/**
* Checks SSL connection and user permissions before render or process
* registration form.
*
* @since 4.1.0
*
* @access private
* @param Domainmap_Reseller $reseller Current reseller.
*/
private function _check_ssl_and_security($reseller)
{
// check if user has permissions
if (!check_admin_referer(Domainmap_Plugin::ACTION_SHOW_REGISTRATION_FORM, 'nonce') || !current_user_can('manage_network_options')) {
status_header(403);
exit;
}
// check if ssl connection is not used
if ($reseller->registration_over_ssl() && !is_ssl()) {
// ssl connection is not used, so if you logged in then redirect him
// to https page, otherwise redirect him to login page
$user_id = get_current_user_id();
if ($user_id) {
// propagate SSL auth cookie
wp_set_auth_cookie($user_id, true, true);
// redirect to https version of this registration page
wp_redirect(add_query_arg(array('action' => Domainmap_Plugin::ACTION_SHOW_REGISTRATION_FORM, 'nonce' => wp_create_nonce(Domainmap_Plugin::ACTION_SHOW_REGISTRATION_FORM), 'reseller' => filter_input(INPUT_GET, 'reseller')), admin_url('admin-ajax.php', 'https')));
exit;
} else {
// redirect to login form
$this->redirect_to_login_form();
}
}
}
