function as_siteurl_cookie($action)
{
global $cookie_value, $cookie_expire, $dir, $plugins_dir, $secure_url;
//
// continue only if action is 'set' and there is a cookie value,
// or if action is 'clear'
//
$continue = false;
if ($action === "set" && $cookie_value) {
$continue = true;
} elseif ($action === "clear") {
$cookie_value = " ";
$cookie_expire = 1;
$continue = true;
}
//
// redirect to cookie script - only ever called from wp-login.php
//
if ($continue) {
$path = "/" . content_dir() . "{$plugins_dir}/{$dir}/admin-ssl-cookie.php";
$file = str_replace("/wp-login.php", "", $_SERVER["SCRIPT_FILENAME"]) . $path;
as_log("as_siteurl_cookie()\nPath to admin-ssl-cookie.php: {$file}");
if (file_exists($file)) {
//
// build the URL to redirect to after setting the cookie
//
if (redirect_to() && redirect_to() !== "wp-admin/") {
if (strpos(redirect_to(), "http") === 0) {
$redirect = redirect_to();
} elseif (strpos(redirect_to(), "/") === 0) {
$redirect = scheme($use_ssl) . host() . redirect_to();
} else {
$redirect .= $secure_url . "/" . redirect_to();
}
} else {
$redirect = $secure_url . "/wp-login.php";
}
//
// build the URL to admin-ssl-cookie.php with the cookie data
//
$location = rtrim(get_option("siteurl"), "/");
$location .= "{$path}?name=" . AUTH_COOKIE . "&value={$cookie_value}";
$location .= "&expire={$cookie_expire}&path=" . COOKIEPATH . "&domain=" . COOKIE_DOMAIN;
$location .= "&redirect=" . urlencode($redirect);
as_log("as_siteurl_cookie()\nRedirecting to: {$location}");
as_redirect($location);
}
}
}
function as_init()
{
global $use_ssl, $secure_url;
//
// check Admin SSL version and perform DB maintenance as required
//
$previous_version = as_option("get", "version");
if ($previous_version < 2.0) {
//
// remove old options from the database
//
as_option("delete", "use_shared");
as_option("delete", "shared_url");
//
// reset use SSL when switching to the new version in case shared was being used before
//
as_option("update", "use_ssl", false);
$use_ssl = false;
}
//
// set the current version of the Admin SSL plugin so we know it's been migrated next time
//
as_option("update", "version", AS_VERSION);
if ($use_ssl) {
//
// disable redirection if testing
//
$do_redirect = !defined("TEST");
//
// check if any of the secure uris matches the current request uri
//
$match = false;
foreach (as_secure_uris() as $uri) {
if (strpos(req_uri(), $uri) !== false) {
$match = true;
}
}
//
// get the HTTP hosts for secure and non-secure URLs
//
$tmp = parse_url($secure_url);
$secure_host = $tmp["host"];
$tmp = parse_url(get_option("siteurl"));
$siteurl_host = $tmp["host"];
$host_should_be = is_https() ? $secure_host : $siteurl_host;
$host_match = host() === $host_should_be ? true : false;
//
// for redirection between Shared SSL URL and site URL we need the bit of the URL
// AFTER either $secure_url or siteurl - as an example:
// to redirect from http://your_blog.com/wp-admin/profile.php
// to https://some_host.com/~username/wp-admin/profile.php
// we need to get /wp-admin/profile.php from siteurl as the path to add to $secure_url
//
if (host() === $secure_host) {
$url_info = parse_url($secure_url);
} elseif (host() === $siteurl_host) {
$url_info = parse_url(get_option("siteurl"));
} else {
as_log("as_init()\nThe host ('" . host() . "') is neither the " . "secure host ('{$secure_host}') or the siteurl host ('{$siteurl_host}') - " . "Redirecting to blog home page");
as_log("as_init()\nRedirecting to: " . get_option("siteurl"));
if ($do_redirect) {
as_redirect(get_option("siteurl"));
} else {
return get_option("siteurl");
}
# return value for testing purposes
}
$url_path_len = strlen($url_info["path"]);
$url_path = substr(req_uri(), $url_path_len);
as_log("as_init()\nURL path: {$url_path}");
//
// redirect as necessary - secure or de-secure page - ensure correct HTTP host is being used
//
if ($match) {
as_log("as_init()\nMatched url");
//
// parse the url we need to redirect to
//
$url = parse_url($use_ssl ? $secure_url : get_option("siteurl"));
//
// build and redirect to the correct URL
//
if (!is_https() && $use_ssl || is_https() && !$use_ssl || host() !== $url["host"]) {
$location = scheme($use_ssl) . $url["host"] . rtrim($url["path"], "/") . $url_path;
as_log("as_init()\nRedirecting to: {$location}");
if ($do_redirect) {
as_redirect($location);
} else {
return $location;
}
# return value for testing purposes
} elseif ($use_ssl && is_https() && redirect_to()) {
$wp_admin = strpos(redirect_to(), "wp-admin");
if ($wp_admin !== 0) {
$_REQUEST["redirect_to"] = substr(redirect_to(), $wp_admin);
}
}
} elseif (is_https() || !$host_match) {
as_log("as_init()\nDid not match url and either it's secure or the hosts don't match");
$location = get_option("siteurl") . $url_path;
as_log("as_init()\nRedirecting to: {$location}");
if ($do_redirect) {
as_redirect($location);
} else {
return $location;
}
# return value for testing purposes
}
//
// start output buffering
//
if ($use_ssl && !defined("TEST")) {
ob_start("as_ob_handler");
}
}
}
function as_conf()
{
global $use_ssl, $secure_url;
global $additional_urls, $ignore_urls, $secure_users_only;
global $config_page, $config_parent;
global $https_key, $https_value;
if (isset($_POST["submit"])) {
//
// make sure current user can set permissions,
// and that the referer was a page from this site
//
if (!as_user_can("manage_options")) {
exit("You don't have permission to change these options!");
}
check_admin_referer();
//
// get the posted configuration options
//
$use_ssl = "on" === _post("use_ssl") ? 1 : 0;
$additional_urls = _post("additional_urls");
$ignore_urls = _post("ignore_urls");
$secure_users_only = "on" === _post("secure_users_only") ? 1 : 0;
$redirect = true;
# if different config parent page chosen, need to redirect later
if ($config_parent === _post("config_parent")) {
$redirect = false;
} else {
$config_parent = _post("config_parent");
}
$https_key = _post("https_key");
$https_value = _post("https_value");
//
// verify the selected options
//
//
// $config_parent may only be one of two options
//
if ($config_parent !== "plugins.php" && $config_parent !== "options-general.php") {
$message = "You submitted an invalid value ('{$config_parent}') for config parent.";
}
//
// https key and value cannot be empty
//
if (trim($https_key) === "") {
$https_key = "HTTPS";
}
if (trim($https_value) === "") {
$https_value = "on";
}
//
// if there has been an error, reset all the options
//
if (isset($message)) {
$use_ssl = as_option("get", "ssl_use_ssl");
$additional_urls = as_option("get", "additional_urls");
$ignore_urls = as_option("get", "ignore_urls");
$secure_users_only = as_option("get", "secure_users_only");
$config_parent = as_option("get", "config_parent");
$https_key = as_option("get", "https_key");
$https_value = as_option("get", "https_value");
as_log("as_conf()\nError saving options: {$message}\nResetting options to previous values");
} else {
as_log("as_conf()\nNew option values will be saved");
}
//
// update options in database
//
as_option("update", "use_ssl", $use_ssl);
as_option("update", "additional_urls", $additional_urls);
as_option("update", "ignore_urls", $ignore_urls);
as_option("update", "secure_users_only", $secure_users_only);
as_option("update", "config_parent", $config_parent);
as_option("update", "https_key", $https_key);
as_option("update", "https_value", $https_value);
if (!isset($message)) {
$message = "Options saved.";
}
//
// if config parent has been changed, redirect
//
if ($redirect) {
$location = $config_parent . "?page=admin-ssl-config";
as_log("as_conf():\nRedirecting to {$location}");
as_redirect($location);
}
}
//
// require configuration settings page
//
require_once $config_page;
}
