Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Version 2.0.3

  • Loading branch information...
commit 10685d91944629b7b8414e2d087672d91f79cafa 1 parent 73e5c1f
@mvied authored
View
0  README
No changes.
View
161 css/admin.css
@@ -0,0 +1,161 @@
+div#wphttps-main div#post-body {
+ overflow: hidden;
+}
+
+form#wordpress-https {
+ float: left;
+ margin-top: 15px;
+}
+form#wordpress-https h3 {
+ margin-bottom: .5em;
+}
+form#wordpress-https input[type="text"] {
+ margin: -5px 0 0 0;
+}
+form#wordpress-https input[type="checkbox"] {
+ margin: 0;
+}
+form#wordpress-https table tr td,
+form#wordpress-https table tr th {
+ line-height: 1em;
+ padding: 10px;
+}
+form#wordpress-https table tr td {
+ padding: 10px 0 0 0;
+}
+form#wordpress-https #settings-reset {
+ float: left;
+ margin-right: 10px;
+}
+
+div#wphttps-sidebar {
+ margin: 20px 0 0 -300px;
+ clear: right;
+ float: right;
+ width: 300px;
+}
+div#wphttps-sidebar div.wphttps-widget {
+ margin: 0 auto 20px auto;
+ width: 285px;
+}
+
+div.wphttps-widget h3 {
+ cursor: auto !important;
+}
+
+div.wphttps-widget-content {
+ background: #F1F1F1;
+ padding: 5px 20px;
+ border-bottom-left-radius: 8px;
+ border-bottom-right-radius: 8px;
+ -moz-border-radius-bottomleft: 8px;
+ -moz-border-radius-bottomright: 8px;
+ border: 1px solid #DDD;
+ border-top: 0;
+}
+div.wphttps-widget h3 {
+ font-size: 13px;
+ height: 19px;
+ margin: 0;
+ overflow: hidden;
+ padding: 5px 12px;
+ white-space: nowrap;
+ background: url(images/widget-title.png) repeat-x;
+ border: 1px solid #636363;
+ border-bottom: 0;
+ border-top-left-radius: 8px;
+ border-top-right-radius: 8px;
+ -moz-border-radius-topleft:8px;
+ -moz-border-radius-topright:8px;
+ color: #FFF;
+ text-shadow: 0 -1px 0 #3F3F3F;
+}
+
+div.wphttps-widget#wphttps-warnings h3 {
+ background: url(images/widget-title-red.png) repeat-x;
+ border-color: #7B4A4A;
+ text-shadow: 0 -1px 0 #4E2F2F;
+}
+div.wphttps-widget#wphttps-warnings div.wphttps-widget-content {
+ border-color: #E5D4D4;
+ background-color: #F4EDED;
+ color: #3F2626;
+ word-wrap: break-word;
+}
+
+div.wphttps-widget#wphttps-warnings .warning-help {
+ background: url(images/help.png) no-repeat 50% 50%;
+}
+
+div.wphttps-widget#wphttps-updates img#updates-loading {
+ display: block;
+ margin: 1em auto;
+}
+
+div.wphttps-widget#wphttps-donate a#wphttps-donate-link {
+ display: block;
+ margin: 0 auto 10px auto;
+ width: 74px;
+ height: 21px;
+}
+
+.wphttps-icon {
+ display: inline-block;
+ height: 16px;
+ width: 16px;
+ overflow: hidden;
+ text-indent: -1000em;
+ vertical-align: top;
+ padding: 0 3px;
+ cursor: pointer;
+}
+
+div.wphttps-message-wrap {
+ position: fixed;
+ bottom: 50%;
+ left: 50%;
+ margin-left: -25%;
+ width: 50%;
+ z-index: 10;
+ text-align: center;
+}
+
+div#message {
+ margin: 15px 0 0 0;
+}
+div#message p {
+ line-height: 100%;
+}
+
+.wphttps-warning {
+ display: none;
+}
+
+div#wphttps-main img.waiting {
+ display: none;
+}
+div#wphttps-main img#submit-waiting {
+ vertical-align: middle;
+ margin-left: 5px;
+}
+
+#wphttps-tooltip {
+ position: absolute;
+ z-index: 3000;
+ border: 1px solid #DDD;
+ background-color: #FFF;
+ padding: 5px;
+ font-size: 13px;
+ max-width: 350px;
+}
+.wphttps-tooltip-body {
+ display: none;
+}
+
+/* Post Edit Page */
+.branch-3-2 .misc-pub-section-last {
+ border-bottom-width: 1px;
+}
+.misc-pub-section-wphttps {
+ border-bottom-width: 0;
+}
View
BIN  css/images/help.png
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
View
BIN  css/images/widget-title-red.png
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
View
BIN  css/images/widget-title.png
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
View
BIN  css/images/wpspin_light.gif
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
View
72 js/admin.php
@@ -0,0 +1,72 @@
+<?php
+/** Loads the WordPress Environment */
+require('../../../../wp-blog-header.php');
+
+// Disable errors
+error_reporting(0);
+
+// Set headers
+header("Status: 200");
+header("HTTP/1.1 200 OK");
+header('Content-Type: application/javascript');
+header('Cache-Control: no-store, no-cache, must-revalidate');
+header('Cache-Control: post-check=0, pre-check=0', FALSE);
+header('Pragma: no-cache');
+header("Vary: Accept-Encoding");
+
+?>
+jQuery(document).ready(function($) {
+ $('#message-body').fadeOut();
+
+ $('#wordpress-https').submit(function() {
+ $('#submit-waiting').show();
+ });
+
+ var options = {
+ data: { ajax: '1'},
+ success: function(responseText, textStatus, XMLHttpRequest) {
+ $('#submit-waiting').hide();
+ $('#message-body').html(responseText);
+ $('#message-body').fadeIn().animate({opacity: 1.0}, 5000).fadeOut();
+ }
+ };
+
+ $('#wordpress-https').ajaxForm(options);
+
+ $('#settings-reset').click(function(e, el) {
+ if ( confirm('Are you sure you want to reset all WordPress HTTPS settings?') ) {
+ $(this).parents('form').submit();
+ } else {
+ e.preventDefault();
+ return false;
+ }
+ });
+
+ $('#wphttps-updates .wphttps-widget-content').load('<?php echo parse_url($wordpress_https->plugin_url, PHP_URL_PATH); ?>/js/updates.php');
+
+ $.ajax({
+ url: '<?php echo parse_url($wordpress_https->plugin_url, PHP_URL_PATH); ?>/js/sidebar.php',
+ success: function(response) {
+ $('#wphttps-sidebar').append(response);
+ }
+ });
+
+ function resize() {
+ $('#wphttps-main').width( $('#wphttps-main').parent().width() - ($('#wphttps-sidebar').width() + 15));
+ }
+
+ $(window).resize(function() {
+ resize();
+ });
+ resize();
+
+ $('#wphttps-warnings .warning-help').tooltip({
+ id: 'wphttps-tooltip',
+ delay: 0,
+ showURL: false,
+ positionLeft: true,
+ bodyHandler: function() {
+ return $($(this).attr("href")).html();
+ }
+ });
+});
View
10 js/jquery.form.js
@@ -0,0 +1,10 @@
+/*!
+ jQuery Form Plugin
+ version: 2.47 (04-SEP-2010)
+ @requires jQuery v1.3.2 or later
+
+ Examples and documentation at: http://malsup.com/jquery/form/
+ Dual licensed under the MIT and GPL licenses:
+ http://www.opensource.org/licenses/mit-license.php
+ http://www.gnu.org/licenses/gpl.html
+ */;(function($){$.fn.ajaxSubmit=function(options){if(!this.length){log('ajaxSubmit: skipping submit process - no element selected');return this;}if(typeof options=='function'){options={success:options};}var url=$.trim(this.attr('action'));if(url){url=(url.match(/^([^#]+)/)||[])[1];}url=url||window.location.href||'';options=$.extend(true,{url:url,type:this.attr('method')||'GET',iframeSrc:/^https/i.test(window.location.href||'')?'javascript:false':'about:blank'},options);var veto={};this.trigger('form-pre-serialize',[this,options,veto]);if(veto.veto){log('ajaxSubmit: submit vetoed via form-pre-serialize trigger');return this;}if(options.beforeSerialize&&options.beforeSerialize(this,options)===false){log('ajaxSubmit: submit aborted via beforeSerialize callback');return this;}var n,v,a=this.formToArray(options.semantic);if(options.data){options.extraData=options.data;for(n in options.data){if(options.data[n]instanceof Array){for(var k in options.data[n]){a.push({name:n,value:options.data[n][k]});}}else{v=options.data[n];v=$.isFunction(v)?v():v;a.push({name:n,value:v});}}}if(options.beforeSubmit&&options.beforeSubmit(a,this,options)===false){log('ajaxSubmit: submit aborted via beforeSubmit callback');return this;}this.trigger('form-submit-validate',[a,this,options,veto]);if(veto.veto){log('ajaxSubmit: submit vetoed via form-submit-validate trigger');return this;}var q=$.param(a);if(options.type.toUpperCase()=='GET'){options.url+=(options.url.indexOf('?')>=0?'&':'?')+q;options.data=null;}else{options.data=q;}var $form=this,callbacks=[];if(options.resetForm){callbacks.push(function(){$form.resetForm();});}if(options.clearForm){callbacks.push(function(){$form.clearForm();});}if(!options.dataType&&options.target){var oldSuccess=options.success||function(){};callbacks.push(function(data){var fn=options.replaceTarget?'replaceWith':'html';$(options.target)[fn](data).each(oldSuccess,arguments);});}else if(options.success){callbacks.push(options.success);}options.success=function(data,status,xhr){var context=options.context||options;for(var i=0,max=callbacks.length;i<max;i++){callbacks[i].apply(context,[data,status,xhr||$form,$form]);}};var fileInputs=$('input:file',this).length>0;var mp='multipart/form-data';var multipart=($form.attr('enctype')==mp||$form.attr('encoding')==mp);if(options.iframe!==false&&(fileInputs||options.iframe||multipart)){if(options.closeKeepAlive){$.get(options.closeKeepAlive,fileUpload);}else{fileUpload();}}else{$.ajax(options);}this.trigger('form-submit-notify',[this,options]);return this;function fileUpload(){var form=$form[0];if($(':input[name=submit],:input[id=submit]',form).length){alert('Error: Form elements must not have name or id of "submit".');return;}var s=$.extend(true,{},$.ajaxSettings,options);s.context=s.context||s;var id='jqFormIO'+(new Date().getTime()),fn='_'+id;window[fn]=function(){var f=$io.data('form-plugin-onload');if(f){f();window[fn]=undefined;try{delete window[fn];}catch(e){}}}var $io=$('<iframe id="'+id+'" name="'+id+'" src="'+s.iframeSrc+'" onload="window[\'_\'+this.id]()" />');var io=$io[0];$io.css({position:'absolute',top:'-1000px',left:'-1000px'});var xhr={aborted:0,responseText:null,responseXML:null,status:0,statusText:'n/a',getAllResponseHeaders:function(){},getResponseHeader:function(){},setRequestHeader:function(){},abort:function(){this.aborted=1;$io.attr('src',s.iframeSrc);}};var g=s.global;if(g&&!$.active++){$.event.trigger("ajaxStart");}if(g){$.event.trigger("ajaxSend",[xhr,s]);}if(s.beforeSend&&s.beforeSend.call(s.context,xhr,s)===false){if(s.global){$.active--;}return;}if(xhr.aborted){return;}var cbInvoked=false;var timedOut=0;var sub=form.clk;if(sub){var n=sub.name;if(n&&!sub.disabled){s.extraData=s.extraData||{};s.extraData[n]=sub.value;if(sub.type=="image"){s.extraData[n+'.x']=form.clk_x;s.extraData[n+'.y']=form.clk_y;}}}function doSubmit(){var t=$form.attr('target'),a=$form.attr('action');form.setAttribute('target',id);if(form.getAttribute('method')!='POST'){form.setAttribute('method','POST');}if(form.getAttribute('action')!=s.url){form.setAttribute('action',s.url);}if(!s.skipEncodingOverride){$form.attr({encoding:'multipart/form-data',enctype:'multipart/form-data'});}if(s.timeout){setTimeout(function(){timedOut=true;cb();},s.timeout);}var extraInputs=[];try{if(s.extraData){for(var n in s.extraData){extraInputs.push($('<input type="hidden" name="'+n+'" value="'+s.extraData[n]+'" />').appendTo(form)[0]);}}$io.appendTo('body');$io.data('form-plugin-onload',cb);form.submit();}finally{form.setAttribute('action',a);if(t){form.setAttribute('target',t);}else{$form.removeAttr('target');}$(extraInputs).remove();}}if(s.forceSync){doSubmit();}else{setTimeout(doSubmit,10);}var data,doc,domCheckCount=50;function cb(){if(cbInvoked){return;}$io.removeData('form-plugin-onload');var ok=true;try{if(timedOut){throw'timeout';}doc=io.contentWindow?io.contentWindow.document:io.contentDocument?io.contentDocument:io.document;var isXml=s.dataType=='xml'||doc.XMLDocument||$.isXMLDoc(doc);log('isXml='+isXml);if(!isXml&&window.opera&&(doc.body==null||doc.body.innerHTML=='')){if(--domCheckCount){log('requeing onLoad callback, DOM not available');setTimeout(cb,250);return;}}cbInvoked=true;xhr.responseText=doc.documentElement?doc.documentElement.innerHTML:null;xhr.responseXML=doc.XMLDocument?doc.XMLDocument:doc;xhr.getResponseHeader=function(header){var headers={'content-type':s.dataType};return headers[header];};var scr=/(json|script)/.test(s.dataType);if(scr||s.textarea){var ta=doc.getElementsByTagName('textarea')[0];if(ta){xhr.responseText=ta.value;}else if(scr){var pre=doc.getElementsByTagName('pre')[0];if(pre){xhr.responseText=pre.innerHTML;}}}else if(s.dataType=='xml'&&!xhr.responseXML&&xhr.responseText!=null){xhr.responseXML=toXml(xhr.responseText);}data=$.httpData(xhr,s.dataType);}catch(e){log('error caught:',e);ok=false;xhr.error=e;$.handleError(s,xhr,'error',e);}if(ok){s.success.call(s.context,data,'success',xhr);if(g){$.event.trigger("ajaxSuccess",[xhr,s]);}}if(g){$.event.trigger("ajaxComplete",[xhr,s]);}if(g&&!--$.active){$.event.trigger("ajaxStop");}if(s.complete){s.complete.call(s.context,xhr,ok?'success':'error');}setTimeout(function(){$io.removeData('form-plugin-onload');$io.remove();xhr.responseXML=null;},100);}function toXml(s,doc){if(window.ActiveXObject){doc=new ActiveXObject('Microsoft.XMLDOM');doc.async='false';doc.loadXML(s);}else{doc=(new DOMParser()).parseFromString(s,'text/xml');}return(doc&&doc.documentElement&&doc.documentElement.tagName!='parsererror')?doc:null;}}};$.fn.ajaxForm=function(options){if(this.length===0){var o={s:this.selector,c:this.context};if(!$.isReady&&o.s){log('DOM not ready, queuing ajaxForm');$(function(){$(o.s,o.c).ajaxForm(options);});return this;}log('terminating; zero elements found by selector'+($.isReady?'':' (DOM not ready)'));return this;}return this.ajaxFormUnbind().bind('submit.form-plugin',function(e){if(!e.isDefaultPrevented()){e.preventDefault();$(this).ajaxSubmit(options);}}).bind('click.form-plugin',function(e){var target=e.target;var $el=$(target);if(!($el.is(":submit,input:image"))){var t=$el.closest(':submit');if(t.length==0){return;}target=t[0];}var form=this;form.clk=target;if(target.type=='image'){if(e.offsetX!=undefined){form.clk_x=e.offsetX;form.clk_y=e.offsetY;}else if(typeof $.fn.offset=='function'){var offset=$el.offset();form.clk_x=e.pageX-offset.left;form.clk_y=e.pageY-offset.top;}else{form.clk_x=e.pageX-target.offsetLeft;form.clk_y=e.pageY-target.offsetTop;}}setTimeout(function(){form.clk=form.clk_x=form.clk_y=null;},100);});};$.fn.ajaxFormUnbind=function(){return this.unbind('submit.form-plugin click.form-plugin');};$.fn.formToArray=function(semantic){var a=[];if(this.length===0){return a;}var form=this[0];var els=semantic?form.getElementsByTagName('*'):form.elements;if(!els){return a;}var i,j,n,v,el;for(i=0,max=els.length;i<max;i++){el=els[i];n=el.name;if(!n){continue;}if(semantic&&form.clk&&el.type=="image"){if(!el.disabled&&form.clk==el){a.push({name:n,value:$(el).val()});a.push({name:n+'.x',value:form.clk_x},{name:n+'.y',value:form.clk_y});}continue;}v=$.fieldValue(el,true);if(v&&v.constructor==Array){for(j=0,jmax=v.length;j<jmax;j++){a.push({name:n,value:v[j]});}}else if(v!==null&&typeof v!='undefined'){a.push({name:n,value:v});}}if(!semantic&&form.clk){var $input=$(form.clk),input=$input[0];n=input.name;if(n&&!input.disabled&&input.type=='image'){a.push({name:n,value:$input.val()});a.push({name:n+'.x',value:form.clk_x},{name:n+'.y',value:form.clk_y});}}return a;};$.fn.formSerialize=function(semantic){return $.param(this.formToArray(semantic));};$.fn.fieldSerialize=function(successful){var a=[];this.each(function(){var n=this.name;if(!n){return;}var v=$.fieldValue(this,successful);if(v&&v.constructor==Array){for(var i=0,max=v.length;i<max;i++){a.push({name:n,value:v[i]});}}else if(v!==null&&typeof v!='undefined'){a.push({name:this.name,value:v});}});return $.param(a);};$.fn.fieldValue=function(successful){for(var val=[],i=0,max=this.length;i<max;i++){var el=this[i];var v=$.fieldValue(el,successful);if(v===null||typeof v=='undefined'||(v.constructor==Array&&!v.length)){continue;}v.constructor==Array?$.merge(val,v):val.push(v);}return val;};$.fieldValue=function(el,successful){var n=el.name,t=el.type,tag=el.tagName.toLowerCase();if(successful===undefined){successful=true;}if(successful&&(!n||el.disabled||t=='reset'||t=='button'||(t=='checkbox'||t=='radio')&&!el.checked||(t=='submit'||t=='image')&&el.form&&el.form.clk!=el||tag=='select'&&el.selectedIndex==-1)){return null;}if(tag=='select'){var index=el.selectedIndex;if(index<0){return null;}var a=[],ops=el.options;var one=(t=='select-one');var max=(one?index+1:ops.length);for(var i=(one?index:0);i<max;i++){var op=ops[i];if(op.selected){var v=op.value;if(!v){v=(op.attributes&&op.attributes['value']&&!(op.attributes['value'].specified))?op.text:op.value;}if(one){return v;}a.push(v);}}return a;}return $(el).val();};$.fn.clearForm=function(){return this.each(function(){$('input,select,textarea',this).clearFields();});};$.fn.clearFields=$.fn.clearInputs=function(){return this.each(function(){var t=this.type,tag=this.tagName.toLowerCase();if(t=='text'||t=='password'||tag=='textarea'){this.value='';}else if(t=='checkbox'||t=='radio'){this.checked=false;}else if(tag=='select'){this.selectedIndex=-1;}});};$.fn.resetForm=function(){return this.each(function(){if(typeof this.reset=='function'||(typeof this.reset=='object'&&!this.reset.nodeType)){this.reset();}});};$.fn.enable=function(b){if(b===undefined){b=true;}return this.each(function(){this.disabled=!b;});};$.fn.selected=function(select){if(select===undefined){select=true;}return this.each(function(){var t=this.type;if(t=='checkbox'||t=='radio'){this.checked=select;}else if(this.tagName.toLowerCase()=='option'){var $sel=$(this).parent('select');if(select&&$sel[0]&&$sel[0].type=='select-one'){$sel.find('option').selected(false);}this.selected=select;}});};function log(){if($.fn.ajaxSubmit.debug){var msg='[jquery.form] '+Array.prototype.join.call(arguments,'');if(window.console&&window.console.log){window.console.log(msg);}else if(window.opera&&window.opera.postError){window.opera.postError(msg);}}};})(jQuery);
View
19 js/jquery.tooltip.js
@@ -0,0 +1,19 @@
+/*
+ * jQuery Tooltip plugin 1.3
+ *
+ * http://bassistance.de/jquery-plugins/jquery-plugin-tooltip/
+ * http://docs.jquery.com/Plugins/Tooltip
+ *
+ * Copyright (c) 2006 - 2008 Jörn Zaefferer
+ *
+ * $Id: jquery.tooltip.js 5741 2008-06-21 15:22:16Z joern.zaefferer $
+ *
+ * Dual licensed under the MIT and GPL licenses:
+ * http://www.opensource.org/licenses/mit-license.php
+ * http://www.gnu.org/licenses/gpl.html
+ */;(function($){var helper={},current,title,tID,IE=$.browser.msie&&/MSIE\s(5\.5|6\.)/.test(navigator.userAgent),track=false;$.tooltip={blocked:false,defaults:{delay:200,fade:false,showURL:true,extraClass:"",top:15,left:15,id:"tooltip"},block:function(){$.tooltip.blocked=!$.tooltip.blocked;}};$.fn.extend({tooltip:function(settings){settings=$.extend({},$.tooltip.defaults,settings);createHelper(settings);return this.each(function(){$.data(this,"tooltip",settings);this.tOpacity=helper.parent.css("opacity");this.tooltipText=this.title;$(this).removeAttr("title");this.alt="";}).mouseover(save).mouseout(hide).click(hide);},fixPNG:IE?function(){return this.each(function(){var image=$(this).css('backgroundImage');if(image.match(/^url\(["']?(.*\.png)["']?\)$/i)){image=RegExp.$1;$(this).css({'backgroundImage':'none','filter':"progid:DXImageTransform.Microsoft.AlphaImageLoader(enabled=true, sizingMethod=crop, src='"+image+"')"}).each(function(){var position=$(this).css('position');if(position!='absolute'&&position!='relative')$(this).css('position','relative');});}});}:function(){return this;},unfixPNG:IE?function(){return this.each(function(){$(this).css({'filter':'',backgroundImage:''});});}:function(){return this;},hideWhenEmpty:function(){return this.each(function(){$(this)[$(this).html()?"show":"hide"]();});},url:function(){return this.attr('href')||this.attr('src');}});function createHelper(settings){if(helper.parent)return;helper.parent=$('<div id="'+settings.id+'"><h3></h3><div class="body"></div><div class="url"></div></div>').appendTo(document.body).hide();if($.fn.bgiframe)helper.parent.bgiframe();helper.title=$('h3',helper.parent);helper.body=$('div.body',helper.parent);helper.url=$('div.url',helper.parent);}function settings(element){return $.data(element,"tooltip");}function handle(event){if(settings(this).delay)tID=setTimeout(show,settings(this).delay);else
+show();track=!!settings(this).track;$(document.body).bind('mousemove',update);update(event);}function save(){if($.tooltip.blocked||this==current||(!this.tooltipText&&!settings(this).bodyHandler))return;current=this;title=this.tooltipText;if(settings(this).bodyHandler){helper.title.hide();var bodyContent=settings(this).bodyHandler.call(this);if(bodyContent.nodeType||bodyContent.jquery){helper.body.empty().append(bodyContent)}else{helper.body.html(bodyContent);}helper.body.show();}else if(settings(this).showBody){var parts=title.split(settings(this).showBody);helper.title.html(parts.shift()).show();helper.body.empty();for(var i=0,part;(part=parts[i]);i++){if(i>0)helper.body.append("<br/>");helper.body.append(part);}helper.body.hideWhenEmpty();}else{helper.title.html(title).show();helper.body.hide();}if(settings(this).showURL&&$(this).url())helper.url.html($(this).url().replace('http://','')).show();else
+helper.url.hide();helper.parent.addClass(settings(this).extraClass);if(settings(this).fixPNG)helper.parent.fixPNG();handle.apply(this,arguments);}function show(){tID=null;if((!IE||!$.fn.bgiframe)&&settings(current).fade){if(helper.parent.is(":animated"))helper.parent.stop().show().fadeTo(settings(current).fade,current.tOpacity);else
+helper.parent.is(':visible')?helper.parent.fadeTo(settings(current).fade,current.tOpacity):helper.parent.fadeIn(settings(current).fade);}else{helper.parent.show();}update();}function update(event){if($.tooltip.blocked)return;if(event&&event.target.tagName=="OPTION"){return;}if(!track&&helper.parent.is(":visible")){$(document.body).unbind('mousemove',update)}if(current==null){$(document.body).unbind('mousemove',update);return;}helper.parent.removeClass("viewport-right").removeClass("viewport-bottom");var left=helper.parent[0].offsetLeft;var top=helper.parent[0].offsetTop;if(event){left=event.pageX+settings(current).left;top=event.pageY+settings(current).top;var right='auto';if(settings(current).positionLeft){right=$(window).width()-left;left='auto';}helper.parent.css({left:left,right:right,top:top});}var v=viewport(),h=helper.parent[0];if(v.x+v.cx<h.offsetLeft+h.offsetWidth){left-=h.offsetWidth+20+settings(current).left;helper.parent.css({left:left+'px'}).addClass("viewport-right");}if(v.y+v.cy<h.offsetTop+h.offsetHeight){top-=h.offsetHeight+20+settings(current).top;helper.parent.css({top:top+'px'}).addClass("viewport-bottom");}}function viewport(){return{x:$(window).scrollLeft(),y:$(window).scrollTop(),cx:$(window).width(),cy:$(window).height()};}function hide(event){if($.tooltip.blocked)return;if(tID)clearTimeout(tID);current=null;var tsettings=settings(this);function complete(){helper.parent.removeClass(tsettings.extraClass).hide().css("opacity","");}if((!IE||!$.fn.bgiframe)&&tsettings.fade){if(helper.parent.is(':animated'))helper.parent.stop().fadeTo(tsettings.fade,0,complete);else
+helper.parent.stop().fadeOut(tsettings.fade,complete);}else
+complete();if(settings(this).fixPNG)helper.parent.unfixPNG();}})(jQuery);
View
24 js/sidebar.php
@@ -0,0 +1,24 @@
+<?php
+
+require_once('../wordpress-https.php');
+
+// Disable errors
+error_reporting(0);
+
+// Set headers
+header("Status: 200");
+header("HTTP/1.1 200 OK");
+header('Content-Type: text/html');
+header('Cache-Control: no-store, no-cache, must-revalidate');
+header('Cache-Control: post-check=0, pre-check=0', FALSE);
+header('Pragma: no-cache');
+header("Vary: Accept-Encoding");
+
+$url = 'http://mvied.com/wphttps-sidebar.html';
+
+$content = WordPressHTTPS::get_file_contents($url);
+
+if ($content) {
+ echo $content;
+}
+?>
View
26 js/updates.php
@@ -0,0 +1,26 @@
+<?php
+
+require_once('../wordpress-https.php');
+
+// Disable errors
+error_reporting(0);
+
+// Set headers
+header("Status: 200");
+header("HTTP/1.1 200 OK");
+header('Content-Type: text/html');
+header('Cache-Control: no-store, no-cache, must-revalidate');
+header('Cache-Control: post-check=0, pre-check=0', FALSE);
+header('Pragma: no-cache');
+header("Vary: Accept-Encoding");
+
+$url = 'http://mvied.com/wphttps-updates.html';
+
+$content = WordPressHTTPS::get_file_contents($url);
+
+if ($content) {
+ echo $content;
+} else {
+ echo "<p class=\"error\">Unable to retrieve updates.</p>";
+}
+?>
View
199 readme.txt
@@ -0,0 +1,199 @@
+=== WordPress HTTPS (SSL) ===
+Contributors: Mvied
+Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=N9NFVADLVUR7A
+Tags: security, encryption, ssl, shared ssl, private ssl, public ssl, private ssl, http, https
+Requires at least: 2.7.0
+Tested up to: 3.3
+
+WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
+
+== Description ==
+<ul>
+ <li>Supports Shared and Private SSL.</li>
+ <li>Helps reduce or completely fix partially encrypted / mixed content errors.</li>
+ <li>Force SSL on a per-page basis.</li>
+ <li>Force SSL in admin panel.</li>
+</ul>
+
+If you're having partially encrypted/mixed content errors or other problems, please read the <a href="http://wordpress.org/extend/plugins/wordpress-https/faq/">FAQ</a>. If you're still having trouble, please <a href="http://wordpress.org/tags/wordpress-https#postform">start a support topic</a> and I will do my best to assist you.
+
+== Installation ==
+1. Upload the `wordpress-https` folder to the `/wp-content/plugins/` directory.
+1. Activate the plugin through the 'Plugins' menu in WordPress.
+
+== Frequently Asked Questions ==
+= How do I make my whole website secure? =
+To make your entire website secure, you simply need to change your home url and site url to use HTTPS instead of HTTP. Please read <a href="http://codex.wordpress.org/Changing_The_Site_URL" target="_blank">how to change the site url</a>.
+
+= How do I make only certain pages secure? =
+In the Publish box on the add/edit post screen, a checkbox for 'Force SSL' has been added to make this process easy. See Screenshots if you're having a hard time finding it.
+
+= I changed my SSL Host and now I can't get into my admin panel! =
+Go to your wp-config.php file and add this line. Hit any page on your site, and then remove it.
+`define('WPHTTPS_RESET', true);`
+
+= I'm getting 404 errors on all of my pages. Why? =
+If you're using a public/shared SSL, try disabling your custom permalink structure. Some public/shared SSL's have issues with WordPress' permalinks because of the way they are configured.
+
+= How do I fix partially encrypted/mixed content errors? =
+To identify what is causing your page(s) to be insecure, please follow the instructions below.
+<ol>
+ <li>Download <a href="http://www.google.com/chrome" target="_blank">Google Chrome</a>.</li>
+ <li>Open the page you're having trouble with in Google Chrome.</li>
+ <li>Open the Developer Tools. <a href="http://code.google.com/chrome/devtools/docs/overview.html#access" target="_blank">How to access the Developer Tools.</a></li>
+ <li>Click on the Console tab.</li>
+</ol>
+For each item that is making your page partially encrypted, you should see an entry in the console similar to "The page at https://www.example.com/ displayed insecure content from http://www.example.com/." Note that the URL that is loading insecure content is HTTP and not HTTPS.
+
+Most insecure content warnings can generally be resolved by changing absolute references to elements, or removing the insecure elements from the page completely. Although WordPress HTTPS does its best to fix all insecure content, there are a few cases that are impossible to fix.
+<ul>
+ <li>Elements loaded via JavaScript that are hard-coded to HTTP. Usually this can be fixed by altering the JavaScript calling these elements.</li>
+ <li>External elements that can not be delivered over HTTPS. These elements will have to be removed from the page, or hosted locally so that they can be loaded over HTTPS.</li>
+ <li>YouTube videos - YouTube does not allow videos to be streamed over HTTPS. YouTube videos will have to be removed from secure pages.</li>
+ <li>Google Maps - Loading Google maps over HTTPS requires a Google Maps API Premiere account. (<a href="http://code.google.com/apis/maps/faq.html#ssl" target="_blank">source</a>)</li>
+</ul>
+
+= Is there a hook or filter to force pages to be secure? =
+
+Yes! Here is an example of how to use the 'force_ssl' hook to force a page to be secure.
+`function custom_force_ssl( $force_ssl, $post_id ) {
+ if ( $post_id == 5 ) {
+ return true
+ }
+ return $force_ssl;
+}
+
+add_filter('force_ssl' , 'custom_force_ssl', 10, 2);`
+
+== Screenshots ==
+1. WordPress HTTPS Settings screen
+2. Force SSL checkbox added to add/edit posts screen
+
+== Changelog ==
+= 2.0.3 =
+* Force SSL Admin will always be enabled when FORCE_SSL_ADMIN is true in wp-config.php.
+* Bug Fix - Users using Shared SSL should no longer have issues with the SSL Host path duplicating in URL's.
+* Bug Fix - The plugin should now function properly when using a subdomain as the SSL Host.
+* Bug Fix - Page and post links will only be forced to HTTPS when using a different SSL Host that is not a subdomain of your Home URL.
+* Bug Fix - WordPress HTTPS should no longer generate erroneous notices and warnings in apache error logs. (If I missed any, let me know)
+= 2.0.2 =
+* Bug Fix - SSL Host option was not being saved correctly upon subsequent saves. This was causing redirect loops for most users.
+= 2.0.1 =
+* Ensured that deprected options are removed from a WordPress installation when activating the plugin.
+* Added a button to the WordPress HTTPS settings page to reset all plugin settings and cache.
+* Bug Fix - URL's entered for SSL Host were not validing correctly.
+* Bug Fix - External URL's were not always being identified as valid external elements.
+* Bug Fix - Slight enhancement to SSL detection.
+= 2.0 =
+* Full support for using a custom SSL port has been added. A special thanks to <a href="http://chrisdoingweb.com/">Chris "doingweb" Antes</a> for his feedback and testing of this feature.
+* Forcing pages to/from HTTPS is now pluggable using the 'force_ssl' filter.
+* When using Force Shared SSL Admin, links to the admin panel will always be rewritten with the Shared SSL Host.
+* When using Shared SSL, all links to post and pages from within the admin panel will use the Shared SSL Host to retain administration functionality on those pages.
+* Redirects to the admin panel now hook into wp_redirect rather than using the auth_redirect pluggable function.
+* Canonical redirects will now still occur on sites usinga different SSL Host, but not on secure pages.
+* Cookies are now set with hooks rather than pluggable functions.
+* Plugin will now delete all options and custom metadata when uninstalled.
+* Added a HTTP_X_FORWARDED_PROTO check to the is_ssl function.
+* Internal HTTPS Elements option has been removed. Disabling this option was never a good idea, so it was removed and the plugin will always act as it did when this option was enabled.
+* External HTTPS Elements option has been removed. The handling of external elements has improved in such a way that this option is no longer required.
+* Disable Automatic HTTPS option has been removed. This option should have generally been enabled anyway.
+* Bug Fix - After logging in, the logged_in cookie was not being set properly. This caused the admin bar to not show up in both HTTP and HTTPS.
+* Bug Fix - When using Shared SSL, the login page would not honor the redirect_to variable after a successful login.
+= 1.9.2 =
+* Added External URL caching to the plugin so that external elements will only be checked for once, increasing the speed of sites not using the Bypass External Check option.
+* Any forms whose action points to page that has the Forced SSL option on will be updated to HTTPS even on HTTP pages.
+* Bug Fix - When using Shared SSL, permalink structure was being buggy.
+* Bug Fix - Certain server configurations were causing the plugin to create redirect loops when using the Force SSL Exclusively option.
+= 1.9.1 =
+* Bug Fix - Cookies were not being set to the correct paths when logging in, causing logins to fail.
+* Bug Fix - Links to the front page when using latest posts were not correctly being set to HTTP/HTTPS.
+* Bug Fix - When using Shared SSL, the HTTPS version of the site_url was not being correctly replaced with the Shared SSL URL for internal elements.
+* Bug Fix - When using Shared SSL, the admin login page was not always redirecting properly due to output buffering.
+* Bug Fix - When using Shared SSL, the auth_redirect function was not redirecting to the Shared SSL URL.
+* Bug Fix - If the home_url contained 'www' but the URL appeared without 'www', the URL would not be fixed.
+* Standards - Updated redirect method to use https or http as a an argument rather than true or false to better comply with WordPress coding standards.
+= 1.9 =
+* Created Updates widget on settings screen to allow for dynamic updates from the plugin developers.
+* Added support for PHP4.
+* Converted all spaces to tabs in source.
+* Force Shared SSL Admin option added to allow those using Shared SSL the ability to use their certificate for their admin dashboard.
+* Bug fix - Force SSL checkbox will now appear on WordPress versions below 2.9.
+* Bug fix - Password protected pages forced to SSL will now work properly.
+* Bug fix - Plugin should no longer break feeds.
+* Numerous other bug fixes that have since been forgotten due to the length of time this version has been in development.
+= 1.8.5 =
+* In version 1.8.5, when a page is forced to HTTPS, any links to that page will always be HTTPS, even when using the 'Disable Automatic HTTPS' option. Likewise, when the 'Force SSL Exclusively' option is enabled, all links to pages not forced to HTTPS will be changed to HTTP on HTTPS pages.
+* Updated RegEx's for more complicated URL's.
+* Bug fix - When in the admin panel, only link URL's are changed back to HTTP again.
+* Added support for using Shared SSL together with the FORCE_SSL_ADMIN and FORCE_SSL_LOGIN options.
+= 1.8.1 =
+* Re-enabled the canonical redirect for WordPres sites not using Shared SSL.
+= 1.8 =
+* Fixed cross-browser CSS issue on plugin settings page.
+* Corrected and updated plugin settings validation.
+* Lengthened the fade out timer on messages from the plugin settings page from 2 to 5 seconds so that the more lengthy error messages could be read before the message faded.
+* If viewing an admin page via SSL, and your Home URL is not set to HTTPS, links to the front-end of the website will be forced to HTTP. By default, WordPress changes these links to HTTPS.
+* When using Shared SSL, any anchor that links to the regular HTTPS version of the domain will be changed to use the Shared SSL Host.
+* Added embed and param tags to the list of tags that are fixed by WordPress HTTPS. This is to fix flash movies.
+= 1.7.5 =
+* Bug fix - When using 'Latest Posts' as the front page, the front page would redirect to HTTP when viewed over HTTPS even if the 'Force SSL Exclusively' option was disabled.
+* Prevented the 'Disable Automatic HTTPS' option from parsing URL's in the admin panel.
+* General code cleanup and such.
+= 1.7 =
+* Bug fix - External URL's were not being forced to HTTPS after the last update.
+* Added the functionality to correct relative URL's when using Shared SSL.
+* General code cleanup and such.
+= 1.6.5 =
+* Added support for Shared SSL.
+= 1.6.3 =
+* Changed the redirection check to use `template_redirect` hook rather than `get_header`.
+= 1.6.2 =
+* Tag links were not being set back to HTTP when the 'Disable Automatic HTTPS' option was enabled.
+= 1.6.1 =
+* Bug fix - front page redirection was causing issues when a static page was selected for the posts page.
+= 1.6 =
+* Added the ability to force the front page to HTTPS.
+* Multiple enhancements to core functionality of plugin. Mostly just changing code to integrate more smoothely with WordPress.
+* Enhancements have been made to the plugin's settings page.
+= 1.5.2 =
+* Fixed a bug that would prevent stylesheets from being fixed if the rel attribute came after the href attribute. Bug could have also caused errors with other tags.
+= 1.5.1 =
+* Added input elements with the type of 'image' to be filtered for insecure content.
+= 1.5 =
+* Added the ability to force SSL on certain pages.
+* Also added the option to exclusively force SSL on certain pages. Pages not forced to HTTPS are forced to HTTP.
+* Plugin now filters the `bloginfo` and `bloginfo_url` functions for HTTPS URL's when the 'Disable Automatic HTTPS' option is enabled in WordPress 3.0+.
+= 1.0.1 =
+* Bug fix.
+= 1.0 =
+* Major modifications to plugin structure, efficiency, and documentation.
+* Added the option to disable WordPress 3.0+ from changing all of your page, category and post links to HTTPS.
+= 0.5.1 =
+* Bug fix.
+= 0.5 =
+* Due to increasing concerns about plugin performance, the option to bypass the HTTPS check on external elements has been added.
+= 0.4 =
+* Plugin functions converted to OOP class.
+* The plugin will now attempt to set the allow_url_fopen option to true with `ini_set` function if possible.
+= 0.3 =
+* Added the option to change external elements to HTTPS if the external server allows the elements to be accessed via HTTPS.
+= 0.2 =
+* Changed the way in which HTTPS was detected to be more reliable.
+= 0.1 =
+* Initial Release.
+
+== Upgrade Notice ==
+= 1.7 =
+1.6.5 created a bug in which external elements were no longer forced to HTTPS. Please update to fix this.
+= 1.6.1 =
+Version 1.6.1 fixes a bug with using a static page for the posts page.
+= 1.0.1 =
+Version 1.0.1 fixes a bug in 1.0 that made it to release. Apologies!
+= 1.0 =
+Version 1.0 gives you the ability to disable WordPress 3.0+ from changing all of your page, category and post links to HTTPS.
+= 0.5.1 =
+Fixes `PHP Warning: Invalid argument supplied for foreach()` error.
+= 0.3 =
+Version 0.3 gives you the option to change external elements to HTTPS if the external server allows the elements to be accessed via HTTPS.
+= 0.2 =
+Version 0.1 did not correctly detect HTTPS on IIS and possibly other servers. Please update to version 0.2 to fix this issue.
View
BIN  screenshot-1.png
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
View
BIN  screenshot-2.png
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
View
20 uninstall.php
@@ -0,0 +1,20 @@
+<?php
+
+require_once('wordpress-https.php');
+
+if ( !defined('WP_UNINSTALL_PLUGIN') ) {
+ die();
+}
+
+// Delete WordPress HTTPS options
+delete_option('wordpress-https_external_urls');
+delete_option('wordpress-https_unsecure_external_urls');
+delete_option('wordpress-https_ssl_host');
+delete_option('wordpress-https_ssl_port');
+delete_option('wordpress-https_exclusive_https');
+delete_option('wordpress-https_frontpage');
+delete_option('wordpress-https_ssl_admin');
+delete_option('wordpress-https_ssl_host_subdomain');
+
+// Delete force_ssl custom_field from posts and pages
+delete_metadata('post', null, 'force_ssl', null, true);
View
1,403 wordpress-https.php
@@ -0,0 +1,1403 @@
+<?php
+/*
+ Plugin Name: WordPress HTTPS
+ Plugin URI: http://mvied.com/projects/wordpress-https/
+ Description: WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
+ Author: Mike Ems
+ Version: 2.0.3
+ Author URI: http://mvied.com/
+ */
+
+/**
+ * Class for the WordPress plugin WordPress HTTPS
+ *
+ * @author Mike Ems
+ * @package WordPressHTTPS
+ * @copyright Copyright 2011
+ *
+ */
+if ( !class_exists('WordPressHTTPS') ) {
+ class WordPressHTTPS {
+
+ /**
+ * Plugin Version
+ *
+ * @var int
+ */
+ public $version = '2.0.3';
+
+ /**
+ * Debug Mode
+ *
+ * Enabled debug output to the browser's console.
+ *
+ * @var boolean
+ */
+ public $debug = false;
+
+ /**
+ * Log Entries
+ *
+ * @var array
+ */
+ public $log = array();
+
+ /**
+ * Plugin URL
+ *
+ * @var string
+ */
+ public $plugin_url;
+
+ /**
+ * HTTP URL
+ *
+ * @var string
+ */
+ public $http_url;
+
+ /**
+ * HTTPS URL
+ *
+ * @var string
+ */
+ public $https_url;
+
+ /**
+ * SSL Port
+ *
+ * @var int
+ */
+ public $ssl_port;
+
+ /**
+ * Different SSL Host
+ *
+ * Set to true if the secure host is set to a a host that is not the default WordPress host.
+ *
+ * @var boolean
+ */
+ public $diff_host = false;
+
+ /**
+ * Force SSL Admin
+ *
+ * Set to true if the admin panel is being forced to use the secure host.
+ *
+ * @var boolean
+ */
+ public $ssl_admin = false;
+
+ /**
+ * Default Options
+ *
+ * @var array
+ */
+ protected $options_default = array(
+ 'wordpress-https_external_urls' => array(), // External URL's that are okay to rewrite to HTTPS
+ 'wordpress-https_unsecure_external_urls' => array(), // External URL's that are okay to rewrite to HTTPS
+ 'wordpress-https_ssl_host' => '', // Hostname for SSL Host
+ 'wordpress-https_ssl_port' => '', // Port number for SSL Host
+ 'wordpress-https_ssl_host_subdomain' => 0, // Is SSL Host a subdomain
+ 'wordpress-https_exclusive_https' => 0, // Exclusively force SSL on posts and pages with the `Force SSL` option checked.
+ 'wordpress-https_frontpage' => 0, // Force SSL on front page
+ 'wordpress-https_ssl_admin' => 0, // Force SSL Over Administration Panel (The same as FORCE_SSL_ADMIN)
+ );
+
+ /**
+ * Initialize (PHP4)
+ *
+ * @param none
+ * @return void
+ */
+ public function WordPressHTTPS() {
+ $argcv = func_get_args();
+ call_user_func_array(array(&$this, '__construct'), $argcv);
+ }
+
+ /**
+ * Initialize (PHP5+)
+ *
+ * @param none
+ * @return void
+ */
+ public function __construct() {
+ // Assign plugin_url
+ if ( version_compare( get_bloginfo('version'), '2.8', '>=' ) ) {
+ $this->plugin_url = plugins_url('', __FILE__);
+ } else {
+ $this->plugin_url = WP_PLUGIN_URL . '/' . plugin_basename(dirname(__FILE__));
+ }
+
+ // If WPHTTPS_RESET global is defined, run reset method
+ if ( defined('WPHTTPS_RESET') && constant('WPHTTPS_RESET') == true ) {
+ $this->reset();
+ }
+
+ // HTTP URL
+ $this->http_url = 'http://' . parse_url(get_option('home'), PHP_URL_HOST);
+ // HTTPS URL
+ $this->https_url = $this->replace_http($this->http_url);
+ // SSL Port
+ $this->ssl_port = ((get_option('wordpress-https_ssl_port') > 0) ? get_option('wordpress-https_ssl_port') : null);
+ // Force SSL Admin
+ $this->ssl_admin = ((force_ssl_admin() || get_option('wordpress-https_ssl_admin') > 0) ? true : false);
+
+ // If using a different host for SSL
+ if ( get_option('wordpress-https_ssl_host') && get_option('wordpress-https_ssl_host') != $this->https_url ) {
+ // Assign HTTPS URL to SSL Host
+ $this->diff_host = true;
+ $this->https_url = get_option('wordpress-https_ssl_host');
+
+ // Prevent WordPress' canonical redirect when using a different SSL Host
+ if ( $this->is_ssl() ) {
+ remove_filter('template_redirect', 'redirect_canonical');
+ }
+
+ // Add SSL Host to allowed redirect hosts
+ add_filter('allowed_redirect_hosts' , array(&$this, 'allowed_redirect_hosts'), 10, 1);
+
+ // Remove SSL Host authentication cookies on logout
+ add_action('clear_auth_cookie', array(&$this, 'clear_cookies'));
+
+ // Set authentication cookie
+ if ( $this->is_ssl() ) {
+ add_action('set_auth_cookie', array(&$this, 'set_cookie'), 10, 5);
+ add_action('set_logged_in_cookie', array(&$this, 'set_cookie'), 10, 5);
+ }
+
+ // Fix admin_url on login page
+ if ( $GLOBALS['pagenow'] == 'wp-login.php' && $this->is_ssl() ) {
+ add_filter('admin_url', array(&$this, 'replace_http_url'));
+ }
+
+ // Filter site_url in admin panel
+ if ( is_admin() && $this->is_ssl() ) {
+ add_filter('site_url', array(&$this, 'replace_http_url'));
+ add_action('wp_redirect', array(&$this, 'wp_redirect_admin'), 1, 1);
+ }
+ }
+
+ // Add SSL Port to HTTPS URL
+ if ( $this->ssl_port ) {
+ $this->https_url = $this->add_port($this->https_url);
+ }
+
+ $this->log('HTTP URL: ' . $this->http_url);
+ $this->log('HTTPS URL: ' . $this->https_url);
+
+ // Redirect admin/login pages. This is not pluggable due to the redirect methods used in wp-login.php
+ if ( ( is_admin() || $GLOBALS['pagenow'] == 'wp-login.php' ) && $this->ssl_admin ) {
+ add_action('wp_redirect', array(&$this, 'wp_redirect_admin'), 1, 1);
+ if ( !$this->is_ssl() ) {
+ $this->redirect('https');
+ }
+ }
+
+ // Start output buffering
+ add_action('init', array(&$this, 'buffer_start'));
+
+ // Check if the page needs to be redirected
+ add_action('template_redirect', array(&$this, 'redirect_check'));
+
+ // Admin panel
+ if ( is_admin() ) {
+ // Add admin menus
+ add_action('admin_menu', array(&$this, 'menu'));
+
+ // Load on plugins page
+ if ( $GLOBALS['pagenow'] == 'plugins.php' ) {
+ add_filter( 'plugin_row_meta', array(&$this, 'plugin_links'), 10, 2);
+ }
+
+ // Load on Settings page
+ if ( @$_GET['page'] == 'wordpress-https' ) {
+ wp_enqueue_script('jquery-form', $this->plugin_url . '/js/jquery.form.js', array('jquery'), '2.47', true);
+ wp_enqueue_script('jquery-tooltip', $this->plugin_url . '/js/jquery.tooltip.js', array('jquery'), '1.3', true);
+ wp_enqueue_script('wordpress-https', $this->plugin_url . '/js/admin.php', array('jquery'), $this->version, true);
+ wp_enqueue_style('wordpress-https', $this->plugin_url . '/css/admin.css', $this->version, true);
+
+ if ( function_exists('add_thickbox') ) {
+ add_thickbox();
+ }
+ }
+
+ // Add 'Force SSL' checkbox to add/edit post pages
+ if ( version_compare( get_bloginfo('version'), '2.8', '>' ) ) {
+ add_action('post_submitbox_misc_actions', array(&$this, 'post_checkbox'));
+ } else {
+ add_action('post_submitbox_start', array(&$this, 'post_checkbox'));
+ }
+ add_action('save_post', array(&$this, 'post_save'));
+ }
+
+ // Filter HTTPS from links in WP 3.0+
+ if ( version_compare(get_bloginfo('version'), '3.0', '>') && !is_admin() && strpos(get_option('home'), 'https://') === false ) {
+ add_filter('page_link', array(&$this, 'replace_https_url'));
+ add_filter('post_link', array(&$this, 'replace_https_url'));
+ add_filter('category_link', array(&$this, 'replace_https_url'));
+ add_filter('get_archives_link', array(&$this, 'replace_https_url'));
+ add_filter('tag_link', array(&$this, 'replace_https_url'));
+ add_filter('search_link', array(&$this, 'replace_https_url'));
+ add_filter('home_url', array(&$this, 'replace_https_url'));
+ add_filter('bloginfo', array(&$this, 'bloginfo'), 10, 2);
+ add_filter('bloginfo_url', array(&$this, 'bloginfo'), 10, 2);
+
+ // If the whole site is not HTTPS, set links to the front-end to HTTP from within the admin panel
+ } else if ( is_admin() && $this->is_ssl() && strpos(get_option('home'), 'https://') === false ) {
+ add_filter('page_link', array(&$this, 'replace_https_url'));
+ add_filter('post_link', array(&$this, 'replace_https_url'));
+ add_filter('category_link', array(&$this, 'replace_https_url'));
+ add_filter('get_archives_link', array(&$this, 'replace_https_url'));
+ add_filter('tag_link', array(&$this, 'replace_https_url'));
+ add_filter('search_link', array(&$this, 'replace_https_url'));
+ }
+
+ // Change all page and post links to HTTPS in the admin panel when using different SSL Host
+ if ( get_option('wordpress-https_ssl_host_subdomain') == 0 && $this->diff_host && is_admin() && $this->is_ssl() ) {
+ add_filter('page_link', array(&$this, 'replace_http_url'));
+ add_filter('post_link', array(&$this, 'replace_http_url'));
+ }
+ }
+
+ /**
+ * Operations performed when plugin is activated.
+ *
+ * @param none
+ * @return void
+ */
+ public function install() {
+ // Add plugin options
+ foreach ( $this->options_default as $option => $value ) {
+ if ( get_option($option) === false ) {
+ add_option($option, $value);
+ }
+ }
+
+ // Checks to see if the SSL Host is a subdomain
+ $http_domain = $this->get_url_domain($this->http_url);
+ $https_domain = $this->get_url_domain($this->https_url);
+
+ if ( $this->replace_https($url) != $this->http_url && $http_domain == $https_domain ) {
+ update_option('wordpress-https_ssl_host_subdomain', 1);
+ }
+
+ // Run plugin updates
+ $this->update();
+ }
+
+ /**
+ * Updates plugin from one version to another
+ *
+ * @param none
+ * @return void
+ */
+ protected function update() {
+ // Remove deprecated options
+ $deprecated_options = array(
+ 'wordpress-https_sharedssl_site',
+ 'wordpress-https_internalurls',
+ 'wordpress-https_externalurls',
+ 'wordpress-https_bypass',
+ 'wordpress-https_disable_autohttps'
+ );
+ foreach( $deprecated_options as $option ) {
+ delete_option($option);
+ }
+
+ // Upgrade from version < 2.0
+ if ( get_option('wordpress-https_sharedssl') ) {
+ $shared_ssl = ((get_option('wordpress-https_sharedssl') == 1) ? true : false);
+
+ $options = array(
+ 'wordpress-https_sharedssl' => get_option('wordpress-https_sharedssl'),
+ 'wordpress-https_sharedssl_host' => get_option('wordpress-https_sharedssl_host'),
+ 'wordpress-https_sharedssl_admin' => get_option('wordpress-https_sharedssl_admin')
+ );
+
+ foreach( $options as $option => $value) {
+ if ( $shared_ssl && $value ) {
+ if ( $option == 'wordpress-https_sharedssl_host' ) {
+ if ( $ssl_port = parse_url($value, PHP_URL_PORT) ) {
+ update_option('wordpress-https_ssl_port', $ssl_port);
+ $value = str_replace(':' . $ssl_port, '', $value);
+ }
+ update_option('wordpress-https_ssl_host', $value);
+ }
+ if ( $option == 'wordpress-https_sharedssl_admin' ) {
+ update_option('wordpress-https_ssl_admin', $value);
+ delete_option($option);
+ }
+ }
+ delete_option($option);
+ }
+ }
+
+ // Update current version
+ update_option('wordpress-https_version', $this->version);
+ }
+
+ /**
+ * Rests all plugin options to the defaults
+ *
+ * @param none
+ * @return void
+ */
+ public function reset() {
+ foreach ( $this->options_default as $option => $value ) {
+ update_option($option, $value);
+ }
+ }
+
+ /**
+ * Adds a string to an array of log entries
+ *
+ * @param none
+ * @return void
+ */
+ public function log( $string ) {
+ $this->log[] = $string;
+ }
+
+ /**
+ * Returns an array of warnings to notify the user of on the settings page
+ *
+ * @param none
+ * @return void
+ */
+ public function warnings() {
+ $warnings = array();
+ $i = 0;
+
+ // Warnings about unsecure external URL's
+ $unsecure_external_urls = (array) get_option('wordpress-https_unsecure_external_urls');
+ foreach( $unsecure_external_urls as $admin => $urls ) {
+ if ( $urls && sizeof($urls) > 0 ) {
+ $warnings[$i]['label'] = 'Unsecure External Content';
+ $warnings[$i]['warnings'] = $urls;
+ }
+ }
+ $i++;
+
+ return $warnings;
+ }
+
+ /**
+ * Finds the URL in a string
+ *
+ * @param string $string
+ * @return string $url
+ */
+ static function get_url($string) {
+ preg_match_all('/(http|https):\/\/[\/-\w\d\.,~#@^!\'()?=\+&%;:[\]]+/i', $string, $url);
+ $url = @$url[0][0];
+ return $url;
+ }
+
+ /**
+ * Retrieves the base host of a given URL
+ *
+ * @param string $url
+ * @return string $url_host
+ */
+ function get_url_domain($url) {
+ $url = $this->get_url($url);
+ $url_parts = parse_url($url);
+ $url_host_parts = explode('.', @$url_parts['host']);
+
+ // Find base hostname
+ $url_host = @$url_parts['host'];
+ for ($i = 0; $i < sizeof($url_host_parts)-1; $i++) {
+ $test_host = str_replace($url_host_parts[$i] . '.', '', $url_host);
+ if ( $this->get_file_contents($url_parts['scheme'] . '://' . $test_host) ) {
+ $url_host = $test_host;
+ } else {
+ break;
+ }
+ }
+ return $url_host;
+ }
+
+ /**
+ * Replace HTTPS with HTTP in a string
+ *
+ * @param string $string
+ * @return string $string
+ */
+ static function replace_https($string) {
+ return str_replace('https://', 'http://', $string);
+ }
+
+ /**
+ * Replace HTTP with HTTPS in a string
+ *
+ * @param string $string
+ * @return string $string
+ */
+ static function replace_http($string) {
+ return str_replace('http://', 'https://', $string);
+ }
+
+ /**
+ * Determines if URL is local or external
+ *
+ * @param string $url
+ * @return boolean
+ */
+ function is_local($url) {
+ if ( ($url_parts = parse_url($url)) && strpos($this->http_url, $url_parts['host']) !== false || strpos($this->https_url, $url_parts['host']) !== false ) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ /**
+ * Adds the SSL Port to URL in a string
+ *
+ * @param string $string
+ * @return string $string
+ */
+ function add_port($string) {
+ $url = $this->get_url($string);
+ $url_parts = parse_url($url);
+ if ( isset($url_parts['port']) ) {
+ $url = $this->remove_port($url);
+ }
+
+ if ( $this->ssl_port && $this->ssl_port != 80 && $this->ssl_port != 443 && strpos($url, ':' . $this->ssl_port) === false ) {
+ $url_host_port = $url_parts['host'] . ':' . $this->ssl_port;
+ $string = str_replace($url_parts['host'], $url_host_port, $string);
+ }
+ return $string;
+ }
+
+ /**
+ * Remove the SSL Port from URL in a string
+ *
+ * @param string $string
+ * @return string $string
+ */
+ function remove_port($string) {
+ $url = $this->get_url($string);
+
+ if ( $this->is_local($url) && $port = parse_url($url, PHP_URL_PORT) ) {
+ $string = str_replace($url, str_replace(':' . $port, '', $url), $string);
+ }
+ return $string;
+ }
+
+ /**
+ * Replaces HTTP Host with HTTPS Host
+ *
+ * @param string $string
+ * @return string $string
+ */
+ function replace_http_url($string) {
+ // URL in string to be replaced
+ $url_original = $this->get_url($string);
+ if ( $this->is_local($url_original) ) {
+ $url_parts = parse_url($url_original);
+ $url = str_replace($url_parts['host'], parse_url($this->https_url, PHP_URL_HOST), $url_original);
+ if ( $this->diff_host ) {
+ $https_url_path = parse_url($this->https_url, PHP_URL_PATH);
+ if ( strpos($url_parts['path'], $https_url_path) === false ) {
+ if ( $url_parts['path'] == '/' ) {
+ $url = rtrim('/', $url) . $https_url_path;
+ } else {
+ $url = str_replace($url_parts['path'], $https_url_path . $url_parts['path'], $url);
+ }
+ }
+ }
+
+ $url = $this->remove_port($url);
+ $url = $this->add_port($url);
+ $url = $this->replace_http($url);
+ $string = str_replace($url_original, $url, $string);
+ } else if ( $url_parts == null ) {
+ $this->log('[ERROR] Unabled to parse URL: ' . $url_original);
+ }
+
+ return $string;
+ }
+
+ /**
+ * Replaces HTTPS Host with HTTP Host
+ *
+ * @param string $string
+ * @return string $string
+ */
+ public function replace_https_url($string) {
+ $url_original = $this->get_url($string);
+ if ( $this->is_local($url_original) ) {
+ $url_parts = parse_url($url_original);
+ $url = str_replace($url_parts['host'], parse_url($this->http_url, PHP_URL_HOST), $url_original);
+ if ( $this->diff_host ) {
+ $https_url_path = parse_url($this->https_url, PHP_URL_PATH);
+ if ( $https_url_path != '/' && strpos(@$url_parts['path'], $https_url_path) !== false ) {
+ $url = str_replace($https_url_path, '', $url);
+ }
+ }
+ $url = $this->remove_port($url);
+ $url = $this->replace_https($url);
+ $string = str_replace($url_original, $url, $string);
+ } else if ( $url_parts == null ) {
+ $this->log('[ERROR] Unabled to parse URL: ' . $url_original);
+ }
+
+ return $string;
+ }
+
+ /**
+ * Retrieves the contents of a local or external file
+ *
+ * @param string $url
+ * @return boolean|string Contents of existing file, or false if file does not exist
+ */
+ static function get_file_contents($url) {
+ if ( function_exists('curl_init') ) {
+ $ch = curl_init();
+
+ curl_setopt($ch, CURLOPT_URL, $url);
+ curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+ curl_setopt($ch, CURLOPT_FAILONERROR, true);
+ @curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+ curl_setopt($ch, CURLOPT_HEADER, false);
+ curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
+
+ $content = curl_exec($ch);
+ $info = curl_getinfo($ch);
+ if ( !$info['http_code'] && ( $info['http_code'] == 0 || $info['http_code'] == 302 || $info['http_code'] == 404 ) ) {
+ $content = false;
+ } else if ( $content == "" ) {
+ $content = true;
+ }
+ curl_close($ch);
+ return $content;
+ } else if ( @ini_get('allow_url_fopen') ) {
+ $content = @file_get_contents($url);
+ return $content;
+ }
+ return false;
+ }
+
+ /**
+ * Start output buffering
+ *
+ * @param none
+ * @return void
+ */
+ public function buffer_start() {
+ ob_start(array(&$this, 'process'));
+ }
+
+ /**
+ * Processes the output buffer to fix HTML output
+ *
+ * @param string $buffer
+ * @return string $buffer
+ */
+ public function process($buffer) {
+ $processed_urls = array();
+ // Post = 2, Admin = 1, Other = 0
+ $location = ((is_admin()) ? 1 : ((is_page() || is_home()) ? 2 : 0));
+
+ $external_urls = get_option('wordpress-https_external_urls');
+ if ( !is_array($external_urls) ) {
+ $external_urls = array();
+ }
+
+ $unsecure_external_urls = get_option('wordpress-https_unsecure_external_urls');
+ if ( !is_array($unsecure_external_urls) ) {
+ $unsecure_external_urls = array();
+ }
+
+ // Fix any occurrence of the HTTPS version of the regular domain when using different SSL Host
+ if ( $this->diff_host ) {
+ $url = $this->replace_http($this->http_url);
+ $count = substr_count($buffer, $url);
+ if ( $count > 0 ) {
+ $this->log('[FIXED] Updated ' . $count . ' Occurrences of URL: ' . $url . ' => ' . $this->replace_https_url($url));
+ $buffer = str_replace($url, $this->replace_https_url($url), $buffer);
+ }
+ }
+
+ if ( $this->is_ssl() ) {
+ if ( is_admin() ) {
+ preg_match_all('/\<(script|link|img)[^>]+[\'"]((http|https):\/\/[^\'"]+)[\'"][^>]*>/im', $buffer, $matches);
+ } else {
+ preg_match_all('/\<(script|link|img|form|input|embed|param)[^>]+[\'"]((http|https):\/\/[^\'"]+)[\'"][^>]*>/im', $buffer, $matches);
+ }
+ for ($i = 0; $i < sizeof($matches[0]); $i++) {
+ $html = $matches[0][$i];
+ $type = $matches[1][$i];
+ $url = $matches[2][$i];
+ $scheme = $matches[3][$i];
+ $updated = false;
+
+ if ( $type == 'img' || $type == 'script' || $type == 'embed' ||
+ ( $type == 'link' && ( strpos($html, 'stylesheet') !== false || strpos($html, 'pingback') !== false ) ) ||
+ ( $type == 'form' && strpos($html, 'wp-pass.php') !== false ) ||
+ ( $type == 'form' && strpos($html, 'commentform') !== false ) ||
+ ( $type == 'input' && strpos($html, 'image') !== false ) ||
+ ( $type == 'param' && strpos($html, 'movie') !== false )
+ ) {
+ // Fix image tags in the admin panel
+ if ( is_admin() && $type == 'img' ) {
+ if ( strpos($url, $this->http_url) !== false && $this->diff_host ) {
+ $updated = true;
+ $processed_urls[$url] = $this->replace_http_url($url);
+ $buffer = str_replace($html, str_replace($url, $processed_urls[$url], $html), $buffer);
+ }
+ } else {
+ // If local
+ if ( $this->is_local($url) ) {
+ $updated = true;
+ $processed_urls[$url] = $this->replace_http_url($url);
+ $buffer = str_replace($html, str_replace($url, $processed_urls[$url], $html), $buffer);
+ // If external and not HTTPS
+ } else if ( strpos($url, 'https://') === false ) {
+ if ( @in_array($url, $external_urls) == false && @in_array($url, $unsecure_external_urls[$location]) == false ) {
+ if ( $this->get_file_contents($this->replace_http($url)) !== false ) {
+ // Cache this URL as available over HTTPS for future reference
+ $external_urls[] = $url;
+ update_option('wordpress-https_external_urls', $external_urls);
+ } else {
+ // If not available over HTTPS, mark as an unsecure external URL
+ $unsecure_external_urls[$location][] = $url;
+ update_option('wordpress-https_unsecure_external_urls', $unsecure_external_urls);
+ }
+ }
+
+ if ( in_array($url, $external_urls) ) {
+ $updated = true;
+ $processed_urls[$url] = $this->replace_http($url);
+ $buffer = str_replace($html, str_replace($url, $processed_urls[$url], $html), $buffer);
+ } else {
+ $processed_urls[$url] = $url;
+ }
+ }
+
+ if ( $updated == false && strpos($url, 'https://') === false ) {
+ $this->log('[WARNING] Unsecure Element: <' . $type . '> - ' . $url);
+ }
+ }
+ }
+
+ if ( $updated && $url != $processed_urls[$url] ) {
+ $this->log('[FIXED] Element: <' . $type . '> - ' . $url . ' => ' . $processed_urls[$url]);
+ }
+ }
+
+ // Fix any CSS background images or imports
+ preg_match_all('/(import|background)[:]?[^u]*url\([\'"]?(http:\/\/[^)]+)[\'"]?\)/im', $buffer, $matches);
+ for ($i = 0; $i < sizeof($matches[0]); $i++) {
+ $css = $matches[0][$i];
+ $url = $matches[2][$i];
+ $processed_urls[$url] = $this->replace_http_url($url);
+ $buffer = str_replace($css, str_replace($url, $processed_urls[$url], $css), $buffer);
+ $this->log('[FIXED] CSS: ' . $url . ' => ' . $processed_urls[$url]);
+ }
+
+ // Look for any relative paths that should be udpated to the SSL Host path
+ if ( $this->diff_host ) {
+ preg_match_all('/\<(script|link|img|input|form|embed|param|a)[^>]+(src|href|action|data|movie)=[\'"](\/[^\'"]*)[\'"][^>]*>/im', $buffer, $matches);
+
+ for ($i = 0; $i < sizeof($matches[0]); $i++) {
+ $html = $matches[0][$i];
+ $type = $matches[1][$i];
+ $attr = $matches[2][$i];
+ $url = $matches[3][$i];
+ if ( $type != 'input' || ( $type == 'input' && $attr == 'image' ) ) {
+ $https_url = $this->https_url;
+ if ( strpos($url, parse_url($https_url, PHP_URL_PATH)) !== false ) {
+ $https_url = str_replace(parse_url($https_url, PHP_URL_PATH), '', $https_url);
+ }
+ $processed_urls[$url] = $https_url . $url;
+ $buffer = str_replace($html, str_replace($url, $processed_urls[$url], $html), $buffer);
+ $this->log('[FIXED] Element: <' . $type . '> - ' . $url . ' => ' . $processed_urls[$url]);
+ }
+ }
+ }
+ }
+
+ // Update anchor and form tags to appropriate URL's
+ preg_match_all('/\<(a|form)[^>]+[\'"]((http|https):\/\/[^\'"]+)[\'"][^>]*>/im', $buffer, $matches);
+
+ for ($i = 0; $i < sizeof($matches[0]); $i++) {
+ $html = $matches[0][$i];
+ $type = $matches[1][$i];
+ $url = $matches[2][$i];
+ $scheme = $matches[3][$i];
+ $updated = false;
+
+ unset($force_ssl);
+
+ if ( $this->is_local($url) ) {
+ $url_parts = parse_url($url);
+ if ( $this->diff_host ) {
+ $url_parts['path'] = str_replace(parse_url($this->https_url, PHP_URL_PATH), '', $url_parts['path']);
+ }
+ $url_parts['path'] = str_replace(parse_url(get_option('home'), PHP_URL_PATH), '', $url_parts['path']);
+
+ if ( preg_match("/page_id=([\d]+)/", parse_url($url, PHP_URL_QUERY), $postID) ) {
+ $post = $postID[1];
+ } else if ( $post = get_page_by_path($url_parts['path']) ) {
+ $post = $post->ID;
+ } else if ( $url_parts['path'] == '/' ) {
+ if ( get_option('show_on_front') == 'posts' ) {
+ $post = true;
+ $force_ssl = (( get_option('wordpress-https_frontpage') == 1 ) ? true : false);
+ } else {
+ $post = get_option('page_on_front');
+ }
+ //TODO When logged in to HTTP and visiting an HTTPS page, admin links will always be forced to HTTPS, even if the user is not logged in via HTTPS. I need to find a way to detect this.
+ } else if ( ( strpos($url_parts['path'], 'wp-admin') !== false || strpos($url_parts['path'], 'wp-login') !== false ) && ( $this->is_ssl() || $this->ssl_admin )) {
+ $post = true;
+ $force_ssl = true;
+ }
+
+ if ( isset($post) ) {
+ // Always change links to HTTPS when logged in via different SSL Host
+ if ( $type == 'a' && get_option('wordpress-https_ssl_host_subdomain') == 0 && $this->diff_host && $this->ssl_admin && is_user_logged_in() ) {
+ $force_ssl = true;
+ } else if ( is_int($post) ) {
+ $force_ssl = (( !isset($force_ssl) ) ? get_post_meta($post, 'force_ssl', true) : $force_ssl);
+ }
+
+ if ( $force_ssl == true ) {
+ $updated = true;
+ $processed_urls[$url] = $this->replace_http_url($url);
+ $buffer = str_replace($html, str_replace($url, $processed_urls[$url], $html), $buffer);
+ } else if ( get_option('wordpress-https_exclusive_https') == 1 ) {
+ $updated = true;
+ $processed_urls[$url] = $this->replace_https_url($url);
+ $buffer = str_replace($html, str_replace($url, $processed_urls[$url], $html), $buffer);
+ }
+ }
+
+ if ( $updated && $url != $processed_urls[$url] ) {
+ $this->log('[FIXED] Element: <' . $type . '> - ' . $url . ' => ' . $processed_urls[$url]);
+ }
+ }
+ }
+
+ // If an unsecure element has been removed from the site, remove it from $unsecure_external_urls to clear warnings
+ if ( isset($unsecure_external_urls[$location]) && is_array($unsecure_external_urls[$location]) ) {
+ $unsecure_external_urls[$location] = array_values($unsecure_external_urls[$location]);
+ for( $i = 0; $i < sizeof($unsecure_external_urls[$location]); $i++ ) {
+ $removed = true;
+ foreach( $processed_urls as $original_url => $new_url ) {
+ // If unsecure_external_url was found in processed_urls, it has not been removed
+ if ( $unsecure_external_urls[$location][$i] == $original_url ) {
+ $removed = false;
+ }
+ }
+ if ( $removed ) {
+ $this->log('[FIXED] Removed Unsecure URL: ' . $unsecure_external_urls[$location][$i]);
+ unset($unsecure_external_urls[$location][$i]);
+ update_option('wordpress-https_unsecure_external_urls', $unsecure_external_urls);
+ }
+
+ }
+ }
+
+ // Add debug console logging. It's not pretty, but it works.
+ if ( $this->debug && sizeof($this->log) > 0 ) {
+ $code = "<script type=\"text/javascript\">\n\tif ( typeof console === 'object' ) {\n";
+
+ array_unshift($this->log, '[BEGIN WordPress HTTPS Debug Log]');
+ array_push($this->log, '[END WordPress HTTPS Debug Log]');
+ foreach( $this->log as $log_entry ) {
+ if ( is_array($log_entry) ) {
+ $log_entry = json_encode($log_entry);
+ } else {
+ $log_entry = "'" . $log_entry . "'";
+ }
+ $code .= "\t\tconsole.log(" . $log_entry . ");\n";
+ }
+ $code .= "\t}\n</script>\n";
+ $buffer = str_replace("</body>", $code . "\n</body>", $buffer);
+ }
+
+ return $buffer;
+ }
+
+ /**
+ * Filters HTTPS urls from bloginfo function
+ *
+ * @param string $result
+ * @param string $show
+ * @return string $result
+ */
+ public function bloginfo($result = '', $show = '') {
+ if ( $show == 'stylesheet_url' || $show == 'template_url' || $show == 'wpurl' || $show == 'home' || $show == 'siteurl' || $show == 'url' ) {
+ $result = $this->replace_https_url($result);
+ }
+ return $result;
+ }
+
+ /**
+ * Checks if the current page is SSL
+ *
+ * @param none
+ * @return bool
+ */
+ public function is_ssl() {
+ $https_url = parse_url($this->https_url);
+ // Some extra checks for proxies and Shared SSL
+ if ( is_ssl() && strpos($_SERVER['HTTP_HOST'], $https_url['host']) === false ) {
+ return false;
+ } else if ( isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https' ) {
+ return true;
+ } else if ( $this->diff_host && !is_ssl() && isset($_SERVER['HTTP_X_FORWARDED_SERVER']) && strpos($this->https_url, 'https://' . $_SERVER['HTTP_X_FORWARDED_SERVER']) !== false ) {
+ return true;
+ } else if ( $this->diff_host && !is_ssl() && strpos($_SERVER['HTTP_HOST'], $https_url['host']) !== false && (!$this->ssl_port || $_SERVER['SERVER_PORT'] == $this->ssl_port) && (isset($https_url['path']) && !$https_url['path'] || strpos($_SERVER['REQUEST_URI'], $https_url['path']) !== false) ) {
+ return true;
+ }
+ return is_ssl();
+ }
+
+ /**
+ * Checks if the current page needs to be redirected
+ *
+ * @param none
+ * @return void
+ */
+ public function redirect_check() {
+ global $post;
+ if ( is_front_page() && get_option('show_on_front') == 'posts' ) {
+ if ( get_option('wordpress-https_frontpage') == 1 && !$this->is_ssl() ) {
+ $scheme = 'https';
+ } else if ( get_option('wordpress-https_frontpage') != 1 && get_option('wordpress-https_exclusive_https') == 1 && $this->is_ssl() && ( !$this->diff_host || ( $this->diff_host && $this->ssl_admin && !is_user_logged_in() ) ) ) {
+ $scheme = 'http';
+ }
+ } else if ( ( is_single() || is_page() || is_front_page() || is_home() ) && $post->ID > 0 ) {
+ $force_ssl = get_post_meta($post->ID, 'force_ssl', true);
+ $force_ssl = apply_filters('force_ssl', $force_ssl, $post->ID );
+ if ( !$this->is_ssl() && $force_ssl ) {
+ $scheme = 'https';
+ } else if ( get_option('wordpress-https_exclusive_https') == 1 && !$force_ssl && ( !$this->diff_host || ( $this->diff_host && $this->ssl_admin && !is_user_logged_in() ) ) ) {
+ $scheme = 'http';
+ }
+ }
+
+ if ( isset($scheme) ) {
+ $this->redirect($scheme);
+ }
+ }
+
+ /**
+ * Fix wp_redirect in admin/login when using a different SSL Host
+ *
+ * @param string $url
+ * @return string $url
+ */
+ public function wp_redirect_admin( $url ) {
+ $url = $this->replace_http_url($url);
+
+ // Fix redirect_to
+ preg_match('/redirect_to=([^&]+)/i', $url, $redirect);
+ $redirect_url = $redirect[1];
+ $url = str_replace($redirect_url, urlencode($this->replace_http_url(urldecode($redirect_url))), $url);
+ return $url;
+ }
+
+ /**
+ * Redirects page to HTTP or HTTPS accordingly
+ *
+ * @param string $scheme Either http or https
+ * @return void
+ */
+ public function redirect($scheme = 'https') {
+ if ( !$this->is_ssl() && $scheme == 'https' ) {
+ $url = parse_url($this->https_url);
+ $url['scheme'] = $scheme;
+ } else if ( $this->is_ssl() && $scheme == 'http' ) {
+ $url = parse_url($this->http_url);
+ $url['scheme'] = $scheme;
+ } else {
+ $url = false;
+ }
+ if ( $url ) {
+ $destination = $url['scheme'] . '://' . $url['host'] . (( isset($url['port']) ) ? ':' . $url['port'] : '') . (( $this->diff_host && isset($url['path']) ) ? $url['path'] : '') . $_SERVER['REQUEST_URI'];
+ if ( function_exists('wp_redirect') ) {
+ wp_redirect($destination, 301);
+
+ // The only time this is called is when forcing an SSL redirect to the login page from the __construct method
+ } else {
+ // End all output buffering and redirect
+ while(@ob_end_clean());
+
+ // If redirecting to an admin page
+ if ( strpos($destination, 'wp-admin') !== false || strpos($destination, 'wp-login') !== false ) {
+ $destination = $this->wp_redirect_admin($destination);
+ }
+
+ header("Location: " . $destination);
+ }
+ exit();
+ }
+ }
+
+ /**
+ * Add SSL Host host to allowed redirect hosts
+ *
+ * @param array $content
+ * @return array $content
+ */
+ public function allowed_redirect_hosts($content) {
+ $content[] = parse_url($this->https_url, PHP_URL_HOST);
+ return $content;
+ }
+
+ /**
+ * Set Cookie
+ *
+ * Set authentication cookie when using different SSL Host
+ *
+ * @param none
+ * @return void
+ */
+ public function set_cookie($cookie, $expire, $expiration, $user_id, $scheme) {
+ if( $scheme == 'logged_in' ) {
+ $cookie_name = LOGGED_IN_COOKIE;
+ } elseif ( $secure ) {
+ $cookie_name = SECURE_AUTH_COOKIE;
+ $scheme = 'secure_auth';
+ } else {
+ $cookie_name = AUTH_COOKIE;
+ $scheme = 'auth';
+ }
+
+ //$cookie_domain = COOKIE_DOMAIN;
+ $cookie_path = COOKIEPATH;
+ $cookie_path_site = SITECOOKIEPATH;
+ $cookie_path_plugins = PLUGINS_COOKIE_PATH;
+ $cookie_path_admin = ADMIN_COOKIE_PATH;
+
+ if ( $this->diff_host && $this->is_ssl() ) {
+ // If SSL Host is a subdomain and we're setting an authentication cookie, the cookie does not need to be set
+ if ( get_option('wordpress-https_ssl_host_subdomain') == 1 && ( $scheme == 'auth' || $scheme == 'secure_auth' ) ) {
+ return;
+ // If SSL Host is a subdomain, make cookie domain a wildcard
+ } else if ( get_option('wordpress-https_ssl_host_subdomain') == 1 ) {
+ $cookie_domain = '.' . $this->get_url_domain($this->https_url);
+ // Otherwise, cookie domain set for different SSL Host
+ } else {
+ $cookie_domain = parse_url($this->https_url, PHP_URL_HOST);
+ }
+
+ $cookie_path = rtrim(parse_url($this->https_url, PHP_URL_PATH), '/') . $cookie_path;
+ $cookie_path_site = rtrim(parse_url($this->https_url, PHP_URL_PATH), '/') . $cookie_path_site;
+ $cookie_path_plugins = rtrim(parse_url($this->https_url, PHP_URL_PATH), '/') . $cookie_path_plugins;
+ $cookie_path_admin = $cookie_path_site . 'wp-admin';
+ }
+
+ // Cookie paths defined to accomodate different SSL Host
+ if ( version_compare(phpversion(), '5.2.0', '>=') ) {
+ if ( $scheme == 'logged_in' ) {
+ setcookie($cookie_name, $cookie, $expire, $cookie_path, $cookie_domain, $secure, true);
+ if ( $cookie_path != $cookie_path_site ) {
+ setcookie($cookie_name, $cookie, $expire, $cookie_path_site, $cookie_domain, $secure, true);
+ }
+ } else {
+ setcookie($cookie_name, $cookie, $expire, $cookie_path_plugins, $cookie_domain, false, true);
+ setcookie($cookie_name, $cookie, $expire, $cookie_path_admin, $cookie_domain, false, true);
+ }
+ } else {
+ if ( !empty($cookie_domain) ) {
+ $cookie_domain .= '; HttpOnly';
+ }
+
+ if ( $scheme == 'logged_in' ) {
+ setcookie($cookie_name, $cookie, $expire, $cookie_path, $cookie_domain, $secure);
+ if ( $cookie_path != $cookie_path_site ) {
+ setcookie($cookie_name, $cookie, $expire, $cookie_path_site, $cookie_domain, $secure);
+ }
+ } else {
+ setcookie($cookie_name, $cookie, $expire, $cookie_path_plugins, $cookie_domain);
+ setcookie($cookie_name, $cookie, $expire, $cookie_path_admin, $cookie_domain);
+ }
+ }
+ }
+
+ /**
+ * Clear Cookies
+ *
+ * Clear authentication and logged in cookies when using a different SSL Host
+ *
+ * @param none
+ * @return void
+ */
+ public function clear_cookies() {
+ $cookie_domain = '.' . $this->get_url_domain($this->https_url);
+ $cookie_path = rtrim(parse_url($this->https_url, PHP_URL_PATH), '/') . COOKIEPATH;
+ $cookie_path_site = rtrim(parse_url($this->https_url, PHP_URL_PATH), '/') . SITECOOKIEPATH;
+ $cookie_path_plugins = rtrim(parse_url($this->https_url, PHP_URL_PATH), '/') . PLUGINS_COOKIE_PATH;
+ $cookie_path_admin = $cookie_path_site . 'wp-admin';
+
+ if ( get_option('wordpress-https_ssl_host_subdomain') == 1 ) {
+ setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, $cookie_path, $cookie_domain);
+ setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, $cookie_path_site, $cookie_domain);
+ }
+
+ setcookie(AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_admin);
+ setcookie(AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_plugins);
+ setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_admin);
+ setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, $cookie_path_plugins);
+ setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, $cookie_path);
+ setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, $cookie_path_site);
+ }
+
+ /**
+ * Add 'Force SSL' checkbox to add/edit post pages
+ *
+ * @param none
+ * @return void
+ */
+ public function post_checkbox() {
+ global $post;
+
+ wp_nonce_field(plugin_basename(__FILE__), 'wordpress-https');
+
+ $checked = false;
+ if ( $post->ID ) {
+ $checked = get_post_meta($post->ID, 'force_ssl', true);
+ }
+ echo '<div class="misc-pub-section misc-pub-section-wphttps"><label>Force SSL: <input type="checkbox" value="1" name="force_ssl" id="force_ssl"' . (( $checked ) ? ' checked="checked"' : '') . ' /></label></div>';
+ }
+
+ /**
+ * Save Force SSL option to post or page
+ *
+ * @param int $post_id
+ * @return int $post_id
+ */
+ public function post_save( $post_id ) {
+ if ( array_key_exists('wordpress-https', $_POST) ) {
+ if ( !wp_verify_nonce($_POST['wordpress-https'], plugin_basename(__FILE__)) ) {
+ return $post_id;
+ }
+
+ if ( defined('DOING_AUTOSAVE') && DOING_AUTOSAVE ) {
+ return $post_id;
+ }
+
+ if ( $_POST['post_type'] == 'page' ) {
+ if ( !current_user_can('edit_page', $post_id) ) {
+ return $post_id;
+ }
+ } else {
+ if ( !current_user_can('edit_post', $post_id) ) {
+ return $post_id;
+ }
+ }
+
+ $force_ssl = (( $_POST['force_ssl'] == 1 ) ? true : false);
+ if ( $force_ssl ) {
+ update_post_meta($post_id, 'force_ssl', 1);
+ } else {
+ delete_post_meta($post_id, 'force_ssl');
+ }
+
+ return $force_ssl;
+ }
+ return $post_id;
+ }
+
+ /**
+ * Admin panel menu option
+ *
+ * @param none
+ * @return void
+ */
+ public function menu() {
+ add_options_page('WordPress HTTPS Settings', 'WordPress HTTPS', 'manage_options', 'wordpress-https', array(&$this, 'settings'));
+ }
+
+ /**
+ * Plugin links on Manage Plugins page in admin panel
+ *
+ * @param array $links
+ * @param string $file
+ * @return array $links
+ */
+ public function plugin_links($links, $file) {
+ if ( strpos($file, basename( __FILE__)) === false ) {
+ return $links;
+ }
+
+ $links[] = '<a href="' . site_url() . '/wp-admin/options-general.php?page=wordpress-https" title="WordPress HTTPS Settings">Settings</a>';
+ $links[] = '<a href="http://wordpress.org/extend/plugins/wordpress-https/faq/" title="Frequently Asked Questions">FAQ</a>';
+ $links[] = '<a href="http://wordpress.org/tags/wordpress-https#postform" title="Support">Support</a>';
+ $links[] = '<a href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=N9NFVADLVUR7A" title="Support WordPress HTTPS development with a donation!">Donate</a>';
+ return $links;
+ }
+
+ /**
+ * Settings Page
+ *
+ * @param none
+ * @return void
+ */
+ public function settings() {
+ if ( !current_user_can('manage_options') ) {
+ wp_die( __('You do not have sufficient permissions to access this page.') );
+ }
+
+ if ( $_SERVER['REQUEST_METHOD'] === 'POST' ) {
+ $errors = array();
+ $reload = false;
+ $logout = false;
+ if ( @$_POST['Reset'] ) {
+ $this->reset();
+ $reload = true;
+ } else {
+ foreach ($this->options_default as $key => $default) {
+ if ( !array_key_exists($key, $_POST) && $default == 0 ) {
+ $_POST[$key] = 0;
+ update_option($key, $_POST[$key]);
+ } else {
+ if ( $key == 'wordpress-https_ssl_host' ) {
+ if ( $_POST[$key] != '' ) {
+ $url = strtolower($_POST[$key]);
+ // Add scheme if it doesn't exist so that parse_url does not fail
+ if ( strpos($url, 'http://') === false && strpos($url, 'https://') === false ) {
+ $url = $this->replace_http('http://' . $url);
+ }
+ $url = parse_url($url);
+ $port = ((isset($_POST['wordpress-https_ssl_port'])) ? $_POST['wordpress-https_ssl_port'] : $url['port']);
+ $port = (($port != 80 && $port != 443) ? $port : null);
+ $url = 'https://' . $url['host'] . (($port) ? ':' . $port : '') . @$url['path'];
+
+ // If secure host is set to a different host
+ if ( $url != $this->https_url ) {
+ $home_url = $url . parse_url(get_option('home'), PHP_URL_PATH);
+ // Add trailing slash
+ $home_url = ((substr($home_url, -1) !== '/') ? $home_url . '/' : $home_url);
+ // Ensure that the WordPress installation is accessible at this host
+ if ( $this->get_file_contents($home_url) ) {
+ // Remove trailing slash
+ if ( substr($url, -1, 1) == '/' ) {
+ $url = substr($url, 0, strlen($url)-1);
+ }
+ $this->log('[SETTINGS] Updated SSL Host: ' . $this->https_url . ' => ' . $url);
+
+ // If secure domain has changed and currently on SSL, logout user
+ if ( $this->is_ssl() ) {
+ $logout = true;
+ }
+ $_POST[$key] = $this->remove_port($url);
+ } else {
+ $errors[] = '<strong>SSL Host</strong> - Invalid WordPress installation at ' . $home_url;
+ $_POST[$key] = get_option($key);
+ }
+ } else {
+ $_POST[$key] = $this->https_url;
+ }
+ } else {
+ $_POST[$key] = get_option($key);
+ }
+ } else if ( $key == 'wordpress-https_ssl_admin' ) {
+ if ( force_ssl_admin() || force_ssl_login() ) {
+ $errors[] = '<strong>SSL Admin</strong> - FORCE_SSL_ADMIN and FORCE_SSL_LOGIN can not be set to true in your wp-config.php.';
+ $_POST[$key] = 0;
+ // If forcing SSL Admin and currently not SSL, logout user
+ } else if ( !$this->is_ssl() ) {
+ $logout = true;
+ }
+ } else if ( $key == 'wordpress-https_ssl_host_subdomain' ) {
+ // Checks to see if the SSL Host is a subdomain
+ $http_domain = $this->get_url_domain($this->http_url);
+ $https_domain = $this->get_url_domain($this->https_url);
+
+ if ( $this->replace_https($url) != $this->http_url && $http_domain == $https_domain ) {
+ $_POST[$key] = 1;
+ } else {
+ $_POST[$key] = 0;
+ }
+ }
+
+ update_option($key, $_POST[$key]);
+ }
+ }
+ }
+
+ if ( $logout ) {
+ wp_logout();
+ }
+
+ if ( array_key_exists('ajax', $_POST) ) {
+ while(@ob_end_clean());
+ ob_start();
+ if ( sizeof( $errors ) > 0 ) {
+ echo "<div class=\"error below-h2 fade wphttps-message\" id=\"message\">\n\t<ul>\n";
+ foreach ( $errors as $error ) {
+ echo "\t\t<li><p>".$error."</p></li>\n";
+ }
+ echo "\t</ul>\n</div>\n";
+ } else {
+ echo "<div class=\"updated below-h2 fade wphttps-message\" id=\"message\"><p>Settings saved.</p></div>\n";
+ if ( $logout || $reload ) {
+ echo "<script type=\"text/javascript\">window.location.reload();</script>";
+ }
+ }
+ exit();
+ }
+ }
+?>
+
+<div class="wrap">
+ <div id="icon-options-general" class="icon32"><br /></div>
+ <h2>WordPress HTTPS Settings</h2>
+
+<?php
+ if ( $_SERVER['REQUEST_METHOD'] === 'POST' ) {
+ if ( sizeof( $errors ) > 0 ) {
+ echo "\t<div class=\"error below-h2 fade wphttps-message\" id=\"message\">\n\t<ul>\n";
+ foreach ( $errors as $error ) {
+ echo "\t\t<li><p>".$error."</p></li>\n";
+ }
+ echo "\t</ul>\n</div>\n";
+ } else {
+ echo "\t\t<div class=\"updated below-h2 fade wphttps-message\" id=\"message\"><p>Settings saved.</p></div>\n";
+ }
+ } else {
+ echo "\t<div class=\"wphttps-message-wrap\"id=\"message-wrap\"><div id=\"message-body\"></div></div>\n";
+ }
+?>
+
+ <div id="wphttps-sidebar">
+
+<?php if ( sizeof($this->warnings()) > 0 ) { ?>
+ <div class="wphttps-widget" id="wphttps-warnings">
+ <h3 class="wphttps-widget-title">Warnings</h3>
+ <div class="wphttps-widget-content inside">
+<?php
+ foreach( $this->warnings() as $warning ) {
+ $warning_id = 'warnings-' . strtolower(str_replace(' ', '-', $warning['label']));
+ echo "\t\t\t\t\t<strong>" . $warning['label'] . "</strong><a class=\"warning-help wphttps-icon\" href=\"#" . $warning_id . "-tooltip\">Help</a>\n";
+ echo "\t\t\t\t\t<ul id=\"" . $warning_id . "\">";
+ foreach ( $warning['warnings'] as $warning ) {
+ echo "\t\t\t\t\t\t<li><span class=\"warning-url\">" . $warning . "</span></li>\n";
+ }
+ echo "\t\t\t\t\t</ul>\n\n";
+ }
+?>
+ </div>
+ </div>
+
+<?php } ?>
+
+ <div class="wphttps-widget" id="wphttps-updates">
+ <h3 class="wphttps-widget-title">Developer Updates</h3>
+ <div class="wphttps-widget-content inside">
+ <img alt="Loading..." src="<?php echo parse_url($this->plugin_url, PHP_URL_PATH); ?>/css/images/wpspin_light.gif" class="loading" id="updates-loading" />
+ </div>
+ </div>
+
+ <div class="wphttps-widget" id="wphttps-support">
+ <h3 class="wphttps-widget-title">Support</h3>
+ <div class="wphttps-widget-content inside">
+ <p>Having problems getting your site secure? If you haven't already, check out the <a href="http://wordpress.org/extend/plugins/wordpress-https/faq/" target="_blank">Frequently Asked Questions</a>.</p>
+ <p>Still not fixed? Please <a href="http://wordpress.org/tags/wordpress-https#postform" target="_blank">start a support topic</a> and I'll do my best to assist you.</p>
+ </div>
+ </div>
+
+ <div class="wphttps-widget" id="wphttps-donate">
+ <h3 class="wphttps-widget-title">Donate</h3>
+ <div class="wphttps-widget-content inside">
+ <p>If you found this plugin useful, or I've already helped you, please considering buying me a <a href="http://en.wikipedia.org/wiki/Newcastle_Brown_Ale" target="_blank">beer</a> or two.</p>
+ <p>Donations help alleviate the time spent developing and supporting this plugin and are greatly appreciated.</p>
+
+ <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=N9NFVADLVUR7A" target="_blank" id="wphttps-donate-link">
+ <img alt="Donate" src="https://www.paypal.com/en_US/i/btn/btn_donate_SM.gif" width="74" height="21" />
+ </a>
+ </div>
+ </div>
+
+ </div>
+
+ <div id="wphttps-main">
+ <div id="post-body">
+ <form name="form" id="wordpress-https" action="options-general.php?page=wordpress-https" method="post">
+ <?php settings_fields('wordpress-https'); ?>
+
+ <input type="hidden" name="wordpress-https_ssl_host_subdomain" value="<?php echo ((get_option('wordpress-https_ssl_host_subdomain') != 1) ? 0 : 1); ?>" />
+
+ <h3 class="title">General Settings</h3>
+ <table class="form-table">
+ <tr valign="top">
+ <th scope="row">SSL Host</th>
+ <td>
+ <fieldset>
+ <label for="wordpress-https_ssl_host">
+ <input name="wordpress-https_ssl_host" type="text" id="wordpress-https_ssl_host" class="regular-text code" value="<?php echo str_replace('https://', '', $this->remove_port($this->https_url)); ?>" />
+ </label>
+ <label for="wordpress-https_ssl_port">Port
+ <input name="wordpress-https_ssl_port" type="text" id="wordpress-https_ssl_port" class="small-text" value="<?php echo $this->ssl_port; ?>" />
+ </label>
+ </fieldset>
+ </td>
+ </tr>
+ <tr valign="top">
+ <th scope="row">Force SSL Exclusively</th>
+ <td>
+ <fieldset>
+ <input name="wordpress-https_exclusive_https" type="checkbox" id="wordpress-https_exclusive_https" value="1"<?php echo ((get_option('wordpress-https_exclusive_https')) ? ' checked="checked"' : ''); ?> />
+ <label for="wordpress-https_exclusive_https">
+ Posts and pages without <a href="<?php echo parse_url($this->plugin_url, PHP_URL_PATH); ?>/screenshot-2.png" class="thickbox">Force SSL</a> enabled will be redirected to HTTP.
+ </label>
+ </fieldset>
+ </td>
+ </tr>
+ <tr valign="top">
+ <th scope="row">Force SSL Administration</th>
+ <td>
+ <fieldset>
+ <label for="wordpress-https_ssl_admin">
+ <input name="wordpress-https_ssl_admin" type="checkbox" id="wordpress-https_ssl_admin" value="1"<?php echo (($this->ssl_admin) ? ' checked="checked"' : ''); ?><?php echo ((force_ssl_admin()) ? ' disabled="disabled" title="FORCE_SSL_ADMIN is true in wp-config.php"' : ''); ?> />
+ </label>
+ </fieldset>
+ </td>
+ </tr>
+
+<?php if ( get_option('show_on_front') == 'posts' ) { ?>
+ <tr valign="top">
+ <th scope="row">HTTPS Front Page</th>
+ <td>
+ <fieldset>
+ <label for="wordpress-https_frontpage">
+ <input name="wordpress-https_frontpage" type="checkbox" id="wordpress-https_frontpage" value="1"<?php echo ((get_option('wordpress-https_frontpage')) ? ' checked="checked"' : ''); ?> />
+ </label>
+ </fieldset>
+ </td>
+ </tr>
+
+<?php } ?>
+ </table>
+
+ <p class="button-controls">
+ <input type="submit" name="Submit" value="Save Changes" class="button-primary" id="settings-save" />
+ <input type="submit" name="Reset" value="Reset" class="button-secondary" id="settings-reset" />
+ <img alt="Waiting..." src="<?php echo parse_url($this->plugin_url, PHP_URL_PATH); ?>/css/images/wpspin_light.gif" class="waiting" id="submit-waiting" />
+ </p>
+ </form>
+ </div>
+ </div>
+
+ <div class="wphttps-tooltip-body" id="warnings-unsecure-external-content-tooltip">Unsecure External Content are URL's being loaded on secure pages that can not be loaded securely. It is recommended that you remove these elements by disabling or editing the plugin or theme that requires them.</div>
+
+<?php
+ }
+ } // End WordPressHTTPS Class
+}
+
+// Instantiate class if we're in WordPress
+if ( class_exists('WordPressHTTPS') && function_exists('get_bloginfo') ) {
+ $wordpress_https = new WordPressHTTPS();
+ register_activation_hook(__FILE__, array($wordpress_https, 'install'));
+}
Please sign in to comment.
Something went wrong with that request. Please try again.