<?php // compute the path to the plugin's root folder $sslfix_plugin_root = dirname(dirname(__FILE__)) . '/'; require $sslfix_plugin_root . 'includes/nonces.php'; /** * test for cookie, must have expected name and value */ $cookie_name = ssl_insecure_content_fix_nonce_name($sslfix_plugin_root); $cookie_value = ssl_insecure_content_fix_nonce_value(); if (!isset($_COOKIE[$cookie_name])) { sslfix_send_error('missing nonce.'); } if ($_COOKIE[$cookie_name] !== $cookie_value) { sslfix_send_error('bad nonce value.'); } /** * run some AJAX functions outside of WordPress, so that we can see the raw environment */ if (isset($_GET['action'])) { switch ($_GET['action']) { case 'sslfix-get-recommended': sslfix_get_recommended(); break; case 'sslfix-environment': sslfix_environment(); break; default: sslfix_send_error('invalid action'); break; }
/** * set a cookie functioning like a nonce for the non-WP AJAX script */ public function setNonceCookie() { require SSLFIX_PLUGIN_ROOT . 'includes/nonces.php'; $cookie_name = ssl_insecure_content_fix_nonce_name(SSLFIX_PLUGIN_ROOT); $cookie_value = ssl_insecure_content_fix_nonce_value(); setcookie($cookie_name, $cookie_value, time() + 30, '/'); }