function as_siteurl_cookie($action)
{
global $cookie_value, $cookie_expire, $dir, $plugins_dir, $secure_url;
//
// continue only if action is 'set' and there is a cookie value,
// or if action is 'clear'
//
$continue = false;
if ($action === "set" && $cookie_value) {
$continue = true;
} elseif ($action === "clear") {
$cookie_value = " ";
$cookie_expire = 1;
$continue = true;
}
//
// redirect to cookie script - only ever called from wp-login.php
//
if ($continue) {
$path = "/" . content_dir() . "{$plugins_dir}/{$dir}/admin-ssl-cookie.php";
$file = str_replace("/wp-login.php", "", $_SERVER["SCRIPT_FILENAME"]) . $path;
as_log("as_siteurl_cookie()\nPath to admin-ssl-cookie.php: {$file}");
if (file_exists($file)) {
//
// build the URL to redirect to after setting the cookie
//
if (redirect_to() && redirect_to() !== "wp-admin/") {
if (strpos(redirect_to(), "http") === 0) {
$redirect = redirect_to();
} elseif (strpos(redirect_to(), "/") === 0) {
$redirect = scheme($use_ssl) . host() . redirect_to();
} else {
$redirect .= $secure_url . "/" . redirect_to();
}
} else {
$redirect = $secure_url . "/wp-login.php";
}
//
// build the URL to admin-ssl-cookie.php with the cookie data
//
$location = rtrim(get_option("siteurl"), "/");
$location .= "{$path}?name=" . AUTH_COOKIE . "&value={$cookie_value}";
$location .= "&expire={$cookie_expire}&path=" . COOKIEPATH . "&domain=" . COOKIE_DOMAIN;
$location .= "&redirect=" . urlencode($redirect);
as_log("as_siteurl_cookie()\nRedirecting to: {$location}");
as_redirect($location);
}
}
}
function as_init()
{
global $use_ssl, $secure_url;
//
// check Admin SSL version and perform DB maintenance as required
//
$previous_version = as_option("get", "version");
if ($previous_version < 2.0) {
//
// remove old options from the database
//
as_option("delete", "use_shared");
as_option("delete", "shared_url");
//
// reset use SSL when switching to the new version in case shared was being used before
//
as_option("update", "use_ssl", false);
$use_ssl = false;
}
//
// set the current version of the Admin SSL plugin so we know it's been migrated next time
//
as_option("update", "version", AS_VERSION);
if ($use_ssl) {
//
// disable redirection if testing
//
$do_redirect = !defined("TEST");
//
// check if any of the secure uris matches the current request uri
//
$match = false;
foreach (as_secure_uris() as $uri) {
if (strpos(req_uri(), $uri) !== false) {
$match = true;
}
}
//
// get the HTTP hosts for secure and non-secure URLs
//
$tmp = parse_url($secure_url);
$secure_host = $tmp["host"];
$tmp = parse_url(get_option("siteurl"));
$siteurl_host = $tmp["host"];
$host_should_be = is_https() ? $secure_host : $siteurl_host;
$host_match = host() === $host_should_be ? true : false;
//
// for redirection between Shared SSL URL and site URL we need the bit of the URL
// AFTER either $secure_url or siteurl - as an example:
// to redirect from http://your_blog.com/wp-admin/profile.php
// to https://some_host.com/~username/wp-admin/profile.php
// we need to get /wp-admin/profile.php from siteurl as the path to add to $secure_url
//
if (host() === $secure_host) {
$url_info = parse_url($secure_url);
} elseif (host() === $siteurl_host) {
$url_info = parse_url(get_option("siteurl"));
} else {
as_log("as_init()\nThe host ('" . host() . "') is neither the " . "secure host ('{$secure_host}') or the siteurl host ('{$siteurl_host}') - " . "Redirecting to blog home page");
as_log("as_init()\nRedirecting to: " . get_option("siteurl"));
if ($do_redirect) {
as_redirect(get_option("siteurl"));
} else {
return get_option("siteurl");
}
# return value for testing purposes
}
$url_path_len = strlen($url_info["path"]);
$url_path = substr(req_uri(), $url_path_len);
as_log("as_init()\nURL path: {$url_path}");
//
// redirect as necessary - secure or de-secure page - ensure correct HTTP host is being used
//
if ($match) {
as_log("as_init()\nMatched url");
//
// parse the url we need to redirect to
//
$url = parse_url($use_ssl ? $secure_url : get_option("siteurl"));
//
// build and redirect to the correct URL
//
if (!is_https() && $use_ssl || is_https() && !$use_ssl || host() !== $url["host"]) {
$location = scheme($use_ssl) . $url["host"] . rtrim($url["path"], "/") . $url_path;
as_log("as_init()\nRedirecting to: {$location}");
if ($do_redirect) {
as_redirect($location);
} else {
return $location;
}
# return value for testing purposes
} elseif ($use_ssl && is_https() && redirect_to()) {
$wp_admin = strpos(redirect_to(), "wp-admin");
if ($wp_admin !== 0) {
$_REQUEST["redirect_to"] = substr(redirect_to(), $wp_admin);
}
}
} elseif (is_https() || !$host_match) {
as_log("as_init()\nDid not match url and either it's secure or the hosts don't match");
$location = get_option("siteurl") . $url_path;
as_log("as_init()\nRedirecting to: {$location}");
if ($do_redirect) {
as_redirect($location);
} else {
return $location;
}
# return value for testing purposes
}
//
// start output buffering
//
if ($use_ssl && !defined("TEST")) {
ob_start("as_ob_handler");
}
}
}
}
//
// get (or set default) options from the database
//
$use_ssl = as_option("get", "use_ssl", "0") === "1" ? true : false;
$additional_urls = as_option("get", "additional_urls", "wp-comments-post.php\nwp-admin/plugins.php?page=akismet-key-config");
$ignore_urls = as_option("get", "ignore_urls", "xmlrpc.php");
$secure_users_only = as_option("get", "secure_users_only", "0") === "1" ? true : false;
if (!isset($config_parent)) {
$config_parent = as_option("get", "config_parent", "plugins.php");
}
if (apache_version(1.3, 1)) {
$default_https_key = "SERVER_PORT";
$default_https_value = "443";
} elseif (apache_version(2)) {
$default_https_key = "HTTPS";
$default_https_value = "on";
}
$https_key = as_option("get", "https_key", $default_https_key);
$https_value = as_option("get", "https_value", $default_https_value);
//
// build secure site url
//
$secure_url = preg_replace("|^https?://|", scheme($use_ssl), get_option("siteurl"));
$secure_url = rtrim(trim($secure_url), "/");
# remove any trailing slashes
//
// log plugin options
//
as_log("HTTPS: " . (is_https() ? "Yes" : "No") . "\n\t\tURL: http" . (is_https() ? "s" : "") . "://" . host() . req_uri() . "\n\n\t\tUse SSL: " . ($use_ssl ? "Yes" : "No") . "\n\t\tSite URL: " . get_option("siteurl") . "\n\t\tSecure URL: {$secure_url}\n\t\tAdditional urls:\n{$additional_urls}\n\t\tIgnore urls:\n{$ignore_urls}\n\t\tSecure users only: " . ($secure_users_only ? "Yes" : "No") . "\n\t\tConfig parent: {$config_parent}");
as_log("\n-- end initialisation, begin functions --\n");
<?php
include '../lib/functions.php';
?>
<select class="span6 m-wrap required" name="Sid" >
<option value="">Select Scheme</option>
<?php
$scheme = scheme($inquiry[0]['Cid']);
for ($i = 0; $i < count($scheme); $i++) {
?>
<option value="<?php
echo $scheme[$i]['Id'];
?>
" <?php
if ($scheme[$i]['Id'] == @$inquiry[0]['Sid']) {
?>
selected="selected" <?php
}
?>
><?php
echo $scheme[$i]['Title'];
?>
</option>
<?php
}
?>
</select>
