', array(&$this, 'admin_enqueue_scripts'));
31
  }
32
-
33
- // Add admin menus
34
- add_action('admin_menu', array(&$this, 'admin_menu'));
35
  }
36
 
37
  /**
@@ -126,6 +127,36 @@ class WordPressHTTPS_Module_Settings extends Mvied_Plugin_Module {
126
  self::render();
127
  }
128
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
129
  /**
130
  * Adds javascript and stylesheets to settings page in the admin panel.
131
  * WordPress Hook - enqueue_scripts
@@ -152,15 +183,38 @@ class WordPressHTTPS_Module_Settings extends Mvied_Plugin_Module {
152
  public function render() {
153
  require_once($this->getPlugin()->getDirectory() . '/admin/templates/settings.php');
154
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
155
 
156
  /**
157
  * Save Settings
158
  *
159
- * @param array $settings
160
  * @return void
161
  */
162
  public function save() {
163
- if ( !wp_verify_nonce($_POST['_wpnonce'], $this->getPlugin()->getSlug() . '-options') ) {
164
  return false;
165
  }
166
 
@@ -168,85 +222,75 @@ class WordPressHTTPS_Module_Settings extends Mvied_Plugin_Module {
168
  $errors = array();
169
  $reload = false;
170
  $logout = false;
171
- if ( isset($_POST['settings-save']) ) {
172
- foreach ($this->getPlugin()->getSettings() as $key => $default) {
173
- if ( !array_key_exists($key, $_POST) && $default == 0 ) {
174
- $_POST[$key] = 0;
175
- $this->getPlugin()->setSetting($key, $_POST[$key]);
176
- } else if ( array_key_exists($key, $_POST) ) {
177
- if ( $key == 'ssl_host' ) {
178
- if ( $_POST[$key] != '' ) {
179
- $_POST[$key] = strtolower($_POST[$key]);
180
- // Add Scheme
181
- if ( strpos($_POST[$key], 'http://') === false && strpos($_POST[$key], 'https://') === false ) {
182
- $_POST[$key] = 'https://' . $_POST[$key];
183
- }
184
 
185
- $ssl_host = WordPressHTTPS_Url::fromString($_POST[$key]);
 
 
 
 
 
 
 
 
 
 
 
186
 
187
- // Add Port
188
- $port = ((isset($_POST['ssl_port']) && is_int($_POST['ssl_port']) ) ? $_POST['ssl_port'] : $ssl_host->getPort());
189
- $port = (($port != 80 && $port != 443) ? $port : null);
190
- $ssl_host->setPort($port);
191
 
192
- // Add Path
193
- if ( strpos($ssl_host->getPath(), $this->getPlugin()->getHttpUrl()->getPath()) !== true ) {
194
- $path = '/'. ltrim(str_replace(rtrim($this->getPlugin()->getHttpUrl()->getPath(), '/'), '', $ssl_host->getPath()), '/');
195
- $ssl_host->setPath(rtrim($path, '/') . $this->getPlugin()->getHttpUrl()->getPath());
196
- }
197
- $ssl_host->setPath(rtrim($ssl_host->getPath(), '/') . '/');
198
 
199
- if ( $ssl_host->toString() != $this->getPlugin()->getHttpsUrl()->toString() ) {
200
- // Ensure that the WordPress installation is accessible at this host
201
- //if ( $ssl_host->isValid() ) {
202
- // If secure domain has changed and currently on SSL, logout user
203
- if ( $this->getPlugin()->isSsl() ) {
204
- $logout = true;
205
- }
206
- $_POST[$key] = $ssl_host->setPort('')->toString();
207
- /*} else {
208
- $errors[] = '<strong>SSL Host</strong> - Invalid WordPress installation at ' . $ssl_host;
209
- $_POST[$key] = get_option($key);
210
- }*/
211
- } else {
212
- $_POST[$key] = $this->getPlugin()->getHttpsUrl()->toString();
213
- }
214
- } else {
215
- $_POST[$key] = get_option($key);
216
- }
217
- } else if ( $key == 'ssl_proxy' ) {
218
- // Reload if we're auto detecting the proxy and we're not in SSL
219
- if ( $_POST[$key] == 'auto' && ! $this->getPlugin()->isSsl() ) {
220
- $reload = true;
221
  }
222
- } else if ( $key == 'ssl_admin' ) {
223
- if ( force_ssl_admin() && $this->getPlugin()->getSetting('ssl_host_diff') ) {
224
- $errors[] = '<strong>SSL Admin</strong> - FORCE_SSL_ADMIN should not be set to true in your wp-config.php while using a non-default SSL Host.';
225
- // If forcing SSL Admin and currently not SSL, logout user
226
- } else if ( $_POST[$key] == 1 && !$this->getPlugin()->isSsl() ) {
227
- $logout = true;
228
- }
229
- } else if ( $key == 'ssl_host_subdomain' ) {
230
- // Checks to see if the SSL Host is a subdomain
231
- $http_domain = $this->getPlugin()->getHttpUrl()->getBaseHost();
232
- $https_domain = $this->getPlugin()->getHttpsUrl()->getBaseHost();
233
 
234
- if ( $ssl_host->setScheme('http') != $this->getPlugin()->getHttpUrl() && $http_domain == $https_domain ) {
235
- $_POST[$key] = 1;
 
 
 
 
 
 
 
 
 
 
236
  } else {
237
- $_POST[$key] = 0;
238
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
239
  }
240
-
241
- $this->getPlugin()->setSetting($key, $_POST[$key]);
242
  }
 
 
243
  }
244
- } else if ( isset($_POST['settings-reset']) ) {
245
- foreach ($this->getPlugin()->getSettings() as $key => $default) {
246
- $this->getPlugin()->setSetting($key, $default);
247
- }
248
- $this->getPlugin()->install();
249
- $reload = true;
250
  }
251
 
252
  if ( $logout ) {
18
  * @return void
19
  */
20
  public function init() {
21
+ if ( is_admin() ) {
22
+ add_action('wp_ajax_' . $this->getPlugin()->getSlug() . '_settings_save', array(&$this, 'save'));
23
+ add_action('wp_ajax_' . $this->getPlugin()->getSlug() . '_settings_reset', array(&$this, 'reset'));
24
+ add_action('wp_ajax_' . $this->getPlugin()->getSlug() . '_ajax_metabox', array(&$this, 'ajax_metabox'));
25
+ if ( isset($_GET['page']) && strpos($_GET['page'], $this->getPlugin()->getSlug()) !== false ) {
26
+ // Add meta boxes
27
+ add_action('admin_init', array(&$this, 'add_meta_boxes'));
28
 
29
+ // Add scripts
30
+ add_action('admin_enqueue_scripts', array(&$this, 'admin_enqueue_scripts'));
31
+ }
32
 
33
+ // Add admin menus
34
+ add_action('admin_menu', array(&$this, 'admin_menu'));
35
  }
 
 
 
36
  }
37
 
38
  /**
127
  self::render();
128
  }
129
 
130
+ /**
131
+ * Dispatch request for ajax metabox
132
+ *
133
+ * @param none
134
+ * @return void
135
+ */
136
+ public function ajax_metabox() {
137
+ // Disable errors
138
+ error_reporting(0);
139
+
140
+ // Set headers
141
+ header("Status: 200");
142
+ header("HTTP/1.1 200 OK");
143
+ header('Content-Type: text/html');
144
+ header('Cache-Control: no-store, no-cache, must-revalidate');
145
+ header('Cache-Control: post-check=0, pre-check=0', FALSE);
146
+ header('Pragma: no-cache');
147
+ header("Vary: Accept-Encoding");
148
+
149
+ if ( ! wp_verify_nonce($_POST['_nonce'], $this->getPlugin()->getSlug()) ) {
150
+ exit;
151
+ }
152
+
153
+ $content = WordPressHTTPS_Url::fromString( $_POST['url'] )->getContent();
154
+ if ( $content ) {
155
+ echo $content;
156
+ }
157
+ exit;
158
+ }
159
+
160
  /**
161
  * Adds javascript and stylesheets to settings page in the admin panel.
162
  * WordPress Hook - enqueue_scripts
183
  public function render() {
184
  require_once($this->getPlugin()->getDirectory() . '/admin/templates/settings.php');
185
  }
186
+
187
+ /**
188
+ * Reset Settings
189
+ *
190
+ * @param none
191
+ * @return void
192
+ */
193
+ public function reset() {
194
+ if ( !wp_verify_nonce($_POST['_wpnonce'], $this->getPlugin()->getSlug()) ) {
195
+ return false;
196
+ }
197
+
198
+ $message = "Settings reset.";
199
+ $errors = array();
200
+ $reload = true;
201
+
202
+ foreach ($this->getPlugin()->getSettings() as $key => $default) {
203
+ $this->getPlugin()->setSetting($key, $default);
204
+ }
205
+ $this->getPlugin()->install();
206
+
207
+ require_once($this->getPlugin()->getDirectory() . '/admin/templates/ajax_message.php');
208
+ }
209
 
210
  /**
211
  * Save Settings
212
  *
213
+ * @param none
214
  * @return void
215
  */
216
  public function save() {
217
+ if ( !wp_verify_nonce($_POST['_wpnonce'], $this->getPlugin()->getSlug()) ) {
218
  return false;
219
  }
220
 
222
  $errors = array();
223
  $reload = false;
224
  $logout = false;
 
 
 
 
 
 
 
 
 
 
 
 
 
225
 
226
+ foreach ($this->getPlugin()->getSettings() as $key => $default) {
227
+ if ( !array_key_exists($key, $_POST) && $default == 0 ) {
228
+ $_POST[$key] = 0;
229
+ $this->getPlugin()->setSetting($key, $_POST[$key]);
230
+ } else if ( array_key_exists($key, $_POST) ) {
231
+ if ( $key == 'ssl_host' ) {
232
+ if ( $_POST[$key] != '' ) {
233
+ $_POST[$key] = strtolower($_POST[$key]);
234
+ // Add Scheme
235
+ if ( strpos($_POST[$key], 'http://') === false && strpos($_POST[$key], 'https://') === false ) {
236
+ $_POST[$key] = 'https://' . $_POST[$key];
237
+ }
238
 
239
+ $ssl_host = WordPressHTTPS_Url::fromString($_POST[$key]);
 
 
 
240
 
241
+ // Add Port
242
+ $_POST['ssl_port'] = $port = ((isset($_POST['ssl_port']) && is_int($_POST['ssl_port']) && $_POST['ssl_port'] != 443) ? $_POST['ssl_port'] : $ssl_host->getPort());
243
+ $ssl_host->setPort($port);
 
 
 
244
 
245
+ // Add Path
246
+ if ( strpos($ssl_host->getPath(), $this->getPlugin()->getHttpUrl()->getPath()) !== true ) {
247
+ $path = '/'. ltrim(str_replace(rtrim($this->getPlugin()->getHttpUrl()->getPath(), '/'), '', $ssl_host->getPath()), '/');
248
+ $ssl_host->setPath(rtrim($path, '/') . $this->getPlugin()->getHttpUrl()->getPath());
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
249
  }
250
+ $ssl_host->setPath(rtrim($ssl_host->getPath(), '/') . '/');
 
 
 
 
 
 
 
 
 
 
251
 
252
+ if ( $ssl_host->toString() != $this->getPlugin()->getHttpsUrl()->toString() ) {
253
+ // Ensure that the WordPress installation is accessible at this host
254
+ //if ( $ssl_host->isValid() ) {
255
+ // If secure domain has changed and currently on SSL, logout user
256
+ if ( $this->getPlugin()->isSsl() ) {
257
+ $logout = true;
258
+ }
259
+ $_POST[$key] = $ssl_host->setPort('')->toString();
260
+ /*} else {
261
+ $errors[] = '<strong>SSL Host</strong> - Invalid WordPress installation at ' . $ssl_host;
262
+ $_POST[$key] = get_option($key);
263
+ }*/
264
  } else {
265
+ $_POST[$key] = $this->getPlugin()->getHttpsUrl()->toString();
266
  }
267
+ } else {
268
+ $_POST[$key] = get_option($key);
269
+ }
270
+ } else if ( $key == 'ssl_proxy' ) {
271
+ // Reload if we're auto detecting the proxy and we're not in SSL
272
+ if ( $_POST[$key] == 'auto' && ! $this->getPlugin()->isSsl() ) {
273
+ $reload = true;
274
+ }
275
+ } else if ( $key == 'ssl_admin' ) {
276
+ if ( force_ssl_admin() && $this->getPlugin()->getSetting('ssl_host_diff') ) {
277
+ $errors[] = '<strong>SSL Admin</strong> - FORCE_SSL_ADMIN should not be set to true in your wp-config.php while using a non-default SSL Host.';
278
+ // If forcing SSL Admin and currently not SSL, logout user
279
+ } else if ( $_POST[$key] == 1 && !$this->getPlugin()->isSsl() ) {
280
+ $logout = true;
281
+ }
282
+ } else if ( $key == 'ssl_host_subdomain' ) {
283
+ // Checks to see if the SSL Host is a subdomain
284
+ $is_subdomain = $this->getPlugin()->getHttpsUrl()->isSubdomain($this->getPlugin()->getHttpUrl());
285
+ if ( $ssl_host->setScheme('http') != $this->getPlugin()->getHttpUrl() && $is_subdomain ) {
286
+ $_POST[$key] = 1;
287
+ } else {
288
+ $_POST[$key] = 0;
289
  }
 
 
290
  }
291
+
292
+ $this->getPlugin()->setSetting($key, $_POST[$key]);
293
  }
 
 
 
 
 
 
294
  }
295
 
296
  if ( $logout ) {
lib/WordPressHTTPS/Module/UrlFilters.php CHANGED
@@ -18,13 +18,13 @@ class WordPressHTTPS_Module_UrlFilters extends Mvied_Plugin_Module {
18
  * @return void
19
  */
20
  public function init() {
21
- if ( is_admin() && isset($_GET['page']) && strpos($_GET['page'], $this->getPlugin()->getSlug()) !== false ) {
22
- if ( $_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['action']) && $_POST['action'] == 'wphttps-filters' ) {
23
- add_action('plugins_loaded', array(&$this, 'save'), 1);
 
 
 
24
  }
25
-
26
- // Add meta boxes
27
- add_action('admin_init', array(&$this, 'add_meta_boxes'));
28
  }
29
 
30
  add_filter('force_ssl', array(&$this, 'secure_filter_url'), 10, 3);
@@ -69,6 +69,26 @@ class WordPressHTTPS_Module_UrlFilters extends Mvied_Plugin_Module {
69
  );
70
  }
71
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
72
  /**
73
  * Save Url Filters
74
  *
@@ -76,26 +96,17 @@ class WordPressHTTPS_Module_UrlFilters extends Mvied_Plugin_Module {
76
  * @return void
77
  */
78
  public function save() {
79
- if ( !wp_verify_nonce($_POST['_wpnonce'], $this->getPlugin()->getSlug() . '-options') ) {
80
  return false;
81
  }
82
 
83
  $message = "URL Filters saved.";
84
  $errors = array();
85
  $reload = false;
86
- $logout = false;
87
- if ( isset($_POST['filters-save']) ) {
88
- $filters = array_map('trim', explode("\n", $_POST['secure_filter']));
89
- $filters = array_filter($filters); // Removes blank array items
90
- $this->getPlugin()->setSetting('secure_filter', $filters);
91
- } else if ( isset($_POST['filters-reset']) ) {
92
- $this->getPlugin()->setSetting('secure_filter', array());
93
- $reload = true;
94
- }
95
 
96
- if ( $logout ) {
97
- wp_logout();
98
- }
99
 
100
  require_once($this->getPlugin()->getDirectory() . '/admin/templates/ajax_message.php');
101
  }
18
  * @return void
19
  */
20
  public function init() {
21
+ if ( is_admin() ) {
22
+ add_action('wp_ajax_' . $this->getPlugin()->getSlug() . '_filters_save', array(&$this, 'save'));
23
+ add_action('wp_ajax_' . $this->getPlugin()->getSlug() . '_filters_reset', array(&$this, 'reset'));
24
+ if ( isset($_GET['page']) && strpos($_GET['page'], $this->getPlugin()->getSlug()) !== false ) {
25
+ // Add meta boxes
26
+ add_action('admin_init', array(&$this, 'add_meta_boxes'));
27
  }
 
 
 
28
  }
29
 
30
  add_filter('force_ssl', array(&$this, 'secure_filter_url'), 10, 3);
69
  );
70
  }
71
 
72
+ /**
73
+ * Reset Url Filters
74
+ *
75
+ * @param array $settings
76
+ * @return void
77
+ */
78
+ public function reset() {
79
+ if ( !wp_verify_nonce($_POST['_wpnonce'], $this->getPlugin()->getSlug()) ) {
80
+ return false;
81
+ }
82
+
83
+ $message = "URL Filters reset.";
84
+ $errors = array();
85
+ $reload = true;
86
+
87
+ $this->getPlugin()->setSetting('secure_filter', array());
88
+
89
+ require_once($this->getPlugin()->getDirectory() . '/admin/templates/ajax_message.php');
90
+ }
91
+
92
  /**
93
  * Save Url Filters
94
  *
96
  * @return void
97
  */
98
  public function save() {
99
+ if ( !wp_verify_nonce($_POST['_wpnonce'], $this->getPlugin()->getSlug()) ) {
100
  return false;
101
  }
102
 
103
  $message = "URL Filters saved.";
104
  $errors = array();
105
  $reload = false;
 
 
 
 
 
 
 
 
 
106
 
107
+ $filters = array_map('trim', explode("\n", $_POST['secure_filter']));
108
+ $filters = array_filter($filters); // Removes blank array items
109
+ $this->getPlugin()->setSetting('secure_filter', $filters);
110
 
111
  require_once($this->getPlugin()->getDirectory() . '/admin/templates/ajax_message.php');
112
  }
lib/WordPressHTTPS/Url.php CHANGED
@@ -440,6 +440,21 @@ class WordPressHTTPS_Url {
440
  return false;
441
  }
442
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
443
  /**
444
  * Factory object from an array provided by the parse_url function
445
  *
@@ -519,7 +534,7 @@ class WordPressHTTPS_Url {
519
  $string = ( $this->getScheme() ? $this->getScheme() . '://' : '' ) .
520
  ( $this->getUser() ? $this->getUser() . ( $this->getPass() ? ':' . $this->getPass() : '' ) . '@' : '' ) .
521
  $this->getHost() .
522
- ( $this->getPort() ? ':' . $this->getPort() : '' ) .
523
  $this->getPath() .
524
  ( $this->getQuery() ? '?' . $this->getQuery() : '' ) .
525
  ( $this->getFragment() ? '#' . $this->getFragment() : '' );
440
  return false;
441
  }
442
 
443
+ /**
444
+ * Compares URL objects to determine if either of them are a subdomain of the other.
445
+ *
446
+ * @param WordPressHTTPS_Url $url
447
+ * @return boolean
448
+ */
449
+ public function isSubdomain( WordPressHTTPS_Url $url ) {
450
+ $this_host = $this->getBaseHost();
451
+ $other_host = $url->getBaseHost();
452
+ if ( $this_host == $other_host ) {
453
+ return true;
454
+ }
455
+ return false;
456
+ }
457
+
458
  /**
459
  * Factory object from an array provided by the parse_url function
460
  *
534
  $string = ( $this->getScheme() ? $this->getScheme() . '://' : '' ) .
535
  ( $this->getUser() ? $this->getUser() . ( $this->getPass() ? ':' . $this->getPass() : '' ) . '@' : '' ) .
536
  $this->getHost() .
537
+ ( $this->getPort() && ( ( $this->getPort() != 80 && $this->getScheme() == 'http' ) || ( $this->getPort() != 443 && $this->getScheme() == 'https' ) ) ? ':' . $this->getPort() : '' ) .
538
  $this->getPath() .
539
  ( $this->getQuery() ? '?' . $this->getQuery() : '' ) .
540
  ( $this->getFragment() ? '#' . $this->getFragment() : '' );
readme.txt CHANGED
@@ -4,18 +4,16 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_i
4
  Tags: security, encryption, ssl, shared ssl, private ssl, public ssl, private ssl, http, https
5
  Requires at least: 3.0
6
  Tested up to: 3.5
7
- Stable tag: 3.3.0
8
  License: GPLv3
9
 
10
  WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
11
 
12
  == Description ==
13
- Read the <a href="http://wordpress.org/extend/plugins/wordpress-https/installation/">Installation Guide</a>.
14
- If after setting up the plugin you are experiencing issues, please check the <a href="http://wordpress.org/extend/plugins/wordpress-https/faq/">FAQ</a>. If you are still unable to resolve your issue, <a href="http://wordpress.org/support/plugin/wordpress-https">start a support topic</a> and I will do my best to assist you.
15
-
16
- = Development =
17
- Contribute Code at [https://github.com/Mvied/wordpress-https](https://github.com/Mvied/wordpress-https)
18
- Contribute Translations at [https://translate.foe-services.de/projects/wordpress-https](https://translate.foe-services.de/projects/wordpress-https)
19
 
20
  == Installation ==
21
  1. Upload the `wordpress-https` folder to the `/wp-content/plugins/` directory.
@@ -97,6 +95,15 @@ add_filter('force_ssl', 'store_force_ssl', 10, 3);`
97
  2. Force SSL checkbox added to add/edit posts screen
98
 
99
  == Changelog ==
 
 
 
 
 
 
 
 
 
100
  = 3.3.0 =
101
  * Tested with WordPress v3.5.
102
  * Added German translation and gettext support. Thanks <a href="https://github.com/cfoellmann">Christian Foellmann</a>.
4
  Tags: security, encryption, ssl, shared ssl, private ssl, public ssl, private ssl, http, https
5
  Requires at least: 3.0
6
  Tested up to: 3.5
7
+ Stable tag: 3.3.5
8
  License: GPLv3
9
 
10
  WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
11
 
12
  == Description ==
13
+ <p>Read the <a href="http://wordpress.org/extend/plugins/wordpress-https/installation/">Installation Guide</a>. If after setting up the plugin you are experiencing issues, please check the <a href="http://wordpress.org/extend/plugins/wordpress-https/faq/">FAQ</a>.</p>
14
+ <p>If you are still unable to resolve your issue, <a href="http://wordpress.org/support/plugin/wordpress-https">start a support topic</a> and I or someone from the community will be able to assist you.</p>
15
+ <p>Contribute Code at <a href="https://github.com/Mvied/wordpress-https">https://github.com/Mvied/wordpress-https</a></p>
16
+ <p>Contribute Translations at <a href="https://translate.foe-services.de/projects/wordpress-https">https://translate.foe-services.de/projects/wordpress-https</a></p>
 
 
17
 
18
  == Installation ==
19
  1. Upload the `wordpress-https` folder to the `/wp-content/plugins/` directory.
95
  2. Force SSL checkbox added to add/edit posts screen
96
 
97
  == Changelog ==
98
+ = 3.3.5 =
99
+ * Enhanced multisite support and testing.
100
+ * Slightly adjusted settings page column widths.
101
+ * Now using admin-ajax.php for settings page.
102
+ * Added detection and conflict fixes for a few popular E-commerce plugins: WooCommerce, WP E-commerce and Jigoshop
103
+ * Bug Fix - Password protected pages in WordPress 3.5+ should now be properly secured.
104
+ * Bug Fix - The SSL Admin setting should now be properly retained when using FORCE_SSL_ADMIN.
105
+ * Bug Fix - Links to the home page should now properly be set to HTTP when using Force SSL Exclusively.
106
+ * Bug Fix - Installations with a non-default wp-content folder location should no longer experience issues with the WordPress HTTPS settings page.
107
  = 3.3.0 =
108
  * Tested with WordPress v3.5.
109
  * Added German translation and gettext support. Thanks <a href="https://github.com/cfoellmann">Christian Foellmann</a>.
wordpress-https.php CHANGED
@@ -4,7 +4,7 @@
4
  Plugin URI: http://mvied.com/projects/wordpress-https/
5
  Description: WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
6
  Author: Mike Ems
7
- Version: 3.3.0
8
  Author URI: http://mvied.com/
9
 
10
  Text Domain: wordpress-https
@@ -28,6 +28,8 @@
28
  along with this program. If not, see <http://www.gnu.org/licenses/>.
29
  */
30
 
 
 
31
  load_plugin_textdomain( 'wordpress-https', false, dirname( plugin_basename( __FILE__ ) ) . '/languages/' );
32
 
33
  function wphttps_autoloader($class) {
@@ -43,10 +45,10 @@ spl_autoload_register('wphttps_autoloader');
43
  */
44
  //define('WPHTTPS_RESET', true);
45
 
46
- if ( function_exists('get_bloginfo') && ! defined('WP_UNINSTALL_PLUGIN') ) {
47
  $wordpress_https = new WordPressHTTPS;
48
  $wordpress_https->setSlug('wordpress-https');
49
- $wordpress_https->setVersion('3.3.0');
50
  $wordpress_https->setLogger(WordPressHTTPS_Logger::getInstance());
51
  $wordpress_https->setDirectory(dirname(__FILE__));
52
  $wordpress_https->setModuleDirectory(dirname(__FILE__) . '/lib/WordPressHTTPS/Module/');
4
  Plugin URI: http://mvied.com/projects/wordpress-https/
5
  Description: WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
6
  Author: Mike Ems
7
+ Version: 3.3.5
8
  Author URI: http://mvied.com/
9
 
10
  Text Domain: wordpress-https
28
  along with this program. If not, see <http://www.gnu.org/licenses/>.
29
  */
30
 
31
+ if ( !defined('ABSPATH') ) exit;
32
+
33
  load_plugin_textdomain( 'wordpress-https', false, dirname( plugin_basename( __FILE__ ) ) . '/languages/' );
34
 
35
  function wphttps_autoloader($class) {
45
  */
46
  //define('WPHTTPS_RESET', true);
47
 
48
+ if ( ! defined('WP_UNINSTALL_PLUGIN') ) {
49
  $wordpress_https = new WordPressHTTPS;
50
  $wordpress_https->setSlug('wordpress-https');
51
+ $wordpress_https->setVersion('3.3.5');
52
  $wordpress_https->setLogger(WordPressHTTPS_Logger::getInstance());
53
  $wordpress_https->setDirectory(dirname(__FILE__));
54
  $wordpress_https->setModuleDirectory(dirname(__FILE__) . '/lib/WordPressHTTPS/Module/');