WordPress.org

Make WordPress Core

Ticket #15277: use_ssl_login_admin.patch

File use_ssl_login_admin.patch, 4.6 KB (added by jackewit, 3 years ago)

patch for the idea of a USE_SSL_LOGIN and USE_SSL_ADMIN

Line 
1Index: wp-includes/default-constants.php
2===================================================================
3--- wp-includes/default-constants.php   (Revision 16130)
4+++ wp-includes/default-constants.php   (Arbeitskopie)
5@@ -228,19 +228,33 @@
6  * @since 3.0.0
7  */
8 function wp_ssl_constants( ) {
9+
10+    /**
11+     * @since patch 01.11.2010
12+     */
13+    if ( !defined('USE_SSL_LOGIN') )
14+        define('USE_SSL_LOGIN', false);
15+    use_ssl_login(USE_SSL_LOGIN);
16+
17+    /**
18+     * @since patch 01.11.2010
19+     */
20+    if ( !defined('USE_SSL_ADMIN') )
21+        define('USE_SSL_ADMIN', false);
22+    use_ssl_admin(USE_SSL_ADMIN);
23 }
24 
25Index: wp-includes/functions.php
26===================================================================
27--- wp-includes/functions.php   (Revision 16130)
28+++ wp-includes/functions.php   (Arbeitskopie)
29@@ -3445,18 +3445,58 @@
30  * @return bool True if SSL, false if not used.
31  */
32 function is_ssl() {
33-       if ( isset($_SERVER['HTTPS']) ) {
34-               if ( 'on' == strtolower($_SERVER['HTTPS']) )
35-                       return true;
36-               if ( '1' == $_SERVER['HTTPS'] )
37-                       return true;
38-       } elseif ( isset($_SERVER['SERVER_PORT']) && ( '443' == $_SERVER['SERVER_PORT'] ) ) {
39-               return true;
40-       }
41-       return false;
42+   if ( isset($_SERVER['HTTPS']) ) {
43+      if ( 'on' == strtolower($_SERVER['HTTPS']) )
44+         return true;
45+      if ( '1' == $_SERVER['HTTPS'] )
46+         return true;
47+   } elseif ( isset($_SERVER['SERVER_PORT']) && ( '443' == $_SERVER['SERVER_PORT'] ) ) {
48+      return true;
49+   }
50+   return false;
51 }
52 
53 /**
54+ * Whether SSL login should be used.
55+ *
56+ * @since patch 01.11.2010
57+ *
58+ * @param string|bool $use Optional.
59+ * @return bool True if used, false if not used.
60+ */
61+function use_ssl_login( $use = null ) {
62+    static $used = false;
63+
64+    if ( !is_null( $use ) ) {
65+        $old_used = $used;
66+        $used = $use;
67+        return $old_used;
68+    }
69+
70+    return $used;
71+}
72+
73+/**
74+ * Whether to use SSL used for the Administration Panels.
75+ *
76+ * @since patch 01.11.2010
77+ *
78+ * @param string|bool $use
79+ * @return bool True if used, false if not used.
80+ */
81+function use_ssl_admin( $use = null ) {
82+    static $used = false;
83+
84+    if ( !is_null( $use ) ) {
85+        $old_used = $used;
86+        $used = $use;
87+        return $old_used;
88+    }
89+
90+    return $used;
91+}
92+
93+/**
94  * Whether SSL login should be forced.
95  *
96  * @since 2.6.0
97 
98Index: wp-includes/link-template.php
99===================================================================
100--- wp-includes/link-template.php       (Revision 16130)
101+++ wp-includes/link-template.php       (Arbeitskopie)
102@@ -2001,31 +2001,31 @@
103  * @return string Site url link with optional path appended.
104 */
105 function get_site_url( $blog_id = null, $path = '', $scheme = null ) {
106-       // should the list of allowed schemes be maintained elsewhere?
107-       $orig_scheme = $scheme;
108-       if ( !in_array( $scheme, array( 'http', 'https' ) ) ) {
109-               if ( ( 'login_post' == $scheme || 'rpc' == $scheme ) && ( force_ssl_login() || force_ssl_admin() ) )
110-                       $scheme = 'https';
111-               elseif ( ( 'login' == $scheme ) && force_ssl_admin() )
112-                       $scheme = 'https';
113-               elseif ( ( 'admin' == $scheme ) && force_ssl_admin() )
114-                       $scheme = 'https';
115-               else
116-                       $scheme = ( is_ssl() ? 'https' : 'http' );
117-       }
118+   // should the list of allowed schemes be maintained elsewhere?
119+   $orig_scheme = $scheme;
120+   if ( !in_array( $scheme, array( 'http', 'https' ) ) ) {
121+      if ( ( 'login_post' == $scheme || 'rpc' == $scheme ) && ( force_ssl_login() || force_ssl_admin() || use_ssl_login() || use_ssl_admin() ) )
122+         $scheme = 'https';
123+      elseif ( ( 'login' == $scheme ) && ( force_ssl_admin() || use_ssl_admin() ) )
124+         $scheme = 'https';
125+      elseif ( ( 'admin' == $scheme ) && ( force_ssl_admin() || use_ssl_admin() ) )
126+         $scheme = 'https';
127+      else
128+         $scheme = ( is_ssl() ? 'https' : 'http' );
129+   }
130 
131-       if ( empty( $blog_id ) || !is_multisite() )
132-               $url = get_option( 'siteurl' );
133-       else
134-               $url = get_blog_option( $blog_id, 'siteurl' );
135+   if ( empty( $blog_id ) || !is_multisite() )
136+      $url = get_option( 'siteurl' );
137+   else
138+      $url = get_blog_option( $blog_id, 'siteurl' );
139 
140-       if ( 'http' != $scheme )
141-               $url = str_replace( 'http://', "{$scheme}://", $url );
142+   if ( 'http' != $scheme )
143+      $url = str_replace( 'http://', "{$scheme}://", $url );
144 
145-       if ( !empty( $path ) && is_string( $path ) && strpos( $path, '..' ) === false )
146-               $url .= '/' . ltrim( $path, '/' );
147+   if ( !empty( $path ) && is_string( $path ) && strpos( $path, '..' ) === false )
148+      $url .= '/' . ltrim( $path, '/' );
149 
150-       return apply_filters( 'site_url', $url, $path, $orig_scheme, $blog_id );
151+   return apply_filters( 'site_url', $url, $path, $orig_scheme, $blog_id );
152 }
153 
154 /**
155