More use of site_url(), admin_url(), and site_url(). Force login and admin links to be https if FORCE_SSL_LOGIN. see #7001

git-svn-id: http://svn.automattic.com/wordpress/trunk@8058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2008-06-06 07:39:11 +00:00
parent ab39b3b321
commit c790febe36
8 changed files with 36 additions and 35 deletions

View File

@ -7,7 +7,7 @@ else
require_once('../wp-load.php');
if ( get_option('db_version') != $wp_db_version ) {
wp_redirect(get_option('siteurl') . '/wp-admin/upgrade.php?_wp_http_referer=' . urlencode(stripslashes($_SERVER['REQUEST_URI'])));
wp_redirect(admin_url('upgrade.php?_wp_http_referer=' . urlencode(stripslashes($_SERVER['REQUEST_URI']))));
exit;
}

View File

@ -33,9 +33,9 @@ function get_sidebar( $name = null ) {
function wp_loginout() {
if ( ! is_user_logged_in() )
$link = '<a href="' . get_option('siteurl') . '/wp-login.php">' . __('Log in') . '</a>';
$link = '<a href="' . site_url('wp-login.php', 'forceable') . '">' . __('Log in') . '</a>';
else
$link = '<a href="' . get_option('siteurl') . '/wp-login.php?action=logout">' . __('Log out') . '</a>';
$link = '<a href="' . site_url('wp-login.php?action=logout', 'forceable') . '">' . __('Log out') . '</a>';
echo apply_filters('loginout', $link);
}
@ -45,11 +45,11 @@ function wp_register( $before = '<li>', $after = '</li>' ) {
if ( ! is_user_logged_in() ) {
if ( get_option('users_can_register') )
$link = $before . '<a href="' . get_option('siteurl') . '/wp-login.php?action=register">' . __('Register') . '</a>' . $after;
$link = $before . '<a href="' . site_url('wp-login.php?action=register', 'forceable') . '">' . __('Register') . '</a>' . $after;
else
$link = '';
} else {
$link = $before . '<a href="' . get_option('siteurl') . '/wp-admin/">' . __('Site Admin') . '</a>' . $after;
$link = $before . '<a href="' . admin_url() . '">' . __('Site Admin') . '</a>' . $after;
}
echo apply_filters('register', $link);

View File

@ -750,7 +750,7 @@ function get_shortcut_link() {
var k=d.getSelection;
var x=d.selection;
var s=(e?e():(k)?k():(x?x.createRange().text:0));
var f='" . get_settings('siteurl') . '/wp-admin/press-this.php' . "';
var f='" . admin_url('press-this.php') . "';
var l=d.location;
var e=encodeURIComponent;
var u= '?u=' + e(l.href);
@ -779,8 +779,12 @@ function get_shortcut_link() {
// if $scheme is 'http' or 'https' it will override is_ssl()
function site_url($path = '', $scheme = null) {
// should the list of allowed schemes be maintained elsewhere?
if ( !in_array($scheme, array('http', 'https')) )
$scheme = ( is_ssl() ? 'https' : 'http' );
if ( !in_array($scheme, array('http', 'https')) ) {
if ( ('forceable' == $scheme) && (defined('FORCE_SSL_LOGIN') && FORCE_SSL_LOGIN) )
$scheme = 'https';
else
$scheme = ( is_ssl() ? 'https' : 'http' );
}
$url = str_replace( 'http://', "{$scheme}://", get_option('siteurl') );
@ -793,7 +797,7 @@ function site_url($path = '', $scheme = null) {
function admin_url($path = '') {
global $_wp_admin_url;
$url = site_url() . '/wp-admin/';
$url = site_url('wp-admin/', 'forceable');
if ( !empty($path) && is_string($path) && strpos($path, '..') === false )
$url .= ltrim($path, '/');

View File

@ -643,11 +643,8 @@ function auth_redirect() {
// The cookie is no good so force login
nocache_headers();
$login_url = get_option('siteurl') . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']);
$login_url = site_url( 'wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']), 'forceable' );
// Redirect to https if connection is secure
if ( $secure )
$login_url = str_replace('http://', 'https://', $login_url);
wp_redirect($login_url);
exit();
}
@ -664,7 +661,7 @@ if ( !function_exists('check_admin_referer') ) :
* @param string $query_arg where to look for nonce in $_REQUEST (since 2.5)
*/
function check_admin_referer($action = -1, $query_arg = '_wpnonce') {
$adminurl = strtolower(get_option('siteurl')).'/wp-admin';
$adminurl = strtolower(admin_url());
$referer = strtolower(wp_get_referer());
$result = wp_verify_nonce($_REQUEST[$query_arg], $action);
if ( !$result && !(-1 == $action && strpos($referer, $adminurl) !== false) ) {
@ -794,7 +791,7 @@ function wp_safe_redirect($location, $status = 302) {
$allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host']), isset($lp['host']) ? $lp['host'] : '');
if ( isset($lp['host']) && ( !in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host'])) )
$location = get_option('siteurl') . '/wp-admin/';
$location = admin_url();
wp_redirect($location, $status);
}
@ -848,8 +845,8 @@ function wp_notify_postauthor($comment_id, $comment_type='') {
$subject = sprintf( __('[%1$s] Pingback: "%2$s"'), $blogname, $post->post_title );
}
$notify_message .= get_permalink($comment->comment_post_ID) . "#comments\r\n\r\n";
$notify_message .= sprintf( __('Delete it: %s'), get_option('siteurl')."/wp-admin/comment.php?action=cdc&c=$comment_id" ) . "\r\n";
$notify_message .= sprintf( __('Spam it: %s'), get_option('siteurl')."/wp-admin/comment.php?action=cdc&dt=spam&c=$comment_id" ) . "\r\n";
$notify_message .= sprintf( __('Delete it: %s'), admin_url("comment.php?action=cdc&c=$comment_id") ) . "\r\n";
$notify_message .= sprintf( __('Spam it: %s'), admin_url("comment.php?action=cdc&dt=spam&c=$comment_id") ) . "\r\n";
$wp_email = 'wordpress@' . preg_replace('#^www\.#', '', strtolower($_SERVER['SERVER_NAME']));
@ -928,13 +925,13 @@ function wp_notify_moderator($comment_id) {
break;
}
$notify_message .= sprintf( __('Approve it: %s'), get_option('siteurl')."/wp-admin/comment.php?action=mac&c=$comment_id" ) . "\r\n";
$notify_message .= sprintf( __('Delete it: %s'), get_option('siteurl')."/wp-admin/comment.php?action=cdc&c=$comment_id" ) . "\r\n";
$notify_message .= sprintf( __('Spam it: %s'), get_option('siteurl')."/wp-admin/comment.php?action=cdc&dt=spam&c=$comment_id" ) . "\r\n";
$notify_message .= sprintf( __('Approve it: %s'), admin_url("comment.php?action=mac&c=$comment_id") ) . "\r\n";
$notify_message .= sprintf( __('Delete it: %s'), admin_url("comment.php?action=cdc&c=$comment_id") ) . "\r\n";
$notify_message .= sprintf( __('Spam it: %s'), admin_url("comment.php?action=cdc&dt=spam&c=$comment_id") ) . "\r\n";
$notify_message .= sprintf( __ngettext('Currently %s comment is waiting for approval. Please visit the moderation panel:',
'Currently %s comments are waiting for approval. Please visit the moderation panel:', $comments_waiting), number_format_i18n($comments_waiting) ) . "\r\n";
$notify_message .= get_option('siteurl') . "/wp-admin/edit-comments.php?comment_status=moderated\r\n";
$notify_message .= admin_url("edit-comments.php?comment_status=moderated") . "\r\n";
$subject = sprintf( __('[%1$s] Please moderate: "%2$s"'), get_option('blogname'), $post->post_title );
$admin_email = get_option('admin_email');
@ -974,7 +971,7 @@ function wp_new_user_notification($user_id, $plaintext_pass = '') {
$message = sprintf(__('Username: %s'), $user_login) . "\r\n";
$message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n";
$message .= get_option('siteurl') . "/wp-login.php\r\n";
$message .= site_url("wp-login.php", 'forceable') . "\r\n";
wp_mail($user_email, sprintf(__('[%s] Your username and password'), get_option('blogname')), $message);
@ -1294,7 +1291,7 @@ function get_avatar( $id_or_email, $size = '96', $default = '' ) {
elseif ( 'mystery' == $default )
$default = "http://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s={$size}"; // ad516503a11cd5ca435acc9bb6523536 == md5('unknown@gravatar.com')
elseif ( 'blank' == $default )
$default = get_option('siteurl') . '/wp-includes/images/blank.gif';
$default = includes_url('images/blank.gif');
elseif ( !empty($email) && 'gravatar_default' == $default )
$default = '';
elseif ( 'gravatar_default' == $default )

View File

@ -2392,7 +2392,7 @@ function wp_mime_type_icon( $mime = 0 ) {
if ( !is_array($icon_files) ) {
$icon_dir = apply_filters( 'icon_dir', ABSPATH . WPINC . '/images/crystal' );
$icon_dir_uri = apply_filters( 'icon_dir_uri', trailingslashit(get_option('siteurl')) . WPINC . '/images/crystal' );
$icon_dir_uri = apply_filters( 'icon_dir_uri', includes_url('images/crystal') );
$dirs = apply_filters( 'icon_dirs', array($icon_dir => $icon_dir_uri) );
$icon_files = array();
while ( $dirs ) {

View File

@ -71,13 +71,13 @@ function wp_default_scripts( &$scripts ) {
$scripts->add( 'suggest', '/wp-includes/js/jquery/suggest.js', array('jquery'), '1.1');
$scripts->add( 'schedule', '/wp-includes/js/jquery/jquery.schedule.js', array('jquery'), '20');
$scripts->add( 'thickbox', '/wp-includes/js/thickbox/thickbox.js', array('jquery'), '3.1-20080430');
$scripts->add( 'swfupload', '/wp-includes/js/swfupload/swfupload.js', false, '2.0.2-20080430');
$scripts->add( 'swfupload-degrade', '/wp-includes/js/swfupload/plugins/swfupload.graceful_degradation.js', array('swfupload'), '2.0.2');
$scripts->add( 'swfupload', '/wp-includes/js/swfupload/swfupload.js', false, '2.1.0');
$scripts->add( 'swfupload-degrade', '/wp-includes/js/swfupload/plugins/swfupload.graceful_degradation.js', array('swfupload'), '2.1.0');
$scripts->localize( 'swfupload-degrade', 'uploadDegradeOptions', array(
'is_lighttpd_before_150' => is_lighttpd_before_150(),
) );
$scripts->add( 'swfupload-queue', '/wp-includes/js/swfupload/plugins/swfupload.queue.js', array('swfupload'), '2.0.2');
$scripts->add( 'swfupload-handlers', '/wp-includes/js/swfupload/handlers.js', array('swfupload'), '2.0.2-20080407');
$scripts->add( 'swfupload-queue', '/wp-includes/js/swfupload/plugins/swfupload.queue.js', array('swfupload'), '2.1.0');
$scripts->add( 'swfupload-handlers', '/wp-includes/js/swfupload/handlers.js', array('swfupload'), '2.1.0');
// these error messages came from the sample swfupload js, they might need changing.
$scripts->localize( 'swfupload-handlers', 'swfuploadL10n', array(
'queue_limit_exceeded' => __('You have attempted to queue too many files.'),

View File

@ -1073,9 +1073,9 @@ function wp_widget_rss($args, $widget_args = 1) {
$title = apply_filters('widget_title', $title );
$url = clean_url(strip_tags($url));
if ( file_exists(dirname(__FILE__) . '/rss.png') )
$icon = str_replace(ABSPATH, get_option('siteurl').'/', dirname(__FILE__)) . '/rss.png';
$icon = str_replace(ABSPATH, site_url() . '/', dirname(__FILE__)) . '/rss.png';
else
$icon = get_option('siteurl').'/wp-includes/images/rss.png';
$icon = includes_url('images/rss.png');
$title = "<a class='rsswidget' href='$url' title='" . attribute_escape(__('Syndicate this content')) ."'><img style='background:orange;color:white;border:none;' width='14' height='14' src='$icon' alt='RSS' /></a> <a class='rsswidget' href='$link' title='$desc'>$title</a>";
echo $before_widget;

View File

@ -380,8 +380,8 @@ case 'register' :
</form>
<p id="nav">
<a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Log in') ?></a> |
<a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
<a href="<?php site_url('wp-login.php', 'forceable') ?>"><?php _e('Log in') ?></a> |
<a href="<?php site_url('wp-login.php?action=lostpassword') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
</p>
</div>
@ -454,10 +454,10 @@ default:
<p id="nav">
<?php if ( isset($_GET['checkemail']) && in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
<?php elseif (get_option('users_can_register')) : ?>
<a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=register"><?php _e('Register') ?></a> |
<a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
<a href="<?php site_url('wp-login.php?action=register') ?>"><?php _e('Register') ?></a> |
<a href="<?php site_url('wp-login.php?action=lostpassword') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
<?php else : ?>
<a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
<a href="<?php site_url('wp-login.php?action=lostpassword') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
<?php endif; ?>
</p>