}
//
// get (or set default) options from the database
//
$use_ssl = as_option("get", "use_ssl", "0") === "1" ? true : false;
$additional_urls = as_option("get", "additional_urls", "wp-comments-post.php\nwp-admin/plugins.php?page=akismet-key-config");
$ignore_urls = as_option("get", "ignore_urls", "xmlrpc.php");
$secure_users_only = as_option("get", "secure_users_only", "0") === "1" ? true : false;
if (!isset($config_parent)) {
$config_parent = as_option("get", "config_parent", "plugins.php");
}
if (apache_version(1.3, 1)) {
$default_https_key = "SERVER_PORT";
$default_https_value = "443";
} elseif (apache_version(2)) {
$default_https_key = "HTTPS";
$default_https_value = "on";
}
$https_key = as_option("get", "https_key", $default_https_key);
$https_value = as_option("get", "https_value", $default_https_value);
//
// build secure site url
//
$secure_url = preg_replace("|^https?://|", scheme($use_ssl), get_option("siteurl"));
$secure_url = rtrim(trim($secure_url), "/");
# remove any trailing slashes
//
// log plugin options
//
as_log("HTTPS: " . (is_https() ? "Yes" : "No") . "\n\t\tURL: http" . (is_https() ? "s" : "") . "://" . host() . req_uri() . "\n\n\t\tUse SSL: " . ($use_ssl ? "Yes" : "No") . "\n\t\tSite URL: " . get_option("siteurl") . "\n\t\tSecure URL: {$secure_url}\n\t\tAdditional urls:\n{$additional_urls}\n\t\tIgnore urls:\n{$ignore_urls}\n\t\tSecure users only: " . ($secure_users_only ? "Yes" : "No") . "\n\t\tConfig parent: {$config_parent}");
as_log("\n-- end initialisation, begin functions --\n");
function as_ob_handler($buffer)
{
global $secure_url, $secure_users_only;
if (!function_exists("get_option")) {
return $buffer;
}
//
// log call to output buffer handler
//
as_log("as_ob_handler()\nBuffer: " . substr($buffer, 0, 10) . "...");
//
// check ignore urls
//
$ignore_urls = as_ignore_urls();
$continue = true;
foreach ($ignore_urls as $uri) {
if (strpos(req_uri(), $uri) !== false) {
$continue = false;
}
}
if ($continue) {
//
// build site urls and get secure uris
//
$siteurl = get_option("siteurl") . "/";
$home = get_option("home") . "/";
$secure = $secure_url . "/";
$secure_uris = as_secure_uris(true);
//
// on admin side, links are not absolute but relative - change this
//
if (is_admin()) {
$pattern = "/href=['\"]((?<!http)[\\w-]*\\.php.*)['\"]/U";
$replacement = "href=\"{$siteurl}" . "wp-admin/\$1\"";
$buffer = preg_replace($pattern, $replacement, $buffer);
}
//
// add default and additional uris
//
if (is_array($secure_uris["default"])) {
foreach ($secure_uris["default"] as $uri) {
$replace_this[] = $siteurl . $uri;
$with_this[] = $secure . $uri;
$replace_this[] = $home . $uri;
$with_this[] = $secure . $uri;
}
}
if (is_array($secure_uris["additional"]) && (is_user_logged_in() && $secure_users_only || !$secure_users_only)) {
foreach ($secure_uris["additional"] as $uri) {
$replace_this[] = $siteurl . $uri;
$with_this[] = $secure . $uri;
$replace_this[] = $home . $uri;
$with_this[] = $secure . $uri;
}
}
//
// additional securing
//
if (is_https() && !defined("TEST") && is_preview()) {
$replace_this[] = $siteurl;
$with_this[] = $secure;
$replace_this[] = $home;
$with_this[] = $secure;
}
//
// replace all the links and return $buffer
//
$replace_this[] = "</body>";
$with_this[] = "<!-- filtered by Admin SSL --></body>";
as_log("Buffer Pre: {$buffer}");
$buffer = str_replace($replace_this, $with_this, $buffer);
as_log("Buffer Post: {$buffer}");
}
return $buffer;
}
}
}
}
//
//
// OPERATING DIRECTORY DETECTION
//
//
//
// get operating directory and log environment variables
//
$slash = strpos(__FILE__, "/") === false ? "\\" : "/";
$path = str_replace($slash . "admin-ssl.php", "", __FILE__);
$dir = substr($path, strrpos($path, $slash) + 1);
as_log("### ADMIN SSL BEGINS ###");
as_log("HTTP Host: " . host() . "\n\t\t\t\tRequest URI: " . req_uri() . "\n\t\t\t\tRedirect to: " . redirect_to() . "\n\t\t\t\tFound admin-ssl.php in\n\t\t\t\t - path: {$path}\n\t\t\t\t - directory: {$dir}");
//
// if operating directory is mu-plugins, get the name of admin-ssl directory
//
$plugins_dir = "plugins";
$config_page = "config-page.php";
//
// log variables just defined
//
as_log("Plugins directory: {$plugins_dir}\n\t\t\t\tConfig page: {$config_page}");
//
//
// GET (OR SET DEFAULT) OPTIONS
//
//
require_once "includes/options.php";
