Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Added secure URL filtering.

  • Loading branch information...
commit a2c88e532a701d4212af4e447c931a8acbac15f1 1 parent 9038271
@mvied authored
View
75 admin/css/settings.css
@@ -1,49 +1,52 @@
-#icon-options-https {
+.wphttps-message-wrap {
+ position: fixed;
+ bottom: 50%;
+ left: 50%;
+ margin-left: -25%;
+ width: 50%;
+ z-index: 10;
+ text-align: center;
+}
+.wphttps-message-wrap ul {
+ margin: 0;
+}
+
+#wphttps-main #icon-options-https {
background: url(images/admin-icon32.png) no-repeat;
}
-.meta-box-sortables {
+#wphttps-main .meta-box-sortables {
margin: 0 8px;
}
-#poststuff .column-primary {
+#wphttps-main #poststuff .column-primary {
width: 60%;
padding: 0;
}
-#poststuff .column-secondary {
+#wphttps-main #poststuff .column-secondary {
width: 40%;
float: right;
padding: 0;
}
-.wphttps-message-wrap {
- position: fixed;
- bottom: 50%;
- left: 50%;
- margin-left: -25%;
- width: 50%;
- z-index: 10;
- text-align: center;
-}
-
-#message {
+#wphttps-main #message {
margin: 15px 0 0 0;
}
-#message p {
+#wphttps-main #message p {
line-height: 100%;
}
-img.loading {
+#wphttps-main img.loading {
display: block;
position: absolute;
top: 7px;
right: 7px;
}
-img.waiting {
+#wphttps-main img.waiting {
display: none;
}
-img#submit-waiting {
+#wphttps-main img.submit-waiting {
vertical-align: middle;
margin-left: 5px;
}
@@ -53,44 +56,54 @@ img#submit-waiting {
margin: 5px auto 13px auto;
}
-#wordpress-https_settings input[type="text"] {
+#wphttps-main input[type="text"] {
margin: -5px 0 0 0;
}
-#wordpress-https_settings input[type="checkbox"] {
+#wphttps-main input[type="checkbox"] {
margin: 7px 0 0 0;
vertical-align: bottom;
}
-#wordpress-https_settings table tr td,
-#wordpress-https_settings table tr th {
+#wphttps-main table tr td,
+#wphttps-main table tr th {
line-height: 1em;
padding: 10px;
}
-#wordpress-https_settings table tr td {
+#wphttps-main table tr td {
padding: 2px 0 0 0;
}
-#wordpress-https_settings table tr td:first-child {
+#wphttps-main table tr td:first-child {
padding-top: 0;
}
-#wordpress-https_settings table th {
+#wphttps-main table th {
width: 140px;
line-height: 32px;
padding: 0;
}
-#wordpress-https_settings label.label-radio {
+#wphttps-main label.label-radio {
display: block;
margin-top: 5px;
}
-#wordpress-https_settings #settings-reset {
+#wphttps-main #settings-reset,
+#wphttps-main #filters-reset {
float: left;
margin-right: 10px;
}
-#wordpress-https_settings #ssl_port_label {
+#wphttps-main #ssl_port_label {
display: inline-block;
padding-top: 10px;
}
-#wordpress-https_settings #ssl_host {
+#wphttps-main #ssl_host {
width: 70%;
}
-#exclusive_https_row label {
+#wphttps-main #exclusive_https_row label {
padding-top: 5px;
+}
+
+#wphttps-main #admin_menu_row label {
+ display: inline;
+}
+
+#wphttps-main #secure_filter_row textarea {
+ width: 80%;
+ height: 80px;
}
View
44 admin/templates/metabox/filters.php
@@ -0,0 +1,44 @@
+<form name="<?php echo $this->getPlugin()->getSlug(); ?>_filters_form" id="<?php echo $this->getPlugin()->getSlug(); ?>_filters_form" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
+<?php settings_fields($this->getPlugin()->getSlug()); ?>
+
+<table class="form-table">
+ <tr valign="top" id="secure_filter_row">
+ <th scope="row">
+ Secure Filters
+ <p class="description">On each line, specify the segment of a URL that you want to be secure.</p>
+ <p class="description">Example: If you have an E-commerce shop and all of the URL's begin with /store/, you could secure all store links by entering '/store/' on one line.</p>
+ </th>
+ <td>
+ <textarea name="secure_filter" id="secure_filter"><?php echo implode("\n", $this->getPlugin()->getSetting('secure_filter')); ?></textarea>
+ </td>
+ </tr>
+</table>
+
+<input type="hidden" name="action" value="save" />
+
+<p class="button-controls">
+ <input type="submit" name="filters-save" value="Save Changes" class="button-primary" id="filters-save" />
+ <input type="submit" name="filters-reset" value="Reset" class="button-secondary" id="filters-reset" />
+ <img alt="Waiting..." src="<?php echo admin_url('/images/wpspin_light.gif'); ?>" class="waiting submit-waiting" />
+</p>
+</form>
+<script type="text/javascript">
+jQuery(document).ready(function($) {
+ $('#<?php echo $this->getPlugin()->getSlug(); ?>_filters_form').submit(function() {
+ $('#<?php echo $this->getPlugin()->getSlug(); ?>_filters_form .submit-waiting').show();
+ }).ajaxForm({
+ data: { ajax: '1'},
+ success: function(responseText, textStatus, XMLHttpRequest) {
+ $('#<?php echo $this->getPlugin()->getSlug(); ?>_filters_form .submit-waiting').hide();
+ $('#message-body').html(responseText).fadeOut(0).fadeIn().delay(5000).fadeOut();
+ }
+ });
+
+ $('#filters-reset').click(function(e, el) {
+ if ( ! confirm('Are you sure you want to reset all WordPress HTTPS filters?') ) {
+ e.preventDefault();
+ return false;
+ }
+ });
+});
+</script>
View
24 admin/templates/metabox/settings.php
@@ -7,7 +7,7 @@
}
$ssl_host = rtrim($ssl_host, '/');
?>
-<form name="form" id="<?php echo $this->getPlugin()->getSlug(); ?>" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
+<form name="<?php echo $this->getPlugin()->getSlug(); ?>_settings_form" id="<?php echo $this->getPlugin()->getSlug(); ?>_settings_form" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
<?php settings_fields($this->getPlugin()->getSlug()); ?>
<table class="form-table">
@@ -86,9 +86,11 @@
<th scope="row">Admin Menu Location</th>
<td>
<fieldset>
- <label for="admin_menu" class="label-radio">
- <input type="radio" name="admin_menu" value="side"<?php echo (($this->getPlugin()->getSetting('admin_menu') === 'side') ? ' checked="checked"' : ''); ?>> <span>Admin Sidebar</span>
- <input type="radio" name="admin_menu" value="settings"<?php echo (($this->getPlugin()->getSetting('admin_menu') === 'settings') ? ' checked="checked"' : ''); ?>> <span>General Settings</span>
+ <label for="admin_menu_side" class="label-radio">
+ <input type="radio" name="admin_menu" id="admin_menu_side" value="side"<?php echo (($this->getPlugin()->getSetting('admin_menu') === 'side') ? ' checked="checked"' : ''); ?>> <span>Admin Sidebar</span>
+ </label>
+ <label for="admin_menu_settings" class="label-radio">
+ <input type="radio" name="admin_menu" id="admin_menu_settings" value="settings"<?php echo (($this->getPlugin()->getSetting('admin_menu') === 'settings') ? ' checked="checked"' : ''); ?>> <span>General Settings</span>
</label>
</fieldset>
</td>
@@ -100,23 +102,23 @@
<input type="hidden" name="ssl_host_diff" value="<?php echo (($this->getPlugin()->getSetting('ssl_host_diff') != 1) ? 0 : 1); ?>" />
<p class="button-controls">
- <input type="submit" name="Submit" value="Save Changes" class="button-primary" id="settings-save" />
- <input type="submit" name="Reset" value="Reset" class="button-secondary" id="settings-reset" />
- <img alt="Waiting..." src="<?php echo admin_url('/images/wpspin_light.gif'); ?>" class="waiting" id="submit-waiting" />
+ <input type="submit" name="settings-save" value="Save Changes" class="button-primary" id="settings-save" />
+ <input type="submit" name="settings-reset" value="Reset" class="button-secondary" id="settings-reset" />
+ <img alt="Waiting..." src="<?php echo admin_url('/images/wpspin_light.gif'); ?>" class="waiting submit-waiting" />
</p>
</form>
<script type="text/javascript">
jQuery(document).ready(function($) {
- $('#<?php echo $this->getPlugin()->getSlug(); ?>').submit(function() {
- $('#submit-waiting').show();
+ $('#<?php echo $this->getPlugin()->getSlug(); ?>_settings_form').submit(function() {
+ $('#<?php echo $this->getPlugin()->getSlug(); ?>_settings_form .submit-waiting').show();
}).ajaxForm({
data: { ajax: '1'},
success: function(responseText, textStatus, XMLHttpRequest) {
- $('#submit-waiting').hide();
+ $('#<?php echo $this->getPlugin()->getSlug(); ?>_settings_form .submit-waiting').hide();
$('#message-body').html(responseText).fadeOut(0).fadeIn().delay(5000).fadeOut();
}
});
-
+
$('#settings-reset').click(function(e, el) {
if ( ! confirm('Are you sure you want to reset all WordPress HTTPS settings?') ) {
e.preventDefault();
View
1  lib/WordPressHTTPS.php
@@ -43,6 +43,7 @@ class WordPressHTTPS extends Mvied_Plugin {
'ssl_proxy' => 0, // Proxy detection
'debug' => 0, // Debug Mode
'admin_menu' => 'side', // HTTPS Admin Menu location
+ 'secure_filter' => array(), // Array of expressions to secure URL's against
);
/**
View
17 lib/WordPressHTTPS/Module/Admin/Settings.php
@@ -48,6 +48,15 @@ public function add_meta_boxes() {
array( 'metabox' => 'settings' )
);
add_meta_box(
+ $this->getPlugin()->getSlug() . '_filters',
+ __( 'URL Filters', $this->getPlugin()->getSlug() ),
+ array($this->getPlugin()->getModule('Admin'), 'meta_box_render'),
+ 'toplevel_page_' . $this->getPlugin()->getSlug(),
+ 'main',
+ 'core',
+ array( 'metabox' => 'filters' )
+ );
+ add_meta_box(
$this->getPlugin()->getSlug() . '_updates',
__( 'Developer Updates', $this->getPlugin()->getSlug() ),
array($this->getPlugin()->getModule('Admin'), 'meta_box_render'),
@@ -145,13 +154,17 @@ public function save() {
$errors = array();
$reload = false;
$logout = false;
- if ( @$_POST['Reset'] ) {
+ if ( isset($_POST['settings-reset']) ) {
foreach ($this->getPlugin()->getSettings() as $key => $default) {
$this->getPlugin()->setSetting($key, $default);
}
$this->getPlugin()->install();
$reload = true;
- } else {
+ } else if ( isset($_POST['filters-save']) ) {
+ $filters = array_map('trim', explode("\n", $_POST['secure_filter']));
+ $filters = array_filter($filters); // Removes blank array items
+ $this->getPlugin()->setSetting('secure_filter', $filters);
+ } else if ( isset($_POST['settings-save']) ) {
foreach ($this->getPlugin()->getSettings() as $key => $default) {
if ( !array_key_exists($key, $_POST) && $default == 0 ) {
$_POST[$key] = 0;
View
9 lib/WordPressHTTPS/Module/Filters.php
@@ -160,6 +160,15 @@ public function secure_post( $force_ssl, $post_id = 0, $url = '' ) {
}
}
+ // Check secure filters
+ if ( sizeof($this->getPlugin()->getSetting('secure_filter')) > 0 ) {
+ foreach( $this->getPlugin()->getSetting('secure_filter') as $filter ) {
+ if ( strpos($url, $filter) !== false ) {
+ $force_ssl = true;
+ }
+ }
+ }
+
if ( $this->getPlugin()->isUrlLocal($url) && preg_match("/page_id=([\d]+)/", parse_url($url, PHP_URL_QUERY), $postID) ) {
$post = $postID[1];
} else if ( $this->getPlugin()->isUrlLocal($url) && ( $url_parts['path'] == '' || $url_parts['path'] == '/' ) ) {
View
1  readme.txt
@@ -79,6 +79,7 @@ add_filter('force_ssl', 'store_force_ssl', 10, 3);`
== Changelog ==
= 3.1 =
* Memory optimization.
+* Added secure URL filtering.
* Users receiving 404 errors on every page when using Shared SSL should now be able to use those Shared SSL's that previously did not work.
* Added support for qTranslate.
* Added support for securing custom post types.
Please sign in to comment.
Something went wrong with that request. Please try again.