mirror of
https://github.com/WordPress/WordPress.git
synced 2024-06-25 06:14:58 +02:00
More use of site_url(), admin_url(), and site_url(). Force login and admin links to be https if FORCE_SSL_LOGIN. see #7001
git-svn-id: http://svn.automattic.com/wordpress/trunk@8058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan
parent
ab39b3b321
commit
c790febe36
|
|
@ -7,7 +7,7 @@ else
|
|||
require_once('../wp-load.php');
|
||||
|
||||
if ( get_option('db_version') != $wp_db_version ) {
|
||||
wp_redirect(get_option('siteurl') . '/wp-admin/upgrade.php?_wp_http_referer=' . urlencode(stripslashes($_SERVER['REQUEST_URI'])));
|
||||
wp_redirect(admin_url('upgrade.php?_wp_http_referer=' . urlencode(stripslashes($_SERVER['REQUEST_URI']))));
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -33,9 +33,9 @@ function get_sidebar( $name = null ) {
|
|||
|
||||
function wp_loginout() {
|
||||
if ( ! is_user_logged_in() )
|
||||
$link = '<a href="' . get_option('siteurl') . '/wp-login.php">' . __('Log in') . '</a>';
|
||||
$link = '<a href="' . site_url('wp-login.php', 'forceable') . '">' . __('Log in') . '</a>';
|
||||
else
|
||||
$link = '<a href="' . get_option('siteurl') . '/wp-login.php?action=logout">' . __('Log out') . '</a>';
|
||||
$link = '<a href="' . site_url('wp-login.php?action=logout', 'forceable') . '">' . __('Log out') . '</a>';
|
||||
|
||||
echo apply_filters('loginout', $link);
|
||||
}
|
||||
|
|
@ -45,11 +45,11 @@ function wp_register( $before = '<li>', $after = '</li>' ) {
|
|||
|
||||
if ( ! is_user_logged_in() ) {
|
||||
if ( get_option('users_can_register') )
|
||||
$link = $before . '<a href="' . get_option('siteurl') . '/wp-login.php?action=register">' . __('Register') . '</a>' . $after;
|
||||
$link = $before . '<a href="' . site_url('wp-login.php?action=register', 'forceable') . '">' . __('Register') . '</a>' . $after;
|
||||
else
|
||||
$link = '';
|
||||
} else {
|
||||
$link = $before . '<a href="' . get_option('siteurl') . '/wp-admin/">' . __('Site Admin') . '</a>' . $after;
|
||||
$link = $before . '<a href="' . admin_url() . '">' . __('Site Admin') . '</a>' . $after;
|
||||
}
|
||||
|
||||
echo apply_filters('register', $link);
|
||||
|
|
|
|||
|
|
@ -750,7 +750,7 @@ function get_shortcut_link() {
|
|||
var k=d.getSelection;
|
||||
var x=d.selection;
|
||||
var s=(e?e():(k)?k():(x?x.createRange().text:0));
|
||||
var f='" . get_settings('siteurl') . '/wp-admin/press-this.php' . "';
|
||||
var f='" . admin_url('press-this.php') . "';
|
||||
var l=d.location;
|
||||
var e=encodeURIComponent;
|
||||
var u= '?u=' + e(l.href);
|
||||
|
|
@ -779,8 +779,12 @@ function get_shortcut_link() {
|
|||
// if $scheme is 'http' or 'https' it will override is_ssl()
|
||||
function site_url($path = '', $scheme = null) {
|
||||
// should the list of allowed schemes be maintained elsewhere?
|
||||
if ( !in_array($scheme, array('http', 'https')) )
|
||||
$scheme = ( is_ssl() ? 'https' : 'http' );
|
||||
if ( !in_array($scheme, array('http', 'https')) ) {
|
||||
if ( ('forceable' == $scheme) && (defined('FORCE_SSL_LOGIN') && FORCE_SSL_LOGIN) )
|
||||
$scheme = 'https';
|
||||
else
|
||||
$scheme = ( is_ssl() ? 'https' : 'http' );
|
||||
}
|
||||
|
||||
$url = str_replace( 'http://', "{$scheme}://", get_option('siteurl') );
|
||||
|
||||
|
|
@ -793,7 +797,7 @@ function site_url($path = '', $scheme = null) {
|
|||
function admin_url($path = '') {
|
||||
global $_wp_admin_url;
|
||||
|
||||
$url = site_url() . '/wp-admin/';
|
||||
$url = site_url('wp-admin/', 'forceable');
|
||||
|
||||
if ( !empty($path) && is_string($path) && strpos($path, '..') === false )
|
||||
$url .= ltrim($path, '/');
|
||||
|
|
|
|||
|
|
@ -643,11 +643,8 @@ function auth_redirect() {
|
|||
// The cookie is no good so force login
|
||||
nocache_headers();
|
||||
|
||||
$login_url = get_option('siteurl') . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']);
|
||||
$login_url = site_url( 'wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']), 'forceable' );
|
||||
|
||||
// Redirect to https if connection is secure
|
||||
if ( $secure )
|
||||
$login_url = str_replace('http://', 'https://', $login_url);
|
||||
wp_redirect($login_url);
|
||||
exit();
|
||||
}
|
||||
|
|
@ -664,7 +661,7 @@ if ( !function_exists('check_admin_referer') ) :
|
|||
* @param string $query_arg where to look for nonce in $_REQUEST (since 2.5)
|
||||
*/
|
||||
function check_admin_referer($action = -1, $query_arg = '_wpnonce') {
|
||||
$adminurl = strtolower(get_option('siteurl')).'/wp-admin';
|
||||
$adminurl = strtolower(admin_url());
|
||||
$referer = strtolower(wp_get_referer());
|
||||
$result = wp_verify_nonce($_REQUEST[$query_arg], $action);
|
||||
if ( !$result && !(-1 == $action && strpos($referer, $adminurl) !== false) ) {
|
||||
|
|
@ -794,7 +791,7 @@ function wp_safe_redirect($location, $status = 302) {
|
|||
$allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host']), isset($lp['host']) ? $lp['host'] : '');
|
||||
|
||||
if ( isset($lp['host']) && ( !in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host'])) )
|
||||
$location = get_option('siteurl') . '/wp-admin/';
|
||||
$location = admin_url();
|
||||
|
||||
wp_redirect($location, $status);
|
||||
}
|
||||
|
|
@ -848,8 +845,8 @@ function wp_notify_postauthor($comment_id, $comment_type='') {
|
|||
$subject = sprintf( __('[%1$s] Pingback: "%2$s"'), $blogname, $post->post_title );
|
||||
}
|
||||
$notify_message .= get_permalink($comment->comment_post_ID) . "#comments\r\n\r\n";
|
||||
$notify_message .= sprintf( __('Delete it: %s'), get_option('siteurl')."/wp-admin/comment.php?action=cdc&c=$comment_id" ) . "\r\n";
|
||||
$notify_message .= sprintf( __('Spam it: %s'), get_option('siteurl')."/wp-admin/comment.php?action=cdc&dt=spam&c=$comment_id" ) . "\r\n";
|
||||
$notify_message .= sprintf( __('Delete it: %s'), admin_url("comment.php?action=cdc&c=$comment_id") ) . "\r\n";
|
||||
$notify_message .= sprintf( __('Spam it: %s'), admin_url("comment.php?action=cdc&dt=spam&c=$comment_id") ) . "\r\n";
|
||||
|
||||
$wp_email = 'wordpress@' . preg_replace('#^www\.#', '', strtolower($_SERVER['SERVER_NAME']));
|
||||
|
||||
|
|
@ -928,13 +925,13 @@ function wp_notify_moderator($comment_id) {
|
|||
break;
|
||||
}
|
||||
|
||||
$notify_message .= sprintf( __('Approve it: %s'), get_option('siteurl')."/wp-admin/comment.php?action=mac&c=$comment_id" ) . "\r\n";
|
||||
$notify_message .= sprintf( __('Delete it: %s'), get_option('siteurl')."/wp-admin/comment.php?action=cdc&c=$comment_id" ) . "\r\n";
|
||||
$notify_message .= sprintf( __('Spam it: %s'), get_option('siteurl')."/wp-admin/comment.php?action=cdc&dt=spam&c=$comment_id" ) . "\r\n";
|
||||
$notify_message .= sprintf( __('Approve it: %s'), admin_url("comment.php?action=mac&c=$comment_id") ) . "\r\n";
|
||||
$notify_message .= sprintf( __('Delete it: %s'), admin_url("comment.php?action=cdc&c=$comment_id") ) . "\r\n";
|
||||
$notify_message .= sprintf( __('Spam it: %s'), admin_url("comment.php?action=cdc&dt=spam&c=$comment_id") ) . "\r\n";
|
||||
|
||||
$notify_message .= sprintf( __ngettext('Currently %s comment is waiting for approval. Please visit the moderation panel:',
|
||||
'Currently %s comments are waiting for approval. Please visit the moderation panel:', $comments_waiting), number_format_i18n($comments_waiting) ) . "\r\n";
|
||||
$notify_message .= get_option('siteurl') . "/wp-admin/edit-comments.php?comment_status=moderated\r\n";
|
||||
$notify_message .= admin_url("edit-comments.php?comment_status=moderated") . "\r\n";
|
||||
|
||||
$subject = sprintf( __('[%1$s] Please moderate: "%2$s"'), get_option('blogname'), $post->post_title );
|
||||
$admin_email = get_option('admin_email');
|
||||
|
|
@ -974,7 +971,7 @@ function wp_new_user_notification($user_id, $plaintext_pass = '') {
|
|||
|
||||
$message = sprintf(__('Username: %s'), $user_login) . "\r\n";
|
||||
$message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n";
|
||||
$message .= get_option('siteurl') . "/wp-login.php\r\n";
|
||||
$message .= site_url("wp-login.php", 'forceable') . "\r\n";
|
||||
|
||||
wp_mail($user_email, sprintf(__('[%s] Your username and password'), get_option('blogname')), $message);
|
||||
|
||||
|
|
@ -1294,7 +1291,7 @@ function get_avatar( $id_or_email, $size = '96', $default = '' ) {
|
|||
elseif ( 'mystery' == $default )
|
||||
$default = "http://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s={$size}"; // ad516503a11cd5ca435acc9bb6523536 == md5('unknown@gravatar.com')
|
||||
elseif ( 'blank' == $default )
|
||||
$default = get_option('siteurl') . '/wp-includes/images/blank.gif';
|
||||
$default = includes_url('images/blank.gif');
|
||||
elseif ( !empty($email) && 'gravatar_default' == $default )
|
||||
$default = '';
|
||||
elseif ( 'gravatar_default' == $default )
|
||||
|
|
|
|||
|
|
@ -2392,7 +2392,7 @@ function wp_mime_type_icon( $mime = 0 ) {
|
|||
|
||||
if ( !is_array($icon_files) ) {
|
||||
$icon_dir = apply_filters( 'icon_dir', ABSPATH . WPINC . '/images/crystal' );
|
||||
$icon_dir_uri = apply_filters( 'icon_dir_uri', trailingslashit(get_option('siteurl')) . WPINC . '/images/crystal' );
|
||||
$icon_dir_uri = apply_filters( 'icon_dir_uri', includes_url('images/crystal') );
|
||||
$dirs = apply_filters( 'icon_dirs', array($icon_dir => $icon_dir_uri) );
|
||||
$icon_files = array();
|
||||
while ( $dirs ) {
|
||||
|
|
|
|||
|
|
@ -71,13 +71,13 @@ function wp_default_scripts( &$scripts ) {
|
|||
$scripts->add( 'suggest', '/wp-includes/js/jquery/suggest.js', array('jquery'), '1.1');
|
||||
$scripts->add( 'schedule', '/wp-includes/js/jquery/jquery.schedule.js', array('jquery'), '20');
|
||||
$scripts->add( 'thickbox', '/wp-includes/js/thickbox/thickbox.js', array('jquery'), '3.1-20080430');
|
||||
$scripts->add( 'swfupload', '/wp-includes/js/swfupload/swfupload.js', false, '2.0.2-20080430');
|
||||
$scripts->add( 'swfupload-degrade', '/wp-includes/js/swfupload/plugins/swfupload.graceful_degradation.js', array('swfupload'), '2.0.2');
|
||||
$scripts->add( 'swfupload', '/wp-includes/js/swfupload/swfupload.js', false, '2.1.0');
|
||||
$scripts->add( 'swfupload-degrade', '/wp-includes/js/swfupload/plugins/swfupload.graceful_degradation.js', array('swfupload'), '2.1.0');
|
||||
$scripts->localize( 'swfupload-degrade', 'uploadDegradeOptions', array(
|
||||
'is_lighttpd_before_150' => is_lighttpd_before_150(),
|
||||
) );
|
||||
$scripts->add( 'swfupload-queue', '/wp-includes/js/swfupload/plugins/swfupload.queue.js', array('swfupload'), '2.0.2');
|
||||
$scripts->add( 'swfupload-handlers', '/wp-includes/js/swfupload/handlers.js', array('swfupload'), '2.0.2-20080407');
|
||||
$scripts->add( 'swfupload-queue', '/wp-includes/js/swfupload/plugins/swfupload.queue.js', array('swfupload'), '2.1.0');
|
||||
$scripts->add( 'swfupload-handlers', '/wp-includes/js/swfupload/handlers.js', array('swfupload'), '2.1.0');
|
||||
// these error messages came from the sample swfupload js, they might need changing.
|
||||
$scripts->localize( 'swfupload-handlers', 'swfuploadL10n', array(
|
||||
'queue_limit_exceeded' => __('You have attempted to queue too many files.'),
|
||||
|
|
|
|||
|
|
@ -1073,9 +1073,9 @@ function wp_widget_rss($args, $widget_args = 1) {
|
|||
$title = apply_filters('widget_title', $title );
|
||||
$url = clean_url(strip_tags($url));
|
||||
if ( file_exists(dirname(__FILE__) . '/rss.png') )
|
||||
$icon = str_replace(ABSPATH, get_option('siteurl').'/', dirname(__FILE__)) . '/rss.png';
|
||||
$icon = str_replace(ABSPATH, site_url() . '/', dirname(__FILE__)) . '/rss.png';
|
||||
else
|
||||
$icon = get_option('siteurl').'/wp-includes/images/rss.png';
|
||||
$icon = includes_url('images/rss.png');
|
||||
$title = "<a class='rsswidget' href='$url' title='" . attribute_escape(__('Syndicate this content')) ."'><img style='background:orange;color:white;border:none;' width='14' height='14' src='$icon' alt='RSS' /></a> <a class='rsswidget' href='$link' title='$desc'>$title</a>";
|
||||
|
||||
echo $before_widget;
|
||||
|
|
|
|||
10
wp-login.php
10
wp-login.php
|
|
@ -380,8 +380,8 @@ case 'register' :
|
|||
</form>
|
||||
|
||||
<p id="nav">
|
||||
<a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Log in') ?></a> |
|
||||
<a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
|
||||
<a href="<?php site_url('wp-login.php', 'forceable') ?>"><?php _e('Log in') ?></a> |
|
||||
<a href="<?php site_url('wp-login.php?action=lostpassword') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
|
||||
</p>
|
||||
|
||||
</div>
|
||||
|
|
@ -454,10 +454,10 @@ default:
|
|||
<p id="nav">
|
||||
<?php if ( isset($_GET['checkemail']) && in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
|
||||
<?php elseif (get_option('users_can_register')) : ?>
|
||||
<a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=register"><?php _e('Register') ?></a> |
|
||||
<a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
|
||||
<a href="<?php site_url('wp-login.php?action=register') ?>"><?php _e('Register') ?></a> |
|
||||
<a href="<?php site_url('wp-login.php?action=lostpassword') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
|
||||
<?php else : ?>
|
||||
<a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
|
||||
<a href="<?php site_url('wp-login.php?action=lostpassword') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
|
||||
<?php endif; ?>
|
||||
</p>
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user