WordPress.org

Make WordPress Core

Ticket #19037: ssl.patch

File ssl.patch, 22.3 KB (added by MarcusPope, 7 years ago)

patch for ssl checking logic

  • wp-admin/includes/class-wp-list-table.php

    diff -r 0c4c93d6bc0c wp-admin/includes/class-wp-list-table.php
    a b  
    486486
    487487                $current = $this->get_pagenum();
    488488
    489                 $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
     489                $current_url = scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
    490490
    491491                $current_url = remove_query_arg( array( 'hotkeys_highlight_last', 'hotkeys_highlight_first' ), $current_url );
    492492
     
    645645
    646646                list( $columns, $hidden, $sortable ) = $this->get_column_info();
    647647
    648                 $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
     648                $current_url = scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
    649649                $current_url = remove_query_arg( 'paged', $current_url );
    650650
    651651                if ( isset( $_GET['orderby'] ) )
  • wp-admin/includes/class-wp-themes-list-table.php

    diff -r 0c4c93d6bc0c wp-admin/includes/class-wp-themes-list-table.php
    a b  
    155155        $parent_theme = $themes[$theme_name]['Parent Theme'];
    156156        $theme_root = $themes[$theme_name]['Theme Root'];
    157157        $theme_root_uri = $themes[$theme_name]['Theme Root URI'];
    158         $preview_link = esc_url( get_option( 'home' ) . '/' );
    159         if ( is_ssl() )
    160                 $preview_link = str_replace( 'http://', 'https://', $preview_link );
     158        $preview_link = scheme( esc_url( get_option( 'home' ) . '/' ) );
    161159        $preview_link = htmlspecialchars( add_query_arg( array( 'preview' => 1, 'template' => $template, 'stylesheet' => $stylesheet, 'preview_iframe' => true, 'TB_iframe' => 'true' ), $preview_link ) );
    162160        $preview_text = esc_attr( sprintf( __( 'Preview of “%s”' ), $title ) );
    163161        $tags = $themes[$theme_name]['Tags'];
  • wp-admin/includes/meta-boxes.php

    diff -r 0c4c93d6bc0c wp-admin/includes/meta-boxes.php
    a b  
    4242        $preview_button = __( 'Preview Changes' );
    4343} else {
    4444        $preview_link = get_permalink( $post->ID );
    45         if ( is_ssl() )
    46                 $preview_link = str_replace( 'http://', 'https://', $preview_link );
    4745        $preview_link = esc_url( apply_filters( 'preview_post_link', add_query_arg( 'preview', 'true', $preview_link ) ) );
    4846        $preview_button = __( 'Preview' );
    4947}
  • wp-admin/includes/plugin.php

    diff -r 0c4c93d6bc0c wp-admin/includes/plugin.php
    a b  
    877877
    878878        if ( empty($icon_url) )
    879879                $icon_url = esc_url( admin_url( 'images/generic.png' ) );
    880         elseif ( is_ssl() && 0 === strpos($icon_url, 'http://') )
    881                 $icon_url = 'https://' . substr($icon_url, 7);
    882880
    883         $new_menu = array( $menu_title, $capability, $menu_slug, $page_title, 'menu-top ' . $hookname, $hookname, $icon_url );
     881        $new_menu = array( $menu_title, $capability, $menu_slug, $page_title, 'menu-top ' . $hookname, $hookname, scheme($icon_url) );
    884882
    885883        if ( null === $position  )
    886884                $menu[] = $new_menu;
  • wp-admin/includes/post.php

    diff -r 0c4c93d6bc0c wp-admin/includes/post.php
    a b  
    14881488
    14891489                        foreach ( $mce_external_plugins as $name => $url ) {
    14901490
    1491                                 if ( is_ssl() ) $url = str_replace('http://', 'https://', $url);
     1491                                $url = scheme($url);
    14921492
    14931493                                $plugins[] = '-' . $name;
    14941494
     
    18601860<div class="fullscreen-overlay fullscreen-fader fade-600" id="fullscreen-fader"></div>
    18611861<?php
    18621862}
    1863 
    1864 
  • wp-admin/network/site-info.php

    diff -r 0c4c93d6bc0c wp-admin/network/site-info.php
    a b  
    118118                <tr class="form-field form-required">
    119119                        <th scope="row"><?php _e( 'Domain' ) ?></th>
    120120                        <?php
    121                         $protocol = is_ssl() ? 'https://' : 'http://';
    122121                        if ( $is_main_site ) { ?>
    123                         <td><code><?php echo $protocol; echo esc_attr( $details->domain ) ?></code></td>
     122                        <td><code><?php echo esc_attr( $details->domain ) ?></code></td>
    124123                        <?php } else { ?>
    125                         <td><?php echo $protocol; ?><input name="blog[domain]" type="text" id="domain" value="<?php echo esc_attr( $details->domain ) ?>" size="33" /></td>
     124                        <td><input name="blog[domain]" type="text" id="domain" value="<?php echo esc_attr( $details->domain ) ?>" size="33" /></td>
    126125                        <?php } ?>
    127126                </tr>
    128127                <tr class="form-field form-required">
  • wp-admin/setup-config.php

    diff -r 0c4c93d6bc0c wp-admin/setup-config.php
    a b  
    192192                 * @ignore
    193193                 */
    194194                function get_bloginfo() {
    195                         return ( ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . str_replace( $_SERVER['PHP_SELF'], '/wp-admin/setup-config.php', '' ) );
     195                        return ( scheme( 'http://' . $_SERVER['HTTP_HOST'] ) );
    196196                }
    197197                /**#@-*/
    198198                $secret_keys = wp_remote_get( 'https://api.wordpress.org/secret-key/1.1/salt/' );
  • wp-includes/canonical.php

    diff -r 0c4c93d6bc0c wp-includes/canonical.php
    a b  
    4040        if ( is_trackback() || is_search() || is_comments_popup() || is_admin() || !empty($_POST) || is_preview() || is_robots() || $is_IIS )
    4141                return;
    4242
    43         if ( !$requested_url ) {
     43        if ( ! $requested_url ) {
    4444                // build the URL in the address bar
    45                 $requested_url  = is_ssl() ? 'https://' : 'http://';
    46                 $requested_url .= $_SERVER['HTTP_HOST'];
    47                 $requested_url .= $_SERVER['REQUEST_URI'];
     45                $requested_url  = scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
    4846        }
    4947
    5048        $original = @parse_url($requested_url);
  • wp-includes/class-wp-admin-bar.php

    diff -r 0c4c93d6bc0c wp-includes/class-wp-admin-bar.php
    a b  
    33        var $changed_locale = false;
    44        var $menu;
    55        var $need_to_change_locale = false;
    6         var $proto = 'http://';
    76        var $user;
    87
    98        function initialize() {
    10                 /* Set the protocol used throughout this code */
    11                 if ( is_ssl() )
    12                         $this->proto = 'https://';
    13 
    149                $this->user = new stdClass;
    1510                $this->menu = new stdClass;
    1611
  • wp-includes/class-wp-xmlrpc-server.php

    diff -r 0c4c93d6bc0c wp-includes/class-wp-xmlrpc-server.php
    a b  
    17521752                global $current_blog;
    17531753                $domain = $current_blog->domain;
    17541754                $path = $current_blog->path . 'xmlrpc.php';
    1755                 $protocol = is_ssl() ? 'https' : 'http';
    1756 
    1757                 $rpc = new IXR_Client("$protocol://{$domain}{$path}");
     1755
     1756                $rpc = new IXR_Client(scheme("http://{$domain}{$path}"));
    17581757                $rpc->query('wp.getUsersBlogs', $args[1], $args[2]);
    17591758                $blogs = $rpc->getResponse();
    17601759
  • wp-includes/feed.php

    diff -r 0c4c93d6bc0c wp-includes/feed.php
    a b  
    486486 */
    487487function self_link() {
    488488        $host = @parse_url(home_url());
    489         $host = $host['host'];
    490         echo esc_url(
    491                 'http'
    492                 . ( (isset($_SERVER['https']) && $_SERVER['https'] == 'on') ? 's' : '' ) . '://'
    493                 . $host
    494                 . stripslashes($_SERVER['REQUEST_URI'])
    495                 );
     489        echo esc_url( $host['scheme'] . '://' . $host['host'] . stripslashes( $_SERVER['REQUEST_URI'] ) );
    496490}
    497491
    498492/**
  • wp-includes/functions.php

    diff -r 0c4c93d6bc0c wp-includes/functions.php
    a b  
    36223622}
    36233623
    36243624/**
     3625 * Properly format the scheme of any URL based on SSL state.  Safe for use with relative URLs
     3626 *
     3627 * @since 3.2.X
     3628 *
     3629 * @param string $url
     3630 * @return string A string representing a url with the proper scheme given the SSL state of this site
     3631 */
     3632function scheme( $url ) {
     3633    if (is_ssl()) {
     3634        $url = str_replace('http://', 'https://', $url);
     3635    }
     3636    else {
     3637        $url = str_replace('https://', 'http://', $url);
     3638    }
     3639
     3640    return $url;
     3641}
     3642
     3643/**
     3644 * Forces an ssl redirect for authentication if SSL is required and we're not currently using an HTTPS scheme
     3645 *
     3646 * @since 3.2.X
     3647 *
     3648 * @return bool true if request needs secure redirect
     3649 */
     3650function ssl_redirect() {
     3651
     3652    $secure = ( is_ssl() || force_ssl_admin() );
     3653
     3654        $secure = apply_filters('secure_auth_redirect', $secure);
     3655
     3656    // If https is required and request is http, redirect
     3657    if ( $secure && !is_ssl() && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin') ) {
     3658        do_ssl_redirect();
     3659    }
     3660
     3661    return $secure;
     3662}
     3663
     3664/**
     3665 * Does actual redirect for https scheme
     3666 *
     3667 * @since 3.2.X
     3668 *
     3669 * @return null
     3670 */
     3671function do_ssl_redirect() {
     3672
     3673    if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
     3674        wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
     3675        exit();
     3676    } else {
     3677        wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
     3678        exit();
     3679    }
     3680}
     3681
     3682/**
    36253683 * Whether SSL login should be forced.
    36263684 *
    36273685 * @since 2.6.0
     
    36753733        if ( defined('WP_SITEURL') && '' != WP_SITEURL ) {
    36763734                $url = WP_SITEURL;
    36773735        } else {
    3678                 $schema = is_ssl() ? 'https://' : 'http://';
    3679                 $url = preg_replace('|/wp-admin/.*|i', '', $schema . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
     3736                $url = preg_replace('|/wp-admin/.*|i', '', scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']));
    36803737        }
    36813738        return rtrim($url, '/');
    36823739}
  • wp-includes/link-template.php

    diff -r 0c4c93d6bc0c wp-includes/link-template.php
    a b  
    19261926 * Retrieve the home url for the current site.
    19271927 *
    19281928 * Returns the 'home' option with the appropriate protocol,  'https' if
    1929  * is_ssl() and 'http' otherwise. If $scheme is 'http' or 'https', is_ssl() is
     1929 * is_ssl and 'http' otherwise. If $scheme is 'http' or 'https', is_ssl is
    19301930 * overridden.
    19311931 *
    19321932 * @package WordPress
     
    19461946 * Retrieve the home url for a given site.
    19471947 *
    19481948 * Returns the 'home' option with the appropriate protocol,  'https' if
    1949  * is_ssl() and 'http' otherwise. If $scheme is 'http' or 'https', is_ssl() is
     1949 * is_ssl and 'http' otherwise. If $scheme is 'http' or 'https', is_ssl is
    19501950 * overridden.
    19511951 *
    19521952 * @package WordPress
     
    19811981 * Retrieve the site url for the current site.
    19821982 *
    19831983 * Returns the 'site_url' option with the appropriate protocol,  'https' if
    1984  * is_ssl() and 'http' otherwise. If $scheme is 'http' or 'https', is_ssl() is
     1984 * is_ssl and 'http' otherwise. If $scheme is 'http' or 'https', is_ssl is
    19851985 * overridden.
    19861986 *
    19871987 * @package WordPress
     
    20012001 * Retrieve the site url for a given site.
    20022002 *
    20032003 * Returns the 'site_url' option with the appropriate protocol,  'https' if
    2004  * is_ssl() and 'http' otherwise. If $scheme is 'http' or 'https', is_ssl() is
     2004 * is_ssl and 'http' otherwise. If $scheme is 'http' or 'https', is_ssl is
    20052005 * overridden.
    20062006 *
    20072007 * @package WordPress
     
    20472047 * @since 2.6.0
    20482048 *
    20492049 * @param string $path Optional path relative to the admin url
    2050  * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl(). 'http' or 'https' can be passed to force those schemes.
     2050 * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl. 'http' or 'https' can be passed to force those schemes.
    20512051 * @return string Admin url link with optional path appended
    20522052*/
    20532053function admin_url( $path = '', $scheme = 'admin' ) {
     
    20622062 *
    20632063 * @param int $blog_id (optional) Blog ID. Defaults to current blog.
    20642064 * @param string $path Optional path relative to the admin url
    2065  * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl(). 'http' or 'https' can be passed to force those schemes.
     2065 * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl. 'http' or 'https' can be passed to force those schemes.
    20662066 * @return string Admin url link with optional path appended
    20672067*/
    20682068function get_admin_url( $blog_id = null, $path = '', $scheme = 'admin' ) {
     
    21022102 * @return string Content url link with optional path appended.
    21032103*/
    21042104function content_url($path = '') {
    2105         $url = WP_CONTENT_URL;
    2106         if ( 0 === strpos($url, 'http') && is_ssl() )
    2107                 $url = str_replace( 'http://', 'https://', $url );
     2105        $url = scheme( WP_CONTENT_URL );
    21082106
    21092107        if ( !empty($path) && is_string($path) && strpos($path, '..') === false )
    21102108                $url .= '/' . ltrim($path, '/');
     
    21362134        else
    21372135                $url = WP_PLUGIN_URL;
    21382136
    2139         if ( 0 === strpos($url, 'http') && is_ssl() )
    2140                 $url = str_replace( 'http://', 'https://', $url );
     2137    $url = scheme($url);
    21412138
    21422139        if ( !empty($plugin) && is_string($plugin) ) {
    21432140                $folder = dirname(plugin_basename($plugin));
     
    21552152 * Retrieve the site url for the current network.
    21562153 *
    21572154 * Returns the site url with the appropriate protocol,  'https' if
    2158  * is_ssl() and 'http' otherwise. If $scheme is 'http' or 'https', is_ssl() is
     2155 * is_ssl and 'http' otherwise. If $scheme is 'http' or 'https', is_ssl is
    21592156 * overridden.
    21602157 *
    21612158 * @package WordPress
     
    21952192 * Retrieve the home url for the current network.
    21962193 *
    21972194 * Returns the home url with the appropriate protocol,  'https' if
    2198  * is_ssl() and 'http' otherwise. If $scheme is 'http' or 'https', is_ssl() is
     2195 * is_ssl and 'http' otherwise. If $scheme is 'http' or 'https', is_ssl is
    21992196 * overridden.
    22002197 *
    22012198 * @package WordPress
     
    22312228 * @since 3.0.0
    22322229 *
    22332230 * @param string $path Optional path relative to the admin url
    2234  * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl(). 'http' or 'https' can be passed to force those schemes.
     2231 * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl. 'http' or 'https' can be passed to force those schemes.
    22352232 * @return string Admin url link with optional path appended
    22362233*/
    22372234function network_admin_url( $path = '', $scheme = 'admin' ) {
     
    22532250 * @since 3.0.0
    22542251 *
    22552252 * @param string $path Optional path relative to the admin url
    2256  * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl(). 'http' or 'https' can be passed to force those schemes.
     2253 * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl. 'http' or 'https' can be passed to force those schemes.
    22572254 * @return string Admin url link with optional path appended
    22582255*/
    22592256function user_admin_url( $path = '', $scheme = 'admin' ) {
     
    22722269 * @since 3.1.0
    22732270 *
    22742271 * @param string $path Optional path relative to the admin url
    2275  * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl(). 'http' or 'https' can be passed to force those schemes.
     2272 * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl. 'http' or 'https' can be passed to force those schemes.
    22762273 * @return string Admin url link with optional path appended
    22772274*/
    22782275function self_admin_url($path = '', $scheme = 'admin') {
     
    22952292 *
    22962293 * @param int $user_id User ID
    22972294 * @param string $path Optional path relative to the dashboard.  Use only paths known to both blog and user admins.
    2298  * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl(). 'http' or 'https' can be passed to force those schemes.
     2295 * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl. 'http' or 'https' can be passed to force those schemes.
    22992296 * @return string Dashboard url link with optional path appended
    23002297 */
    23012298function get_dashboard_url( $user_id, $path = '', $scheme = 'admin' ) {
     
    23282325 * @since 3.1.0
    23292326 *
    23302327 * @param int $user User ID
    2331  * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl(). 'http' or 'https' can be passed to force those schemes.
     2328 * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl. 'http' or 'https' can be passed to force those schemes.
    23322329 * @return string Dashboard url link with optional path appended
    23332330 */
    23342331function get_edit_profile_url( $user, $scheme = 'admin' ) {
  • wp-includes/ms-functions.php

    diff -r 0c4c93d6bc0c wp-includes/ms-functions.php
    a b  
    20352035
    20362036        $arrURL = parse_url( $url );
    20372037
    2038         if ( force_ssl_content() && is_ssl() ) {
    2039                 if ( 'http' === $arrURL['scheme'] && 'https' !== $arrURL['scheme'] )
    2040                         $url = str_replace( $arrURL['scheme'], 'https', $url );
     2038        if ( 'http' === $arrURL['scheme'] && force_ssl_content() && is_ssl()  ) {
     2039        $url = str_replace( $arrURL['scheme'], 'https', $url );
    20412040        }
    20422041
    20432042        return $url;
  • wp-includes/nav-menu-template.php

    diff -r 0c4c93d6bc0c wp-includes/nav-menu-template.php
    a b  
    360360
    361361                // if the menu item corresponds to the currently-requested URL
    362362                } elseif ( 'custom' == $menu_item->object ) {
    363                         $current_url = untrailingslashit( ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
     363                        $current_url = untrailingslashit( scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ) );
    364364                        $item_url = untrailingslashit( strpos( $menu_item->url, '#' ) ? substr( $menu_item->url, 0, strpos( $menu_item->url, '#' ) ) : $menu_item->url );
    365365                        $_indexless_current = untrailingslashit( preg_replace( '/index.php$/', '', $current_url ) );
    366366
  • wp-includes/pluggable.php

    diff -r 0c4c93d6bc0c wp-includes/pluggable.php
    a b  
    799799function auth_redirect() {
    800800        // Checks if a user is logged in, if not redirects them to the login page
    801801
    802         $secure = ( is_ssl() || force_ssl_admin() );
    803 
    804         $secure = apply_filters('secure_auth_redirect', $secure);
    805 
    806         // If https is required and request is http, redirect
    807         if ( $secure && !is_ssl() && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin') ) {
    808                 if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
    809                         wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
    810                         exit();
    811                 } else {
    812                         wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
    813                         exit();
    814                 }
    815         }
     802    $secure = ssl_redirect();
    816803
    817804        if ( is_user_admin() )
    818805                $scheme = 'logged_in';
     
    824811
    825812                // If the user wants ssl but the session is not ssl, redirect.
    826813                if ( !$secure && get_user_option('use_ssl', $user_id) && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin') ) {
    827                         if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
    828                                 wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
    829                                 exit();
    830                         } else {
    831                                 wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
    832                                 exit();
    833                         }
     814                        do_ssl_redirect();
    834815                }
    835816
    836817                return;  // The cookie is good so we're done
     
    839820        // The cookie is no good so force login
    840821        nocache_headers();
    841822
    842         if ( is_ssl() )
    843                 $proto = 'https://';
    844         else
    845                 $proto = 'http://';
     823        if ( strpos($_SERVER['REQUEST_URI'], '/options.php') && wp_get_referer() ) {
     824        $redirect = wp_get_referer();
     825    }
     826    else {
     827        $redirect = scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
     828    }
    846829
    847         $redirect = ( strpos($_SERVER['REQUEST_URI'], '/options.php') && wp_get_referer() ) ? wp_get_referer() : $proto . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
    848 
    849         $login_url = wp_login_url($redirect, true);
    850 
    851         wp_redirect($login_url);
     830        wp_redirect( wp_login_url($redirect, true) );
    852831        exit();
    853832}
    854833endif;
  • wp-includes/theme.php

    diff -r 0c4c93d6bc0c wp-includes/theme.php
    a b  
    14371437        if ( is_random_header_image() )
    14381438                $url = get_random_header_image();
    14391439
    1440         if ( is_ssl() )
    1441                 $url = str_replace( 'http://', 'https://', $url );
    1442         else
    1443                 $url = str_replace( 'https://', 'http://', $url );
    1444 
    1445         return esc_url_raw( $url );
     1440        return esc_url_raw( scheme( $url ) );
    14461441}
    14471442
    14481443/**
  • wp-login.php

    diff -r 0c4c93d6bc0c wp-login.php
    a b  
    1212require( dirname(__FILE__) . '/wp-load.php' );
    1313
    1414// Redirect to https login if forced to use SSL
    15 if ( force_ssl_admin() && !is_ssl() ) {
    16         if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
    17                 wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
    18                 exit();
    19         } else {
    20                 wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
    21                 exit();
    22         }
    23 }
     15ssl_redirect();
    2416
    2517/**
    2618 * Outputs the header for the login page.
     
    356348        if ( isset( $_SERVER['PATH_INFO'] ) && ($_SERVER['PATH_INFO'] != $_SERVER['PHP_SELF']) )
    357349                $_SERVER['PHP_SELF'] = str_replace( $_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF'] );
    358350
    359         $schema = is_ssl() ? 'https://' : 'http://';
    360         if ( dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']) != get_option('siteurl') )
    361                 update_option('siteurl', dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']) );
     351        $path = dirname( scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] ) );
     352        if ( $path != get_option('siteurl') )
     353                update_option('siteurl', $path);
    362354}
    363355
    364356//Set a cookie now to see if they are supported by the browser.
  • wp-signup.php

    diff -r 0c4c93d6bc0c wp-signup.php
    a b  
    399399if ( $active_signup == 'none' ) {
    400400        _e( 'Registration has been disabled.' );
    401401} elseif ( $active_signup == 'blog' && !is_user_logged_in() ) {
    402         if ( is_ssl() )
    403                 $proto = 'https://';
    404         else
    405                 $proto = 'http://';
    406         $login_url = site_url( 'wp-login.php?redirect_to=' . urlencode($proto . $_SERVER['HTTP_HOST'] . '/wp-signup.php' ));
     402        $login_url = site_url( 'wp-login.php?redirect_to=' . urlencode( scheme( 'http://' . $_SERVER['HTTP_HOST'] . '/wp-signup.php' )));
    407403        echo sprintf( __( 'You must first <a href="%s">log in</a>, and then you can create a new site.' ), $login_url );
    408404} else {
    409405        $stage = isset( $_POST['stage'] ) ?  $_POST['stage'] : 'default';