From e8f5d7da007ef083fb6ef94cbac9772f2a18f1e2 Mon Sep 17 00:00:00 2001 From: Jonathan Desrosiers Date: Mon, 21 Jul 2014 09:58:08 -0400 Subject: [PATCH 1/4] Fixing PHP notice caused by new $wpdb::prepare call requirements set in WordPress 3.9. --- lib/WordPressHTTPS.php | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/lib/WordPressHTTPS.php b/lib/WordPressHTTPS.php index 259b9af..35892d5 100644 --- a/lib/WordPressHTTPS.php +++ b/lib/WordPressHTTPS.php @@ -1,4 +1,4 @@ - default_value * * @var multitype:multitype @@ -61,7 +61,7 @@ class WordPressHTTPS extends Mvied_Plugin_Modular { /** * File extensions to be loaded securely. * File type => Array of extensions - * + * * @var multitype:multitype */ protected $_file_extensions = array( @@ -125,7 +125,7 @@ class WordPressHTTPS extends Mvied_Plugin_Modular { /** * Get File Extensions to Secure - * + * * @param none * @return array */ @@ -135,7 +135,7 @@ public function getFileExtensions() { /** * Get HTTP Url - * + * * @param none * @return Mvied_Url */ @@ -148,7 +148,7 @@ public function getHttpUrl() { /** * Get HTTPS Url - * + * * @param none * @return Mvied_Url */ @@ -183,7 +183,7 @@ public function getHttpsUrl() { /** * Get domains local to the WordPress installation. - * + * * @param none * @return array $hosts Array of domains local to the WordPress installation. */ @@ -195,8 +195,8 @@ public function getLocalDomains() { ); if ( is_multisite() && is_subdomain_install() ) { - $multisite_hosts = $wpdb->get_col($wpdb->prepare("SELECT domain FROM " . $wpdb->blogs, NULL)); - $hosts = array_merge($hosts, $multisite_hosts); + $multisite_hosts = $wpdb->get_col( "SELECT domain FROM $wpdb->blogs" ); + $hosts = array_merge( $hosts, $multisite_hosts ); } if ( function_exists('domain_mapping_siteurl') ) { @@ -230,7 +230,7 @@ public function init() { /** * Install - * + * * @param none * @return void */ @@ -311,7 +311,7 @@ public function install() { $this->setSetting('unsecure_external_urls', $this->_settings['unsecure_external_urls'], $blog_id); $this->setSetting('path_cache', $this->_settings['path_cache'], $blog_id); $this->setSetting('blog_cache', $this->_settings['blog_cache'], $blog_id); - + // Set default URL Mapping if ( $this->getSetting('ssl_host_mapping', $blog_id) == array() ) { $this->setSetting('ssl_host_mapping', WordPressHTTPS::$ssl_host_mapping, $blog_id); @@ -334,7 +334,7 @@ public function install() { /** * Is Local URL - * + * * Determines if URL is local or external * * @param string $url @@ -533,7 +533,7 @@ public function isSsl() { } return apply_filters('is_ssl', $is_ssl); } - + /** * Maintained for backwards compatibility. * @@ -605,7 +605,7 @@ public function getDirectories() { $scannedDirectories[$directory]['name'] = $directory; if ( is_readable($directory) && ($files = scandir($directory)) ) { $scannedDirectories[$directory]['files'] = $files; - unset($files); + unset($files); } else { $scannedDirectories[$directory]['error'] = "Unable to read directory."; } From 3d40540b238512cc40a575070b2d473c9ea30ff7 Mon Sep 17 00:00:00 2001 From: Jonathan Desrosiers Date: Mon, 25 Aug 2014 12:11:40 -0400 Subject: [PATCH 2/4] Multisite performance is very poor. This change set adds a setting for hosts, and caches the array of hosts after it runs the first time. Actual code changes are at line 49, and lines 136-153. --- lib/WordPressHTTPS.php | 1119 ++++++++++++++++++---------------------- 1 file changed, 504 insertions(+), 615 deletions(-) diff --git a/lib/WordPressHTTPS.php b/lib/WordPressHTTPS.php index 35892d5..eb42012 100644 --- a/lib/WordPressHTTPS.php +++ b/lib/WordPressHTTPS.php @@ -1,616 +1,505 @@ - default_value - * - * @var multitype:multitype - */ - protected $_settings = array( - 'ssl_host' => '', // Hostname for SSL Host - 'secure_external_urls' => array(), // Secure external URL's - 'unsecure_external_urls' => array(), // Unsecure external URL's - 'ssl_host_diff' => 0, // Is SSL Host different than WordPress host - 'ssl_host_subdomain' => 0, // Is SSL Host a subdomain of WordPress host - 'exclusive_https' => 0, // Redirect pages that are not secured to HTTP - 'remove_unsecure' => 0, // Remove unsecure elements from HTML - 'ssl_admin' => 0, // Force SSL Over Administration Panel (The same as FORCE_SSL_ADMIN) - 'ssl_proxy' => 0, // Proxy detection - 'debug' => 0, // Debug Mode - 'admin_menu' => 'side', // HTTPS Admin Menu location - 'secure_filter' => array(), // Expressions to secure URL's against - 'unsecure_filter' => array(), // Expressions to unsecure URL's against - 'ssl_host_mapping' => array(), // External SSL Hosts whose HTTPS content is on another domain - 'network_defaults' => array(), // Default settings for new blogs on a multisite network - 'path_cache' => array(), // Cache of URL paths to Post IDs - 'blog_cache' => array(), // Cache of URL paths to Blog IDs - 'version' => '', // Version of the plugin this blog has installed - ); - - /** - * File extensions to be loaded securely. - * File type => Array of extensions - * - * @var multitype:multitype - */ - protected $_file_extensions = array( - 'script' => array( - 'js' - ), - 'img' => array( - 'jpg', - 'jpeg', - 'png', - 'gif' - ), - 'style' => array( - 'css' - ), - 'font' => array( - 'ttf', - 'otf' - ) - ); - - /** - * Default External SSL Host Mapping - * @var multitype:multitype - */ - public static $ssl_host_mapping = array( - array( - array( - 'scheme' => 'http', - 'host' => 'w.sharethis.com' - ),array( - 'scheme' => 'https', - 'host' => 'ws.sharethis.com' - ) - ),array( - array( - 'scheme' => 'https', - 'host' => 'ws.sharethis.com' - ),array( - 'scheme' => 'http', - 'host' => 'w.sharethis.com' - ) - ),array( - array( - 'scheme' => 'http', - 'host' => '\d.gravatar.com' - ),array( - 'scheme' => 'https', - 'host' => 'secure.gravatar.com' - ) - ),array( - array( - 'scheme' => 'https', - 'host' => 'secure.gravatar.com' - ),array( - 'scheme' => 'http', - 'host' => '0.gravatar.com' - ) - ) - ); - - /** - * Get File Extensions to Secure - * - * @param none - * @return array - */ - public function getFileExtensions() { - return $this->_file_extensions; - } - - /** - * Get HTTP Url - * - * @param none - * @return Mvied_Url - */ - public function getHttpUrl() { - if ( !isset($this->_http_url) ) { - $this->_http_url = Mvied_Url::fromString('http://' . parse_url(get_bloginfo('template_url'), PHP_URL_HOST) . parse_url(home_url('/'), PHP_URL_PATH)); - } - return $this->_http_url; - } - - /** - * Get HTTPS Url - * - * @param none - * @return Mvied_Url - */ - public function getHttpsUrl() { - if ( !isset($this->_https_url) ) { - $this->_https_url = clone $this->getHttpUrl(); - $this->_https_url->setScheme('https'); - - if ( is_string($this->getSetting('ssl_host')) && $this->getSetting('ssl_host') != '' ) { - $ssl_host = rtrim($this->getSetting('ssl_host'), '/') . '/'; - // If using a different host for SSL - if ( $ssl_host != $this->_https_url->toString() ) { - // Assign HTTPS URL to SSL Host - $this->setSetting('ssl_host_diff', 1); - if ( strpos($ssl_host, 'http://') === false && strpos($ssl_host, 'https://') === false ) { - $ssl_host = 'https://' . $ssl_host; - } - $this->_https_url = Mvied_Url::fromString( $ssl_host ); - } else { - $this->setSetting('ssl_host_diff', 0); - } - } - - // Prepend SSL Host path - if ( strpos($this->_https_url->getPath(), $this->getHttpUrl()->getPath()) === false ) { - $this->_https_url->setPath( $this->_https_url->getPath() . $this->getHttpUrl()->getPath() ); - } - } - - return $this->_https_url; - } - - /** - * Get domains local to the WordPress installation. - * - * @param none - * @return array $hosts Array of domains local to the WordPress installation. - */ - public function getLocalDomains() { - global $wpdb; - $hosts = array( - $this->getHttpUrl()->getHost(), - $this->getHttpsUrl()->getHost() - ); - - if ( is_multisite() && is_subdomain_install() ) { - $multisite_hosts = $wpdb->get_col( "SELECT domain FROM $wpdb->blogs" ); - $hosts = array_merge( $hosts, $multisite_hosts ); - } - - if ( function_exists('domain_mapping_siteurl') ) { - if ( $mapped_host = parse_url(domain_mapping_siteurl(false), PHP_URL_HOST) ) { - $hosts[] = $mapped_host; - } - } - - return $hosts; - } - - /** - * Initialize - * - * @param none - * @return void - */ - public function init() { - $this->getLogger()->log('WordPress HTTPS: ' . $this->getVersion()); - $this->getLogger()->log('HTTP URL: ' . $this->getHttpUrl()->toString()); - $this->getLogger()->log('HTTPS URL: ' . $this->getHttpsUrl()->toString()); - $this->getLogger()->log('SSL: ' . ( $this->isSsl() ? 'Yes' : 'No' )); - $this->getLogger()->log('Diff Host: ' . ( $this->getSetting('ssl_host_diff') ? 'Yes' : 'No' )); - $this->getLogger()->log('Subdomain: ' . ( $this->getSetting('ssl_host_subdomain') ? 'Yes' : 'No' )); - $this->getLogger()->log('Proxy: ' . ( $this->getSetting('ssl_proxy') === 'auto' ? 'Auto' : ( $this->getSetting('ssl_proxy') ? 'Yes' : 'No' ) )); - $this->getLogger()->log('Secure External URLs: [ ' . implode(', ', (array)$this->getSetting('secure_external_urls')) . ' ]'); - $this->getLogger()->log('Unsecure External URLs: [ ' . implode(', ', (array)$this->getSetting('unsecure_external_urls')) . ' ]'); - - parent::init(); - } - - /** - * Install - * - * @param none - * @return void - */ - public function install() { - global $wpdb; - - if ( is_multisite() && is_network_admin() ) { - $blogs = $wpdb->get_col($wpdb->prepare("SELECT blog_id FROM " . $wpdb->blogs, NULL)); - } else { - $blogs = array($wpdb->blogid); - } - - $defaults = $this->getSetting('network_defaults'); - foreach ( $blogs as $blog_id ) { - if ( version_compare($this->getSetting('version', $blog_id), $this->getVersion(), '<') ) { - if ( $this->getSetting('version', $blog_id) == '' ) { - // Add Settings - foreach ( $this->getSettings() as $option => $value ) { - if ( is_multisite() ) { - if ( add_blog_option($blog_id, $option, $value) && isset($defaults[$option]) && $defaults[$option] != '' ) { - if ( $option == 'ssl_host' && strpos($value, 'https://') !== 0 ) { - $value = 'https://' . rtrim($defaults[$option], '/') . '/'; - } else { - $value = $defaults[$option]; - } - $this->setSetting($option, $value, $blog_id); - } - } else { - add_option($option, $value); - } - } - } - - // Fix a bug that saved the ssl_host as an object - if ( ! is_string($this->getSetting('ssl_host', $blog_id)) ) { - $this->setSetting('ssl_host', $this->_settings['ssl_host'], $blog_id); - $this->setSetting('ssl_host_diff', $this->_settings['ssl_host_diff'], $blog_id); - $this->setSetting('ssl_host_subdomain', $this->_settings['ssl_host_subdomain'], $blog_id); - } - - // Remove old ssl_port setting and append to HTTPS URL - if ( (int)$this->getSetting('ssl_port', $blog_id) > 0 ) { - if ( $this->getSetting('ssl_port', $blog_id) != 443 ) { - $ssl_host = Mvied_Url::fromString( $this->getSetting('ssl_host', $blog_id) ); - $ssl_host->setPort($this->getSetting('ssl_port', $blog_id)); - $this->setSetting('ssl_host', $ssl_host->toString(), $blog_id); - } - $this->setSetting('ssl_port', null, $blog_id); - } - - // If secure front page option exists, create front page filter - if ( $this->getSetting('frontpage', $blog_id) ) { - $this->setSetting('secure_filter', array_merge($this->getSetting('secure_filter'), array(rtrim(str_replace('http://', '', $this->getHttpUrl()->toString()), '/') . '/$'))); - $this->setSetting('frontpage', 0, $blog_id); - } - - // Reformat ssl_host_mapping - $ssl_host_mapping = $this->getSetting('ssl_host_mapping', $blog_id); - if ( $ssl_host_mapping != array() && !is_array($ssl_host_mapping[0]) ) { - $mappings = array(); - foreach( $ssl_host_mapping as $http_host => $https_host ) { - $mappings[] = array( - array( - 'scheme' => 'http', - 'host' => $http_host - ), - array( - 'scheme' => 'https', - 'host' => $https_host - ) - ); - } - $this->setSetting('ssl_host_mapping', $mappings, $blog_id); - } - - // Reset cache - $this->setSetting('secure_external_urls', $this->_settings['secure_external_urls'], $blog_id); - $this->setSetting('unsecure_external_urls', $this->_settings['unsecure_external_urls'], $blog_id); - $this->setSetting('path_cache', $this->_settings['path_cache'], $blog_id); - $this->setSetting('blog_cache', $this->_settings['blog_cache'], $blog_id); - - // Set default URL Mapping - if ( $this->getSetting('ssl_host_mapping', $blog_id) == array() ) { - $this->setSetting('ssl_host_mapping', WordPressHTTPS::$ssl_host_mapping, $blog_id); - } - } - - $this->setSetting('version', $this->getVersion(), $blog_id); - } - - $is_subdomain = $this->getHttpsUrl()->isSubdomain($this->getHttpUrl()); - foreach ( $blogs as $blog_id ) { - $this->setSetting('ssl_host_subdomain', $is_subdomain, $blog_id); - } - - // Check for deprecated modules - if ( file_exists( $this->getModuleDirectory() . '/DomainMapping.php') ) { - @unlink($this->getModuleDirectory() . '/DomainMapping.php'); - } - } - - /** - * Is Local URL - * - * Determines if URL is local or external - * - * @param string $url - * @return boolean - */ - public function isUrlLocal($url) { - if (array_key_exists($url, $this->_local_url_cache)) - return $this->_local_url_cache[$url]; - $hosts = $this->getLocalDomains(); - if ( ($url_parts = @parse_url($url)) && isset($url_parts['host']) && !in_array($url_parts['host'], $hosts) ) { - $this->_local_url_cache[$url] = false; - return false; - } - $this->_local_url_cache[$url] = true; - return true; - } - - /** - * Replaces HTTP Host with HTTPS Host - * - * @param string $string - * @return string $string - */ - public function makeUrlHttps( $string ) { - if ( (string)$string == '' ) { - return false; - } - - // If relative, prepend appropriate path - if ( strpos($string, '/') === 0 ) { - if ( $this->getSetting('ssl_host_diff') && strpos($string, $this->getHttpsUrl()->getPath()) === false ) { - if ( $this->getHttpUrl()->getPath() == '/' ) { - $string = rtrim($this->getHttpsUrl()->getPath(), '/') . $string; - } else { - $string = str_replace($this->getHttpUrl()->getPath(), $this->getHttpsUrl()->getPath(), $string); - } - } - } else if ( $url = Mvied_Url::fromString( $string ) ) { - if ( $this->isUrlLocal($string) ) { - if ( $url->getScheme() == 'http' || ( $url->getScheme() == 'https' && $this->getSetting('ssl_host_diff') ) ) { - $has_host = ( $this->getHttpUrl()->getHost() == $this->getHttpsUrl()->getHost() ) || strpos($url, $this->getHttpsUrl()->getHost()) !== false; - $has_path = ( $this->getHttpUrl()->getPath() == $this->getHttpsUrl()->getPath() ) || strpos($url, $this->getHttpsUrl()->getPath()) !== false; - $has_port = ( (int)$this->getHttpsUrl()->getPort() > 0 ? strpos($url, ':' . $this->getHttpsUrl()->getPort()) !== false : true ); - if ( $url->getScheme() == 'http' || !$has_host || !$has_path || !$has_port ) { - $updated = Mvied_Url::fromString( apply_filters('https_internal_url', $url->toString()) ); - $updated->setScheme('https'); - $updated->setHost($this->getHttpsUrl()->getHost()); - $updated->setPort($this->getHttpsUrl()->getPort()); - if ( $this->getSetting('ssl_host_diff') && strpos($updated->getPath(), $this->getHttpsUrl()->getPath()) === false ) { - if ( $this->getHttpUrl()->getPath() == '/' ) { - $updated->setPath(rtrim($this->getHttpsUrl()->getPath(), '/') . $updated->getPath()); - } else if ( strpos($updated->getPath(), $this->getHttpUrl()->getPath()) !== false ) { - $updated->setPath(str_replace($this->getHttpUrl()->getPath(), $this->getHttpsUrl()->getPath(), $updated->getPath())); - } else if ( strpos($updated->getPath(), rtrim($this->getHttpUrl()->getPath(), '/')) !== false ) { - $updated->setPath(str_replace(rtrim($this->getHttpUrl()->getPath(), '/'), $this->getHttpsUrl()->getPath(), $updated->getPath())); - } - } - foreach( $this->getLocalDomains() as $domain ) { - $updated->setHost($domain); - $string = str_replace($url, $updated, $string); - } - if ( ( ( $this->isSsl() && !$this->getSetting('exclusive_https') ) || ( defined('FORCE_SSL_ADMIN') && constant('FORCE_SSL_ADMIN') ) || $this->getSetting('ssl_admin') ) && strpos($url, 'wp-admin') !== false && preg_match('/redirect_to=([^&]+)/i', $updated->toString(), $redirect) && isset($redirect[1]) ) { - $redirect_url = $redirect[1]; - $string = str_replace($redirect_url, urlencode($this->makeUrlHttps(urldecode($redirect_url))), $updated->toString()); - } - } - } - } else { - $updated = Mvied_Url::fromString( apply_filters('https_external_url', $url->toString()) ); - $updated->setPort(null); - if ( @in_array($updated->toString(), $this->getSetting('secure_external_urls')) == false && @in_array($updated->toString(), $this->getSetting('unsecure_external_urls')) == false ) { - $test = clone $updated; - $test->setScheme('https'); - if ( $test->isValid() ) { - // Cache this URL as available over HTTPS for future reference - $this->addSecureExternalUrl($updated->toString()); - $updated->setScheme('https'); - } else { - // If not available over HTTPS, mark as an unsecure external URL - $this->addUnsecureExternalUrl($updated->toString()); - } - } else if ( in_array($updated->toString(), $this->getSetting('secure_external_urls')) ) { - $updated->setScheme('https'); - } - if ( $url->toString() != $updated->toString() ) { - $string = str_replace($url, $updated, $string); - } - } - unset($test); - unset($updated); - unset($url); - } - return $string; - } - - /** - * Replaces HTTPS Host with HTTP Host - * - * @param string $string - * @return string $string - */ - public function makeUrlHttp( $string ) { - if ( (string)$string == '' ) { - return false; - } - - // If relative - if ( strpos($string, '/') === 0 ) { - if ( $this->getSetting('ssl_host_diff') && strpos($string, $this->getHttpsUrl()->getPath()) !== false ) { - $string = str_replace($this->getHttpsUrl()->getPath(), $this->getHttpUrl()->getPath(), $string); - } - } else if ( $url = Mvied_Url::fromString( $string ) ) { - if ( $this->isUrlLocal($string) ) { - if ( $url->getScheme() == 'https' ) { - $updated = Mvied_Url::fromString(apply_filters('http_internal_url', $url->toString())); - $updated->setScheme('http'); - $updated->setHost($this->getHttpUrl()->getHost()); - $updated->setPort($this->getHttpUrl()->getPort()); - if ( $this->getSetting('ssl_host_diff') && strpos($updated->getPath(), $this->getHttpsUrl()->getPath()) !== false ) { - $updated->setPath(str_replace($this->getHttpsUrl()->getPath(), $this->getHttpUrl()->getPath(), $updated->getPath())); - } - if ( strpos($url, 'wp-admin') !== false && preg_match('/redirect_to=([^&]+)/i', $url, $redirect) && isset($redirect[1]) ) { - $redirect_url = $redirect[1]; - $url = str_replace($redirect_url, urlencode($this->makeUrlHttp(urldecode($redirect_url))), $url); - } - $string = str_replace($url, $updated, $string); - } - } else { - $updated = Mvied_Url::fromString( apply_filters('http_external_url', $url->toString()) ); - $updated->setScheme('http'); - $string = str_replace($url, $updated, $string); - } - } - unset($updated); - unset($url); - return $string; - } - - /** - * Add Secure External URL - * - * @param string $value - * @return $this - */ - public function addSecureExternalUrl( $value ) { - if ( trim($value) == '' ) { - return $this; - } - - $secure_external_urls = (array) $this->getSetting('secure_external_urls'); - array_push($secure_external_urls, (string) $value); - $this->setSetting('secure_external_urls', $secure_external_urls); - - return $this; - } - - /** - * Add Unsecure External URL - * - * @param string $value - * @return $this - */ - public function addUnsecureExternalUrl( $value ) { - if ( trim($value) == '' ) { - return $this; - } - - $unsecure_external_urls = (array) $this->getSetting('unsecure_external_urls'); - array_push($unsecure_external_urls, (string) $value); - $this->setSetting('unsecure_external_urls', $unsecure_external_urls); - - return $this; - } - - /** - * Checks if the current page is SSL - * - * @param none - * @return bool - */ - public function isSsl() { - $is_ssl = is_ssl(); - // Some extra checks for Shared SSL - if ( $is_ssl && strpos($_SERVER['HTTP_HOST'], $this->getHttpsUrl()->getHost()) === false && $_SERVER['SERVER_ADDR'] != $_SERVER['HTTP_HOST'] ) { - $is_ssl = false; - } else if ( isset($_SERVER['HTTP_CF_VISITOR']) && strpos($_SERVER['HTTP_CF_VISITOR'], 'https') ) { - $is_ssl = true; - } else if ( isset($_SERVER['HTTP_X_FORWARDED_SSL']) && ( strtolower($_SERVER['HTTP_X_FORWARDED_SSL']) == 'on' || $_SERVER['HTTP_X_FORWARDED_SSL'] == 1 ) ) { - $is_ssl = true; - } else if ( isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https' ) { - $is_ssl = true; - } else if ( $this->getSetting('ssl_host_diff') && !$is_ssl && isset($_SERVER['HTTP_X_FORWARDED_SERVER']) && $this->getHttpsUrl()->getHost() == $_SERVER['HTTP_X_FORWARDED_SERVER'] ) { - $is_ssl = true; - } else if ( $this->getSetting('ssl_host_diff') && !$is_ssl && $this->getHttpsUrl()->getHost() == $_SERVER['HTTP_HOST'] && ( $this->getHttpsUrl()->getPort() <= 0 || $_SERVER['SERVER_PORT'] == $this->getHttpsUrl()->getPort() ) && strpos($_SERVER['REQUEST_URI'], $this->getHttpsUrl()->getPath()) !== false ) { - $is_ssl = true; - } - return apply_filters('is_ssl', $is_ssl); - } - - /** - * Maintained for backwards compatibility. - * - * @param none - * @return bool - */ - public function is_ssl() { - return $this->isSsl(); - } - - /** - * Redirects page to HTTP or HTTPS accordingly - * - * @param string $scheme Either http or https - * @return void - */ - public function redirect( $scheme = 'https' ) { - if ( isset($_SERVER['REDIRECT_URL']) && strpos($_SERVER['REDIRECT_URL'], 'index.php') === false ) { - $current_path = $_SERVER['REDIRECT_URL']; - if ( strpos($_SERVER['REQUEST_URI'], '?') !== false && strpos($_SERVER['REDIRECT_URL'], '?') === false ) { - $current_path .= substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], '?')); - } - } else { - $current_path = $_SERVER['REQUEST_URI']; - } - - $current_url = ( $this->isSsl() ? 'https' : 'http' ) . '://' . ( isset($_SERVER['HTTP_X_FORWARDED_SERVER']) ? $_SERVER['HTTP_X_FORWARDED_SERVER'] : $_SERVER['HTTP_HOST'] ) . $current_path; - if ( $scheme == 'https' ) { - $url = $this->makeUrlHttps($current_url); - } else { - $url = $this->makeUrlHttp($current_url); - } - - if ( $current_url != $url ) { - // Use a cookie to detect redirect loops - $redirect_count = ( isset($_COOKIE['redirect_count']) && is_numeric($_COOKIE['redirect_count']) ? (int)$_COOKIE['redirect_count']+1 : 1 ); - setcookie('redirect_count', $redirect_count, 0, '/'); - // If redirect count is greater than 2, prevent redirect and log the redirect loop - if ( $redirect_count > 2 ) { - setcookie('redirect_count', null, -time(), '/'); - $this->getLogger()->log('[ERROR] Redirect Loop!'); - return; - } - - // Redirect - if ( function_exists('wp_redirect') ) { - wp_redirect($url, 301); - } else { - // End all output buffering and redirect - while(@ob_end_clean()); - header("Location: " . $url, true, 301); - } - exit(); - } - } - - /** - * Get relevent files and directories within WordPress - * - * @param none - * @return void - */ - public function getDirectories() { - $directories = array(); - $scannedDirectories = array(); - $directories[] = get_theme_root() . '/' . get_template(); - - foreach( $directories as $directory ) { - $scannedDirectories[$directory]['name'] = $directory; - if ( is_readable($directory) && ($files = scandir($directory)) ) { - $scannedDirectories[$directory]['files'] = $files; - unset($files); - } else { - $scannedDirectories[$directory]['error'] = "Unable to read directory."; - } - } - return $scannedDirectories; - } - + default_value + * + * @var array + */ + protected $_settings = array( + 'ssl_host' => '', // Hostname for SSL Host + 'ssl_port' => '', // Port number for SSL Host + 'secure_external_urls' => array(), // Secure external URL's + 'unsecure_external_urls' => array(), // Unsecure external URL's + 'ssl_host_diff' => 0, // Is SSL Host different than WordPress host + 'ssl_host_subdomain' => 0, // Is SSL Host a subdomain of WordPress host + 'exclusive_https' => 0, // Redirect pages that are not secured to HTTP + 'remove_unsecure' => 0, // Remove unsecure elements from HTML + 'ssl_admin' => 0, // Force SSL Over Administration Panel (The same as FORCE_SSL_ADMIN) + 'ssl_proxy' => 0, // Proxy detection + 'debug' => 0, // Debug Mode + 'admin_menu' => 'side', // HTTPS Admin Menu location + 'secure_filter' => array(), // Expressions to secure URL's against + 'ssl_host_mapping' => array(), // External SSL Hosts whose HTTPS content is on another domain + 'network_defaults' => array(), // Default settings for new blogs on a multisite network + 'hosts' => array(), + ); + + /** + * File extensions to be loaded securely. + * + * @var array + */ + protected $_file_extensions = array( 'jpg', 'jpeg', 'png', 'gif', 'css', 'js' ); + + /** + * Default External SSL Host Mapping + * @var array + */ + public static $ssl_host_mapping = array( + 'w.sharethis.com' => 'ws.sharethis.com', + '\d.gravatar.com' => 'secure.gravatar.com', + ); + + /** + * Get File Extensions to Secure + * + * @param none + * @return array + */ + public function getFileExtensions() { + return $this->_file_extensions; + } + + /** + * Get HTTP Url + * + * @param none + * @return WordPressHTTPS_Url + */ + public function getHttpUrl() { + if ( ! isset( $this->_http_url ) ) { + $this->_http_url = WordPressHTTPS_Url::fromString('http://' . parse_url(get_bloginfo('template_url'), PHP_URL_HOST) . parse_url(home_url('/'), PHP_URL_PATH)); + } + return $this->_http_url; + } + + /** + * Get HTTPS Url + * + * @param none + * @return WordPressHTTPS_Url + */ + public function getHttpsUrl() { + if ( !isset( $this->_https_url) ) { + $this->_https_url = clone $this->getHttpUrl(); + $this->_https_url->setScheme('https'); + + if ( is_string( $this->getSetting('ssl_host') ) && $this->getSetting('ssl_host') != '' ) { + $ssl_host = rtrim( $this->getSetting('ssl_host'), '/') . '/'; + // If using a different host for SSL + if ( $ssl_host != $this->_https_url->toString() ) { + // Assign HTTPS URL to SSL Host + $this->setSetting('ssl_host_diff', 1); + if ( strpos( $ssl_host, 'http://') === false && strpos( $ssl_host, 'https://') === false ) { + $ssl_host = 'https://' . $ssl_host; + } + $this->_https_url = WordPressHTTPS_Url::fromString( $ssl_host ); + } else { + $this->setSetting('ssl_host_diff', 0); + } + } + + // Prepend SSL Host path + if ( strpos( $this->_https_url->getPath(), $this->getHttpUrl()->getPath() ) === false ) { + $this->_https_url->setPath( $this->_https_url->getPath() . $this->getHttpUrl()->getPath() ); + } + + // Add SSL Port to HTTPS URL + $this->_https_url->setPort( $this->getSetting('ssl_port') ); + } + + return $this->_https_url; + } + + /** + * Get domains local to the WordPress installation. + * + * @param none + * @return array $hosts Array of domains local to the WordPress installation. + */ + public function getLocalDomains() { + $hosts = $this->getSetting( 'hosts' ); + if ( ! empty( $hosts ) ) + return $hosts; + + global $wpdb; + $hosts = array( + $this->getHttpUrl()->getHost(), + $this->getHttpsUrl()->getHost() + ); + + if ( is_multisite() && is_subdomain_install() ) { + $multisite_hosts = $wpdb->get_col( $wpdb->prepare( "SELECT domain FROM " . $wpdb->blogs, NULL ) ); + $hosts = array_merge( $hosts, $multisite_hosts ); + } + + $this->setSetting( 'hosts', $hosts ); + + return $hosts; + } + + /** + * Initialize + * + * @param none + * @return void + */ + public function init() { + $this->getLogger()->log( 'Version: ' . $this->getVersion() ); + $this->getLogger()->log( 'HTTP URL: ' . $this->getHttpUrl()->toString() ); + $this->getLogger()->log( 'HTTPS URL: ' . $this->getHttpsUrl()->toString() ); + $this->getLogger()->log( 'SSL: ' . ( $this->isSsl() ? 'Yes' : 'No' ) ); + $this->getLogger()->log( 'Diff Host: ' . ( $this->getSetting( 'ssl_host_diff' ) ? 'Yes' : 'No' ) ); + $this->getLogger()->log( 'Subdomain: ' . ( $this->getSetting( 'ssl_host_subdomain' ) ? 'Yes' : 'No' ) ); + $this->getLogger()->log( 'Proxy: ' . ( $this->getSetting( 'ssl_proxy' ) === 'auto' ? 'Auto' : ( $this->getSetting( 'ssl_proxy' ) ? 'Yes' : 'No' ) ) ); + $this->getLogger()->log( 'Secure External URLs: [ ' . implode( ', ', (array)$this->getSetting( 'secure_external_urls' ) ) . ' ]' ); + $this->getLogger()->log( 'Unsecure External URLs: [ ' . implode( ', ', (array)$this->getSetting( 'unsecure_external_urls' ) ) . ' ]' ); + + parent::init(); + } + + /** + * Install + * + * @param none + * @return void + */ + public function install() { + global $wpdb; + + if ( is_multisite() && is_network_admin() ) { + $blogs = $wpdb->get_col( $wpdb->prepare( "SELECT blog_id FROM " . $wpdb->blogs, NULL ) ); + } else { + $blogs = array( $wpdb->blogid); + } + + $defaults = $this->getSetting('network_defaults'); + foreach ( $blogs as $blog_id ) { + // Add Settings + foreach ( $this->getSettings() as $option => $value ) { + if ( is_multisite() ) { + if ( add_blog_option( $blog_id, $option, $value) && isset( $defaults[ $option]) ) { + if ( $option == 'ssl_host' && strpos( $value, 'https://') !== 0 ) { + $value = 'https://' . rtrim( $defaults[ $option], '/') . '/'; + } else { + $value = $defaults[ $option]; + } + $this->setSetting( $option, $value, $blog_id ); + } + } else { + add_option( $option, $value ); + } + } + + // Fix a bug that saved the ssl_host as an object + if ( ! is_string( $this->getSetting('ssl_host', $blog_id ) ) ) { + $this->setSetting( 'ssl_host', $this->_settings['ssl_host'], $blog_id ); + $this->setSetting( 'ssl_port', $this->_settings['ssl_port'], $blog_id ); + $this->setSetting( 'ssl_host_diff', $this->_settings['ssl_host_diff'], $blog_id ); + $this->setSetting( 'ssl_host_subdomain', $this->_settings['ssl_host_subdomain'], $blog_id ); + } + + // If secure front page option exists, create front page filter + if ( $this->getSetting('frontpage', $blog_id) ) { + $this->setSetting('secure_filter', array_merge( $this->getSetting('secure_filter'), array(rtrim(str_replace('http://', '', $this->getHttpUrl()->toString() ), '/') . '/$') )); + $this->setSetting('frontpage', 0, $blog_id); + } + + // Reset cache + $this->setSetting('secure_external_urls', $this->_settings['secure_external_urls'], $blog_id); + $this->setSetting('unsecure_external_urls', $this->_settings['unsecure_external_urls'], $blog_id); + + // Set default domain mapping + if ( $this->getSetting('ssl_host_mapping', $blog_id) == array() ) { + $this->setSetting('ssl_host_mapping', WordPressHTTPS::$ssl_host_mapping, $blog_id); + } + } + + $is_subdomain = $this->getHttpsUrl()->isSubdomain( $this->getHttpUrl() ); + foreach ( $blogs as $blog_id ) { + $this->setSetting('ssl_host_subdomain', $is_subdomain, $blog_id); + } + } + + /** + * Is Local URL + * + * Determines if URL is local or external + * + * @param string $url + * @return boolean + */ + public function isUrlLocal( $url) { + $hosts = $this->getLocalDomains(); + if ( ( $url_parts = @parse_url( $url) ) && isset( $url_parts['host']) && !in_array( $url_parts['host'], $hosts ) ) { + return false; + } + return true; + } + + /** + * Replaces HTTP Host with HTTPS Host + * + * @param string $string + * @return string $string + */ + public function makeUrlHttps( $string ) { + if ( (string)$string == '' ) { + return false; + } + + // If relative, prepend appropriate path + if ( strpos( $string, '/') === 0 ) { + if ( $this->getSetting('ssl_host_diff') && strpos( $string, $this->getHttpsUrl()->getPath() ) === false ) { + if ( $this->getHttpUrl()->getPath() == '/' ) { + $string = rtrim( $this->getHttpsUrl()->getPath(), '/') . $string; + } else { + $string = str_replace( $this->getHttpUrl()->getPath(), $this->getHttpsUrl()->getPath(), $string); + } + } + } else if ( $url = WordPressHTTPS_Url::fromString( $string ) ) { + if ( $this->isUrlLocal( $url) ) { + if ( $url->getScheme() == 'http' || ( $url->getScheme() == 'https' && $this->getSetting('ssl_host_diff') ) ) { + $has_host = ( $this->getHttpUrl()->getHost() == $this->getHttpsUrl()->getHost() ) || strpos( $url, $this->getHttpsUrl()->getHost() ) !== false; + $has_path = ( $this->getHttpUrl()->getPath() == $this->getHttpsUrl()->getPath() ) || strpos( $url, $this->getHttpsUrl()->getPath() ) !== false; + $has_port = ( (int)$this->getHttpsUrl()->getPort() > 0 ? strpos( $url, ':' . $this->getHttpsUrl()->getPort() ) !== false : true ); + if ( $url->getScheme() == 'http' || !$has_host || !$has_path || !$has_port ) { + $updated = clone $url; + $updated->setScheme('https'); + $updated->setHost( $this->getHttpsUrl()->getHost() ); + $updated->setPort( $this->getHttpsUrl()->getPort() ); + if ( $this->getSetting('ssl_host_diff') && strpos( $updated->getPath(), $this->getHttpsUrl()->getPath() ) === false ) { + if ( $this->getHttpUrl()->getPath() == '/' ) { + $updated->setPath(rtrim( $this->getHttpsUrl()->getPath(), '/') . $updated->getPath() ); + } else if ( strpos( $updated->getPath(), $this->getHttpUrl()->getPath() ) !== false ) { + $updated->setPath(str_replace( $this->getHttpUrl()->getPath(), $this->getHttpsUrl()->getPath(), $updated->getPath() )); + } else if ( strpos( $updated->getPath(), rtrim( $this->getHttpUrl()->getPath(), '/') ) !== false ) { + $updated->setPath(str_replace(rtrim( $this->getHttpUrl()->getPath(), '/'), $this->getHttpsUrl()->getPath(), $updated->getPath() )); + } + } + if ( ( ( $this->isSsl() && !$this->getSetting('exclusive_https') ) || ( defined('FORCE_SSL_ADMIN') && constant('FORCE_SSL_ADMIN') ) || $this->getSetting('ssl_admin') ) && strpos( $url, 'wp-admin') !== false && preg_match('/redirect_to=([^&]+)/i', $updated->toString(), $redirect) && isset( $redirect[1]) ) { + $redirect_url = $redirect[1]; + $updated = str_replace( $redirect_url, urlencode( $this->makeUrlHttps(urldecode( $redirect_url) )), $updated->toString() ); + } + $string = str_replace( $url, $updated, $string); + } + } + } else { + $updated = clone $url; + $updated = WordPressHTTPS_Url::fromString( apply_filters('https_external_url', $updated->toString() ) ); + if ( @in_array( $updated->toString(), $this->getSetting('secure_external_urls') ) == false && @in_array( $updated->toString(), $this->getSetting('unsecure_external_urls') ) == false ) { + $test = clone $updated; + $test->setScheme('https'); + if ( $test->isValid() ) { + // Cache this URL as available over HTTPS for future reference + $this->addSecureExternalUrl( $updated->toString() ); + $updated->setScheme('https'); + } else { + // If not available over HTTPS, mark as an unsecure external URL + $this->addUnsecureExternalUrl( $updated->toString() ); + } + } else if ( in_array( $updated->toString(), $this->getSetting('secure_external_urls') ) ) { + $updated->setScheme('https'); + } + if ( $url->toString() != $updated->toString() ) { + $string = str_replace( $url, $updated, $string); + } + } + unset( $test); + unset( $updated); + unset( $url); + } + return $string; + } + + /** + * Replaces HTTPS Host with HTTP Host + * + * @param string $string + * @return string $string + */ + public function makeUrlHttp( $string ) { + if ( (string)$string == '' ) { + return false; + } + + // If relative + if ( strpos( $string, '/') === 0 ) { + if ( $this->getSetting('ssl_host_diff') && strpos( $string, $this->getHttpsUrl()->getPath() ) !== false ) { + $string = str_replace( $this->getHttpsUrl()->getPath(), $this->getHttpUrl()->getPath(), $string); + } + } else if ( $url = WordPressHTTPS_Url::fromString( $string ) ) { + if ( $this->isUrlLocal( $url) ) { + if ( $url->getScheme() == 'https' ) { + $updated = clone $url; + $updated->setScheme('http'); + $updated->setHost( $this->getHttpUrl()->getHost() ); + $updated->setPort( $this->getHttpUrl()->getPort() ); + if ( $this->getSetting('ssl_host_diff') && strpos( $updated->getPath(), $this->getHttpsUrl()->getPath() ) !== false ) { + $updated->setPath(str_replace( $this->getHttpsUrl()->getPath(), $this->getHttpUrl()->getPath(), $updated->getPath() )); + } + if ( strpos( $url, 'wp-admin') !== false && preg_match('/redirect_to=([^&]+)/i', $url, $redirect) && isset( $redirect[1]) ) { + $redirect_url = $redirect[1]; + $url = str_replace( $redirect_url, urlencode( $this->makeUrlHttp(urldecode( $redirect_url) )), $url); + } + $string = str_replace( $url, $updated, $string); + } + } else { + $updated = apply_filters('http_external_url', str_replace('https://', 'http://', $url) ); + $string = str_replace( $url, $updated, $string); + } + } + unset( $updated); + unset( $url); + return $string; + } + + /** + * Add Secure External URL + * + * @param string $value + * @return $this + */ + public function addSecureExternalUrl( $value ) { + if ( trim( $value) == '' ) { + return $this; + } + + $secure_external_urls = (array) $this->getSetting('secure_external_urls'); + array_push( $secure_external_urls, (string) $value); + $this->setSetting('secure_external_urls', $secure_external_urls); + + return $this; + } + + /** + * Add Unsecure External URL + * + * @param string $value + * @return $this + */ + public function addUnsecureExternalUrl( $value ) { + if ( trim( $value) == '' ) { + return $this; + } + + $unsecure_external_urls = (array) $this->getSetting('unsecure_external_urls'); + array_push( $unsecure_external_urls, (string) $value); + $this->setSetting('unsecure_external_urls', $unsecure_external_urls); + + return $this; + } + + /** + * Checks if the current page is SSL + * + * @param none + * @return bool + */ + public function isSsl() { + // Some extra checks for Shared SSL + if ( is_ssl() && strpos( $_SERVER['HTTP_HOST'], $this->getHttpsUrl()->getHost() ) === false && $_SERVER['SERVER_ADDR'] != $_SERVER['HTTP_HOST'] ) { + return false; + } else if ( isset( $_SERVER['HTTP_CF_VISITOR']) && strpos( $_SERVER['HTTP_CF_VISITOR'], 'https') ) { + return true; + } else if ( isset( $_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower( $_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https' ) { + return true; + } else if ( $this->getSetting('ssl_host_diff') && !is_ssl() && isset( $_SERVER['HTTP_X_FORWARDED_SERVER']) && $this->getHttpsUrl()->getHost() == $_SERVER['HTTP_X_FORWARDED_SERVER'] ) { + return true; + } else if ( $this->getSetting('ssl_host_diff') && !is_ssl() && $this->getHttpsUrl()->getHost() == $_SERVER['HTTP_HOST'] && ( $this->getHttpsUrl()->getPort() <= 0 || $_SERVER['SERVER_PORT'] == $this->getHttpsUrl()->getPort() ) && strpos( $_SERVER['REQUEST_URI'], $this->getHttpsUrl()->getPath() ) !== false ) { + return true; + } + return is_ssl(); + } + + /** + * Maintained for backwards compatibility. + * + * @param none + * @return bool + */ + public function is_ssl() { + return $this->isSsl(); + } + + /** + * Redirects page to HTTP or HTTPS accordingly + * + * @param string $scheme Either http or https + * @return void + */ + public function redirect( $scheme = 'https' ) { + $current_path = ( isset( $_SERVER['REDIRECT_URL']) && strpos( $_SERVER['REDIRECT_URL'], 'index.php') === false ? $_SERVER['REDIRECT_URL'] : $_SERVER['REQUEST_URI'] ); + if ( strpos( $_SERVER['REQUEST_URI'], '?') !== false && isset( $_SERVER['REDIRECT_URL']) && strpos( $_SERVER['REDIRECT_URL'], '?') === false ) { + $current_path .= substr( $_SERVER['REQUEST_URI'], strpos( $_SERVER['REQUEST_URI'], '?') ); + } + + $current_url = ( $this->isSsl() ? 'https' : 'http' ) . '://' . ( isset( $_SERVER['HTTP_X_FORWARDED_SERVER']) ? $_SERVER['HTTP_X_FORWARDED_SERVER'] : $_SERVER['HTTP_HOST'] ) . $current_path; + if ( $scheme == 'https' ) { + $url = $this->makeUrlHttps( $current_url); + } else { + $url = $this->makeUrlHttp( $current_url); + } + + if ( $current_url != $url ) { + // Use a cookie to detect redirect loops + $redirect_count = ( isset( $_COOKIE['redirect_count']) && is_numeric( $_COOKIE['redirect_count']) ? (int)$_COOKIE['redirect_count']+1 : 1 ); + setcookie('redirect_count', $redirect_count, 0, '/'); + // If redirect count is greater than 2, prevent redirect and log the redirect loop + if ( $redirect_count > 2 ) { + setcookie( 'redirect_count', null, -time(), '/' ); + $this->getLogger()->log( '[ERROR] Redirect Loop!' ); + return; + } + + // Redirect + if ( function_exists('wp_redirect') ) { + wp_redirect( $url, 301 ); + } else { + // End all output buffering and redirect + while( @ob_end_clean() ); + header("Location: " . $url, true, 301 ); + } + exit(); + } + } + + /** + * Get relevent files and directories within WordPress + * + * @param none + * @return void + */ + public function getDirectories() { + $directories = array(); + $scannedDirectories = array(); + $directories[] = get_theme_root() . '/' . get_template(); + + foreach ( $directories as $directory ) { + $scannedDirectories[ $directory ]['name'] = $directory; + if ( is_readable( $directory ) && ( $files = scandir( $directory ) ) ) { + $scannedDirectories[ $directory ]['files'] = $files; + unset( $files); + } else { + $scannedDirectories[ $directory ]['error'] = "Unable to read directory."; + } + } + return $scannedDirectories; + } + } \ No newline at end of file From 021712d6b0f737bda9c81f075e09cd96309434c7 Mon Sep 17 00:00:00 2001 From: Jonathan Desrosiers Date: Mon, 20 Oct 2014 10:12:53 -0400 Subject: [PATCH 3/4] Whitespace changes. --- lib/WordPressHTTPS.php | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/lib/WordPressHTTPS.php b/lib/WordPressHTTPS.php index 6589863..5558bd5 100644 --- a/lib/WordPressHTTPS.php +++ b/lib/WordPressHTTPS.php @@ -1,4 +1,4 @@ - default_value * * @var multitype:multitype @@ -61,7 +61,7 @@ class WordPressHTTPS extends Mvied_Plugin_Modular { /** * File extensions to be loaded securely. * File type => Array of extensions - * + * * @var multitype:multitype */ protected $_file_extensions = array( @@ -126,7 +126,7 @@ class WordPressHTTPS extends Mvied_Plugin_Modular { /** * Get File Extensions to Secure - * + * * @param none * @return array */ @@ -136,7 +136,7 @@ public function getFileExtensions() { /** * Get HTTP Url - * + * * @param none * @return Mvied_Url */ @@ -149,7 +149,7 @@ public function getHttpUrl() { /** * Get HTTPS Url - * + * * @param none * @return Mvied_Url */ @@ -184,7 +184,7 @@ public function getHttpsUrl() { /** * Get domains local to the WordPress installation. - * + * * @param none * @return array $hosts Array of domains local to the WordPress installation. */ @@ -231,7 +231,7 @@ public function init() { /** * Install - * + * * @param none * @return void */ @@ -312,7 +312,7 @@ public function install() { $this->setSetting('unsecure_external_urls', $this->_settings['unsecure_external_urls'], $blog_id); $this->setSetting('path_cache', $this->_settings['path_cache'], $blog_id); $this->setSetting('blog_cache', $this->_settings['blog_cache'], $blog_id); - + // Set default URL Mapping if ( $this->getSetting('ssl_host_mapping', $blog_id) == array() ) { $this->setSetting('ssl_host_mapping', WordPressHTTPS::$ssl_host_mapping, $blog_id); @@ -335,7 +335,7 @@ public function install() { /** * Is Local URL - * + * * Determines if URL is local or external * * @param string $url @@ -534,7 +534,7 @@ public function isSsl() { } return apply_filters('is_ssl', $is_ssl); } - + /** * Maintained for backwards compatibility. * @@ -606,7 +606,7 @@ public function getDirectories() { $scannedDirectories[$directory]['name'] = $directory; if ( is_readable($directory) && ($files = scandir($directory)) ) { $scannedDirectories[$directory]['files'] = $files; - unset($files); + unset($files); } else { $scannedDirectories[$directory]['error'] = "Unable to read directory."; } From 949d40b6db8eaa12a85eaf90ff902fd555e3ef45 Mon Sep 17 00:00:00 2001 From: Jonathan Desrosiers Date: Mon, 20 Oct 2014 10:18:45 -0400 Subject: [PATCH 4/4] Refreshing my changes in order to merge properly. --- lib/WordPressHTTPS.php | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/lib/WordPressHTTPS.php b/lib/WordPressHTTPS.php index 5558bd5..370bd3d 100644 --- a/lib/WordPressHTTPS.php +++ b/lib/WordPressHTTPS.php @@ -56,6 +56,7 @@ class WordPressHTTPS extends Mvied_Plugin_Modular { 'path_cache' => array(), // Cache of URL paths to Post IDs 'blog_cache' => array(), // Cache of URL paths to Blog IDs 'version' => '', // Version of the plugin this blog has installed + 'hosts' => array(), ); /** @@ -189,23 +190,29 @@ public function getHttpsUrl() { * @return array $hosts Array of domains local to the WordPress installation. */ public function getLocalDomains() { + $hosts = $this->getSetting( 'hosts' ); + + if ( ! empty( $hosts ) ) + return $hosts; + global $wpdb; $hosts = array( $this->getHttpUrl()->getHost(), - $this->getHttpsUrl()->getHost() + $this->getHttpsUrl()->getHost(), ); if ( is_multisite() && is_subdomain_install() ) { - $multisite_hosts = $wpdb->get_col($wpdb->prepare("SELECT domain FROM %d", $wpdb->blogs)); - $hosts = array_merge($hosts, $multisite_hosts); + $multisite_hosts = $wpdb->get_col($wpdb->prepare( "SELECT domain FROM %d", $wpdb->blogs ) ); + $hosts = array_merge( $hosts, $multisite_hosts ); } - if ( function_exists('domain_mapping_siteurl') ) { - if ( $mapped_host = parse_url(domain_mapping_siteurl(false), PHP_URL_HOST) ) { + if ( function_exists( 'domain_mapping_siteurl' ) ) { + if ( $mapped_host = parse_url( domain_mapping_siteurl( false ), PHP_URL_HOST ) ) $hosts[] = $mapped_host; - } } + $this->setSetting( 'hosts', $hosts ); + return $hosts; }