Changeset 8058

Timestamp:

06/06/08 07:39:11 (6 years ago)

Author:

ryan

Message:

More use of site_url(), admin_url(), and site_url(). Force login and admin links to be https if FORCE_SSL_LOGIN. see #7001

Location:

trunk

Files:

• wp-admin/admin.php (modified) (1 diff)
• wp-includes/general-template.php (modified) (2 diffs)
• wp-includes/link-template.php (modified) (3 diffs)
• wp-includes/pluggable.php (modified) (7 diffs)
• wp-includes/post.php (modified) (1 diff)
• wp-includes/script-loader.php (modified) (1 diff)
• wp-includes/widgets.php (modified) (1 diff)
• wp-login.php (modified) (2 diffs)

trunk/wp-admin/admin.php

@@ -8 +8 @@
 
 if ( get_option('db_version') != $wp_db_version ) {
-    wp_redirect(get_option('siteurl') . '/wp-admin/upgrade.php?_wp_http_referer=' . urlencode(stripslashes($_SERVER['REQUEST_URI'])));
+    wp_redirect(admin_url('upgrade.php?_wp_http_referer=' . urlencode(stripslashes($_SERVER['REQUEST_URI']))));
     exit;
 }

trunk/wp-includes/general-template.php

@@ -34 +34 @@
 function wp_loginout() {
     if ( ! is_user_logged_in() )
-        $link = '<a href="' . get_option('siteurl') . '/wp-login.php">' . __('Log in') . '</a>';
+        $link = '<a href="' . site_url('wp-login.php', 'forceable') . '">' . __('Log in') . '</a>';
     else
-        $link = '<a href="' . get_option('siteurl') . '/wp-login.php?action=logout">' . __('Log out') . '</a>';
+        $link = '<a href="' . site_url('wp-login.php?action=logout', 'forceable') . '">' . __('Log out') . '</a>';
 
     echo apply_filters('loginout', $link);
@@ -46 +46 @@
     if ( ! is_user_logged_in() ) {
         if ( get_option('users_can_register') )
-            $link = $before . '<a href="' . get_option('siteurl') . '/wp-login.php?action=register">' . __('Register') . '</a>' . $after;
+            $link = $before . '<a href="' . site_url('wp-login.php?action=register', 'forceable') . '">' . __('Register') . '</a>' . $after;
         else
             $link = '';
     } else {
-        $link = $before . '<a href="' . get_option('siteurl') . '/wp-admin/">' . __('Site Admin') . '</a>' . $after;
+        $link = $before . '<a href="' . admin_url() . '">' . __('Site Admin') . '</a>' . $after;
     }
 

trunk/wp-includes/link-template.php

@@ -751 +751 @@
             var x=d.selection;
             var s=(e?e():(k)?k():(x?x.createRange().text:0));
-            var f='" . get_settings('siteurl') . '/wp-admin/press-this.php' . "';
+            var f='" . admin_url('press-this.php') . "';
             var l=d.location;
             var e=encodeURIComponent;
@@ -780 +780 @@
 function site_url($path = '', $scheme = null) {
     // should the list of allowed schemes be maintained elsewhere?
-    if ( !in_array($scheme, array('http', 'https')) )
-        $scheme = ( is_ssl() ? 'https' : 'http' );
+    if ( !in_array($scheme, array('http', 'https')) ) {
+        if ( ('forceable' == $scheme) && (defined('FORCE_SSL_LOGIN') && FORCE_SSL_LOGIN) )
+            $scheme = 'https';
+        else
+            $scheme = ( is_ssl() ? 'https' : 'http' );
+    }
 
     $url = str_replace( 'http://', "{$scheme}://", get_option('siteurl') );
@@ -794 +798 @@
     global $_wp_admin_url;
 
-    $url = site_url() . '/wp-admin/';
+    $url = site_url('wp-admin/', 'forceable');
 
     if ( !empty($path) && is_string($path) && strpos($path, '..') === false )

trunk/wp-includes/pluggable.php

@@ -644 +644 @@
     nocache_headers();
 
-    $login_url = get_option('siteurl') . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']);
-
-    //  Redirect to https if connection is secure
-    if ( $secure )
-        $login_url = str_replace('http://', 'https://', $login_url);
+    $login_url = site_url( 'wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']), 'forceable' );
+
     wp_redirect($login_url);
     exit();
@@ -665 +662 @@
  */
 function check_admin_referer($action = -1, $query_arg = '_wpnonce') {
-    $adminurl = strtolower(get_option('siteurl')).'/wp-admin';
+    $adminurl = strtolower(admin_url());
     $referer = strtolower(wp_get_referer());
     $result = wp_verify_nonce($_REQUEST[$query_arg], $action);
@@ -795 +792 @@
 
     if ( isset($lp['host']) && ( !in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host'])) )
-        $location = get_option('siteurl') . '/wp-admin/';
+        $location = admin_url();
 
     wp_redirect($location, $status);
@@ -849 +846 @@
     }
     $notify_message .= get_permalink($comment->comment_post_ID) . "#comments\r\n\r\n";
-    $notify_message .= sprintf( __('Delete it: %s'), get_option('siteurl')."/wp-admin/comment.php?action=cdc&c=$comment_id" ) . "\r\n";
-    $notify_message .= sprintf( __('Spam it: %s'), get_option('siteurl')."/wp-admin/comment.php?action=cdc&dt=spam&c=$comment_id" ) . "\r\n";
+    $notify_message .= sprintf( __('Delete it: %s'), admin_url("comment.php?action=cdc&c=$comment_id") ) . "\r\n";
+    $notify_message .= sprintf( __('Spam it: %s'), admin_url("comment.php?action=cdc&dt=spam&c=$comment_id") ) . "\r\n";
 
     $wp_email = 'wordpress@' . preg_replace('#^www\.#', '', strtolower($_SERVER['SERVER_NAME']));
@@ -929 +926 @@
     }
 
-    $notify_message .= sprintf( __('Approve it: %s'),  get_option('siteurl')."/wp-admin/comment.php?action=mac&c=$comment_id" ) . "\r\n";
-    $notify_message .= sprintf( __('Delete it: %s'), get_option('siteurl')."/wp-admin/comment.php?action=cdc&c=$comment_id" ) . "\r\n";
-    $notify_message .= sprintf( __('Spam it: %s'), get_option('siteurl')."/wp-admin/comment.php?action=cdc&dt=spam&c=$comment_id" ) . "\r\n";
+    $notify_message .= sprintf( __('Approve it: %s'),  admin_url("comment.php?action=mac&c=$comment_id") ) . "\r\n";
+    $notify_message .= sprintf( __('Delete it: %s'), admin_url("comment.php?action=cdc&c=$comment_id") ) . "\r\n";
+    $notify_message .= sprintf( __('Spam it: %s'), admin_url("comment.php?action=cdc&dt=spam&c=$comment_id") ) . "\r\n";
 
     $notify_message .= sprintf( __ngettext('Currently %s comment is waiting for approval. Please visit the moderation panel:', 
         'Currently %s comments are waiting for approval. Please visit the moderation panel:', $comments_waiting), number_format_i18n($comments_waiting) ) . "\r\n";
-    $notify_message .= get_option('siteurl') . "/wp-admin/edit-comments.php?comment_status=moderated\r\n";
+    $notify_message .= admin_url("edit-comments.php?comment_status=moderated") . "\r\n";
 
     $subject = sprintf( __('[%1$s] Please moderate: "%2$s"'), get_option('blogname'), $post->post_title );
@@ -975 +972 @@
     $message  = sprintf(__('Username: %s'), $user_login) . "\r\n";
     $message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n";
-    $message .= get_option('siteurl') . "/wp-login.php\r\n";
+    $message .= site_url("wp-login.php", 'forceable') . "\r\n";
 
     wp_mail($user_email, sprintf(__('[%s] Your username and password'), get_option('blogname')), $message);
@@ -1295 +1292 @@
         $default = "http://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s={$size}"; // ad516503a11cd5ca435acc9bb6523536 == md5('unknown@gravatar.com')
     elseif ( 'blank' == $default )
-        $default = get_option('siteurl') . '/wp-includes/images/blank.gif';
+        $default = includes_url('images/blank.gif');
     elseif ( !empty($email) && 'gravatar_default' == $default )
         $default = '';

trunk/wp-includes/post.php

@@ -2393 +2393 @@
         if ( !is_array($icon_files) ) {
             $icon_dir = apply_filters( 'icon_dir', ABSPATH . WPINC . '/images/crystal' );
-            $icon_dir_uri = apply_filters( 'icon_dir_uri', trailingslashit(get_option('siteurl')) . WPINC . '/images/crystal' );
+            $icon_dir_uri = apply_filters( 'icon_dir_uri', includes_url('images/crystal') );
             $dirs = apply_filters( 'icon_dirs', array($icon_dir => $icon_dir_uri) );
             $icon_files = array();

trunk/wp-includes/script-loader.php

@@ -72 +72 @@
     $scripts->add( 'schedule', '/wp-includes/js/jquery/jquery.schedule.js', array('jquery'), '20');
     $scripts->add( 'thickbox', '/wp-includes/js/thickbox/thickbox.js', array('jquery'), '3.1-20080430');
-    $scripts->add( 'swfupload', '/wp-includes/js/swfupload/swfupload.js', false, '2.0.2-20080430');
-    $scripts->add( 'swfupload-degrade', '/wp-includes/js/swfupload/plugins/swfupload.graceful_degradation.js', array('swfupload'), '2.0.2');
+    $scripts->add( 'swfupload', '/wp-includes/js/swfupload/swfupload.js', false, '2.1.0');
+    $scripts->add( 'swfupload-degrade', '/wp-includes/js/swfupload/plugins/swfupload.graceful_degradation.js', array('swfupload'), '2.1.0');
     $scripts->localize( 'swfupload-degrade', 'uploadDegradeOptions', array(
         'is_lighttpd_before_150' => is_lighttpd_before_150(),
     ) );
-    $scripts->add( 'swfupload-queue', '/wp-includes/js/swfupload/plugins/swfupload.queue.js', array('swfupload'), '2.0.2');
-    $scripts->add( 'swfupload-handlers', '/wp-includes/js/swfupload/handlers.js', array('swfupload'), '2.0.2-20080407');
+    $scripts->add( 'swfupload-queue', '/wp-includes/js/swfupload/plugins/swfupload.queue.js', array('swfupload'), '2.1.0');
+    $scripts->add( 'swfupload-handlers', '/wp-includes/js/swfupload/handlers.js', array('swfupload'), '2.1.0');
     // these error messages came from the sample swfupload js, they might need changing.
     $scripts->localize( 'swfupload-handlers', 'swfuploadL10n', array(

trunk/wp-includes/widgets.php

@@ -1074 +1074 @@
     $url = clean_url(strip_tags($url));
     if ( file_exists(dirname(__FILE__) . '/rss.png') )
-        $icon = str_replace(ABSPATH, get_option('siteurl').'/', dirname(__FILE__)) . '/rss.png';
+        $icon = str_replace(ABSPATH, site_url() . '/', dirname(__FILE__)) . '/rss.png';
     else
-        $icon = get_option('siteurl').'/wp-includes/images/rss.png';
+        $icon = includes_url('images/rss.png');
     $title = "<a class='rsswidget' href='$url' title='" . attribute_escape(__('Syndicate this content')) ."'><img style='background:orange;color:white;border:none;' width='14' height='14' src='$icon' alt='RSS' /></a> <a class='rsswidget' href='$link' title='$desc'>$title</a>";
 

trunk/wp-login.php

@@ -381 +381 @@
 
 <p id="nav">
-<a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Log in') ?></a> |
-<a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
+<a href="<?php site_url('wp-login.php', 'forceable') ?>"><?php _e('Log in') ?></a> |
+<a href="<?php site_url('wp-login.php?action=lostpassword') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
 </p>
 
@@ -455 +455 @@
 <?php if ( isset($_GET['checkemail']) && in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
 <?php elseif (get_option('users_can_register')) : ?>
-<a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=register"><?php _e('Register') ?></a> |
-<a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
+<a href="<?php site_url('wp-login.php?action=register') ?>"><?php _e('Register') ?></a> |
+<a href="<?php site_url('wp-login.php?action=lostpassword') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
 <?php else : ?>
-<a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
+<a href="<?php site_url('wp-login.php?action=lostpassword') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
 <?php endif; ?>
 </p>