function as_siteurl_cookie($action)
{
global $cookie_value, $cookie_expire, $dir, $plugins_dir, $secure_url;
//
// continue only if action is 'set' and there is a cookie value,
// or if action is 'clear'
//
$continue = false;
if ($action === "set" && $cookie_value) {
$continue = true;
} elseif ($action === "clear") {
$cookie_value = " ";
$cookie_expire = 1;
$continue = true;
}
//
// redirect to cookie script - only ever called from wp-login.php
//
if ($continue) {
$path = "/" . content_dir() . "{$plugins_dir}/{$dir}/admin-ssl-cookie.php";
$file = str_replace("/wp-login.php", "", $_SERVER["SCRIPT_FILENAME"]) . $path;
as_log("as_siteurl_cookie()\nPath to admin-ssl-cookie.php: {$file}");
if (file_exists($file)) {
//
// build the URL to redirect to after setting the cookie
//
if (redirect_to() && redirect_to() !== "wp-admin/") {
if (strpos(redirect_to(), "http") === 0) {
$redirect = redirect_to();
} elseif (strpos(redirect_to(), "/") === 0) {
$redirect = scheme($use_ssl) . host() . redirect_to();
} else {
$redirect .= $secure_url . "/" . redirect_to();
}
} else {
$redirect = $secure_url . "/wp-login.php";
}
//
// build the URL to admin-ssl-cookie.php with the cookie data
//
$location = rtrim(get_option("siteurl"), "/");
$location .= "{$path}?name=" . AUTH_COOKIE . "&value={$cookie_value}";
$location .= "&expire={$cookie_expire}&path=" . COOKIEPATH . "&domain=" . COOKIE_DOMAIN;
$location .= "&redirect=" . urlencode($redirect);
as_log("as_siteurl_cookie()\nRedirecting to: {$location}");
as_redirect($location);
}
}
}
function as_ob_handler($buffer)
{
global $secure_url, $secure_users_only;
if (!function_exists("get_option")) {
return $buffer;
}
//
// log call to output buffer handler
//
as_log("as_ob_handler()\nBuffer: " . substr($buffer, 0, 10) . "...");
//
// check ignore urls
//
$ignore_urls = as_ignore_urls();
$continue = true;
foreach ($ignore_urls as $uri) {
if (strpos(req_uri(), $uri) !== false) {
$continue = false;
}
}
if ($continue) {
//
// build site urls and get secure uris
//
$siteurl = get_option("siteurl") . "/";
$home = get_option("home") . "/";
$secure = $secure_url . "/";
$secure_uris = as_secure_uris(true);
//
// on admin side, links are not absolute but relative - change this
//
if (is_admin()) {
$pattern = "/href=['\"]((?<!http)[\\w-]*\\.php.*)['\"]/U";
$replacement = "href=\"{$siteurl}" . "wp-admin/\$1\"";
$buffer = preg_replace($pattern, $replacement, $buffer);
}
//
// add default and additional uris
//
if (is_array($secure_uris["default"])) {
foreach ($secure_uris["default"] as $uri) {
$replace_this[] = $siteurl . $uri;
$with_this[] = $secure . $uri;
$replace_this[] = $home . $uri;
$with_this[] = $secure . $uri;
}
}
if (is_array($secure_uris["additional"]) && (is_user_logged_in() && $secure_users_only || !$secure_users_only)) {
foreach ($secure_uris["additional"] as $uri) {
$replace_this[] = $siteurl . $uri;
$with_this[] = $secure . $uri;
$replace_this[] = $home . $uri;
$with_this[] = $secure . $uri;
}
}
//
// additional securing
//
if (is_https() && !defined("TEST") && is_preview()) {
$replace_this[] = $siteurl;
$with_this[] = $secure;
$replace_this[] = $home;
$with_this[] = $secure;
}
//
// replace all the links and return $buffer
//
$replace_this[] = "</body>";
$with_this[] = "<!-- filtered by Admin SSL --></body>";
as_log("Buffer Pre: {$buffer}");
$buffer = str_replace($replace_this, $with_this, $buffer);
as_log("Buffer Post: {$buffer}");
}
return $buffer;
}
//
// get (or set default) options from the database
//
$use_ssl = as_option("get", "use_ssl", "0") === "1" ? true : false;
$additional_urls = as_option("get", "additional_urls", "wp-comments-post.php\nwp-admin/plugins.php?page=akismet-key-config");
$ignore_urls = as_option("get", "ignore_urls", "xmlrpc.php");
$secure_users_only = as_option("get", "secure_users_only", "0") === "1" ? true : false;
if (!isset($config_parent)) {
$config_parent = as_option("get", "config_parent", "plugins.php");
}
if (apache_version(1.3, 1)) {
$default_https_key = "SERVER_PORT";
$default_https_value = "443";
} elseif (apache_version(2)) {
$default_https_key = "HTTPS";
$default_https_value = "on";
}
$https_key = as_option("get", "https_key", $default_https_key);
$https_value = as_option("get", "https_value", $default_https_value);
//
// build secure site url
//
$secure_url = preg_replace("|^https?://|", scheme($use_ssl), get_option("siteurl"));
$secure_url = rtrim(trim($secure_url), "/");
# remove any trailing slashes
//
// log plugin options
//
as_log("HTTPS: " . (is_https() ? "Yes" : "No") . "\n\t\tURL: http" . (is_https() ? "s" : "") . "://" . host() . req_uri() . "\n\n\t\tUse SSL: " . ($use_ssl ? "Yes" : "No") . "\n\t\tSite URL: " . get_option("siteurl") . "\n\t\tSecure URL: {$secure_url}\n\t\tAdditional urls:\n{$additional_urls}\n\t\tIgnore urls:\n{$ignore_urls}\n\t\tSecure users only: " . ($secure_users_only ? "Yes" : "No") . "\n\t\tConfig parent: {$config_parent}");
as_log("\n-- end initialisation, begin functions --\n");
// get operating directory and log environment variables
//
$slash = strpos(__FILE__, "/") === false ? "\\" : "/";
$path = str_replace($slash . "admin-ssl.php", "", __FILE__);
$dir = substr($path, strrpos($path, $slash) + 1);
as_log("### ADMIN SSL BEGINS ###");
as_log("HTTP Host: " . host() . "\n\t\t\t\tRequest URI: " . req_uri() . "\n\t\t\t\tRedirect to: " . redirect_to() . "\n\t\t\t\tFound admin-ssl.php in\n\t\t\t\t - path: {$path}\n\t\t\t\t - directory: {$dir}");
//
// if operating directory is mu-plugins, get the name of admin-ssl directory
//
$plugins_dir = "plugins";
$config_page = "config-page.php";
//
// log variables just defined
//
as_log("Plugins directory: {$plugins_dir}\n\t\t\t\tConfig page: {$config_page}");
//
//
// GET (OR SET DEFAULT) OPTIONS
//
//
require_once "includes/options.php";
//
//
// ADD LINK TO SETTINGS PAGE ON PLUGIN LIST
//
//
function as_action_links($links, $file)
{
global $config_parent, $config_page_ref;
if ($file == plugin_basename(__FILE__)) {
function as_conf()
{
global $use_ssl, $secure_url;
global $additional_urls, $ignore_urls, $secure_users_only;
global $config_page, $config_parent;
global $https_key, $https_value;
if (isset($_POST["submit"])) {
//
// make sure current user can set permissions,
// and that the referer was a page from this site
//
if (!as_user_can("manage_options")) {
exit("You don't have permission to change these options!");
}
check_admin_referer();
//
// get the posted configuration options
//
$use_ssl = "on" === _post("use_ssl") ? 1 : 0;
$additional_urls = _post("additional_urls");
$ignore_urls = _post("ignore_urls");
$secure_users_only = "on" === _post("secure_users_only") ? 1 : 0;
$redirect = true;
# if different config parent page chosen, need to redirect later
if ($config_parent === _post("config_parent")) {
$redirect = false;
} else {
$config_parent = _post("config_parent");
}
$https_key = _post("https_key");
$https_value = _post("https_value");
//
// verify the selected options
//
//
// $config_parent may only be one of two options
//
if ($config_parent !== "plugins.php" && $config_parent !== "options-general.php") {
$message = "You submitted an invalid value ('{$config_parent}') for config parent.";
}
//
// https key and value cannot be empty
//
if (trim($https_key) === "") {
$https_key = "HTTPS";
}
if (trim($https_value) === "") {
$https_value = "on";
}
//
// if there has been an error, reset all the options
//
if (isset($message)) {
$use_ssl = as_option("get", "ssl_use_ssl");
$additional_urls = as_option("get", "additional_urls");
$ignore_urls = as_option("get", "ignore_urls");
$secure_users_only = as_option("get", "secure_users_only");
$config_parent = as_option("get", "config_parent");
$https_key = as_option("get", "https_key");
$https_value = as_option("get", "https_value");
as_log("as_conf()\nError saving options: {$message}\nResetting options to previous values");
} else {
as_log("as_conf()\nNew option values will be saved");
}
//
// update options in database
//
as_option("update", "use_ssl", $use_ssl);
as_option("update", "additional_urls", $additional_urls);
as_option("update", "ignore_urls", $ignore_urls);
as_option("update", "secure_users_only", $secure_users_only);
as_option("update", "config_parent", $config_parent);
as_option("update", "https_key", $https_key);
as_option("update", "https_value", $https_value);
if (!isset($message)) {
$message = "Options saved.";
}
//
// if config parent has been changed, redirect
//
if ($redirect) {
$location = $config_parent . "?page=admin-ssl-config";
as_log("as_conf():\nRedirecting to {$location}");
as_redirect($location);
}
}
//
// require configuration settings page
//
require_once $config_page;
}