WordPress.org
Get WordPress

Make WordPress Core


Ignore:
Timestamp:
08/21/2008 05:40:38 PM (17 years ago)
Author:
ryan
Message:

Option to force SSL. see #7561

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/wp-includes/pluggable.php

    r8696 r8701  
    704704    }
    705705
    706     if ( wp_validate_auth_cookie() )
     706    if ( $user_id = wp_validate_auth_cookie() ) {
     707        // If the user wants ssl but the session is not ssl, redirect.
     708        if ( !$secure && get_user_option('use_ssl', $user_id) ) {
     709            if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
     710                wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
     711                exit();
     712            } else {
     713                wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
     714                exit();
     715            }
     716        }
     717
    707718        return;  // The cookie is good so we're done
     719    }
    708720
    709721    // The cookie is no good so force login
Note: See TracChangeset for help on using the changeset viewer.