} // // get (or set default) options from the database // $use_ssl = as_option("get", "use_ssl", "0") === "1" ? true : false; $additional_urls = as_option("get", "additional_urls", "wp-comments-post.php\nwp-admin/plugins.php?page=akismet-key-config"); $ignore_urls = as_option("get", "ignore_urls", "xmlrpc.php"); $secure_users_only = as_option("get", "secure_users_only", "0") === "1" ? true : false; if (!isset($config_parent)) { $config_parent = as_option("get", "config_parent", "plugins.php"); } if (apache_version(1.3, 1)) { $default_https_key = "SERVER_PORT"; $default_https_value = "443"; } elseif (apache_version(2)) { $default_https_key = "HTTPS"; $default_https_value = "on"; } $https_key = as_option("get", "https_key", $default_https_key); $https_value = as_option("get", "https_value", $default_https_value); // // build secure site url // $secure_url = preg_replace("|^https?://|", scheme($use_ssl), get_option("siteurl")); $secure_url = rtrim(trim($secure_url), "/"); # remove any trailing slashes // // log plugin options // as_log("HTTPS: " . (is_https() ? "Yes" : "No") . "\n\t\tURL: http" . (is_https() ? "s" : "") . "://" . host() . req_uri() . "\n\n\t\tUse SSL: " . ($use_ssl ? "Yes" : "No") . "\n\t\tSite URL: " . get_option("siteurl") . "\n\t\tSecure URL: {$secure_url}\n\t\tAdditional urls:\n{$additional_urls}\n\t\tIgnore urls:\n{$ignore_urls}\n\t\tSecure users only: " . ($secure_users_only ? "Yes" : "No") . "\n\t\tConfig parent: {$config_parent}"); as_log("\n-- end initialisation, begin functions --\n");
function as_ob_handler($buffer) { global $secure_url, $secure_users_only; if (!function_exists("get_option")) { return $buffer; } // // log call to output buffer handler // as_log("as_ob_handler()\nBuffer: " . substr($buffer, 0, 10) . "..."); // // check ignore urls // $ignore_urls = as_ignore_urls(); $continue = true; foreach ($ignore_urls as $uri) { if (strpos(req_uri(), $uri) !== false) { $continue = false; } } if ($continue) { // // build site urls and get secure uris // $siteurl = get_option("siteurl") . "/"; $home = get_option("home") . "/"; $secure = $secure_url . "/"; $secure_uris = as_secure_uris(true); // // on admin side, links are not absolute but relative - change this // if (is_admin()) { $pattern = "/href=['\"]((?<!http)[\\w-]*\\.php.*)['\"]/U"; $replacement = "href=\"{$siteurl}" . "wp-admin/\$1\""; $buffer = preg_replace($pattern, $replacement, $buffer); } // // add default and additional uris // if (is_array($secure_uris["default"])) { foreach ($secure_uris["default"] as $uri) { $replace_this[] = $siteurl . $uri; $with_this[] = $secure . $uri; $replace_this[] = $home . $uri; $with_this[] = $secure . $uri; } } if (is_array($secure_uris["additional"]) && (is_user_logged_in() && $secure_users_only || !$secure_users_only)) { foreach ($secure_uris["additional"] as $uri) { $replace_this[] = $siteurl . $uri; $with_this[] = $secure . $uri; $replace_this[] = $home . $uri; $with_this[] = $secure . $uri; } } // // additional securing // if (is_https() && !defined("TEST") && is_preview()) { $replace_this[] = $siteurl; $with_this[] = $secure; $replace_this[] = $home; $with_this[] = $secure; } // // replace all the links and return $buffer // $replace_this[] = "</body>"; $with_this[] = "<!-- filtered by Admin SSL --></body>"; as_log("Buffer Pre: {$buffer}"); $buffer = str_replace($replace_this, $with_this, $buffer); as_log("Buffer Post: {$buffer}"); } return $buffer; }
} } } // // // OPERATING DIRECTORY DETECTION // // // // get operating directory and log environment variables // $slash = strpos(__FILE__, "/") === false ? "\\" : "/"; $path = str_replace($slash . "admin-ssl.php", "", __FILE__); $dir = substr($path, strrpos($path, $slash) + 1); as_log("### ADMIN SSL BEGINS ###"); as_log("HTTP Host: " . host() . "\n\t\t\t\tRequest URI: " . req_uri() . "\n\t\t\t\tRedirect to: " . redirect_to() . "\n\t\t\t\tFound admin-ssl.php in\n\t\t\t\t - path: {$path}\n\t\t\t\t - directory: {$dir}"); // // if operating directory is mu-plugins, get the name of admin-ssl directory // $plugins_dir = "plugins"; $config_page = "config-page.php"; // // log variables just defined // as_log("Plugins directory: {$plugins_dir}\n\t\t\t\tConfig page: {$config_page}"); // // // GET (OR SET DEFAULT) OPTIONS // // require_once "includes/options.php";