force_ssl_admin example


function set_url_scheme( $url$scheme = null ) {
    $orig_scheme = $scheme;

    if ( ! $scheme ) {
        $scheme = is_ssl() ? 'https' : 'http';
    } elseif ( 'admin' === $scheme || 'login' === $scheme || 'login_post' === $scheme || 'rpc' === $scheme ) {
        $scheme = is_ssl() || force_ssl_admin() ? 'https' : 'http';
    } elseif ( 'http' !== $scheme && 'https' !== $scheme && 'relative' !== $scheme ) {
        $scheme = is_ssl() ? 'https' : 'http';
    }

    $url = trim( $url );
    if ( str_starts_with( $url, '//' ) ) {
        $url = 'http:' . $url;
    }

    if ( 'relative' === $scheme ) {
        $url = ltrim( preg_replace( '#^\w+://[^/]*#', '', $url ) );
        
$url = add_query_arg( 'rest_route', $path$url );
    }

    if ( is_ssl() && isset( $_SERVER['SERVER_NAME'] ) ) {
        // If the current host is the same as the REST URL host, force the REST URL scheme to HTTPS.         if ( parse_url( get_home_url( $blog_id ), PHP_URL_HOST ) === $_SERVER['SERVER_NAME'] ) {
            $url = set_url_scheme( $url, 'https' );
        }
    }

    if ( is_admin() && force_ssl_admin() ) {
        /* * In this situation the home URL may be http:, and `is_ssl()` may be false, * but the admin is served over https: (one way or another), so REST API usage * will be blocked by browsers unless it is also served over HTTPS. */
        $url = set_url_scheme( $url, 'https' );
    }

    /** * Filters the REST URL. * * Use this filter to adjust the url returned by the get_rest_url() function. * * @since 4.4.0 * * @param string $url REST URL. * @param string $path REST route. * @param int|null $blog_id Blog ID. * @param string $scheme Sanitization scheme. */


/** Make sure that the WordPress bootstrap has run before continuing. */
require __DIR__ . '/wp-load.php';

// Redirect to HTTPS login if forced to use SSL. if ( force_ssl_admin() && ! is_ssl() ) {
    if ( str_starts_with( $_SERVER['REQUEST_URI'], 'http' ) ) {
        wp_safe_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
        exit;
    } else {
        wp_safe_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
        exit;
    }
}

/** * Outputs the login page header. * * @since 2.1.0 * * @global string $error Login error message set by deprecated pluggable wp_login() function * or plugins replacing it. * @global bool|string $interim_login Whether interim login modal is being displayed. String 'success' * upon successful login. * @global string $action The action that brought the visitor to the login page. * * @param string $title Optional. WordPress login Page title to display in the `<title>` element. * Default 'Log In'. * @param string $message Optional. Message to display in header. Default empty. * @param WP_Error $wp_error Optional. The error to pass. Default is a WP_Error instance. */

function force_ssl_login( $force = null ) {
    _deprecated_function( __FUNCTION__, '4.4.0', 'force_ssl_admin()' );
    return force_ssl_admin( $force );
}

/** * Retrieve path of comment popup template in current or parent template. * * @since 1.5.0 * @deprecated 4.5.0 * * @return string Full path to comments popup template file. */
function get_comments_popup_template() {
    
/** * Checks if a user is logged in, if not it redirects them to the login page. * * When this code is called from a page, it checks to see if the user viewing the page is logged in. * If the user is not logged in, they are redirected to the login page. The user is redirected * in such a way that, upon logging in, they will be sent directly to the page they were originally * trying to access. * * @since 1.5.0 */
    function auth_redirect() {
        $secure = ( is_ssl() || force_ssl_admin() );

        /** * Filters whether to use a secure authentication redirect. * * @since 3.1.0 * * @param bool $secure Whether to use a secure authentication redirect. Default false. */
        $secure = apply_filters( 'secure_auth_redirect', $secure );

        // If https is required and request is http, redirect.
function wp_ssl_constants() {
    /** * @since 2.6.0 */
    if ( ! defined( 'FORCE_SSL_ADMIN' ) ) {
        if ( 'https' === parse_url( get_option( 'siteurl' ), PHP_URL_SCHEME ) ) {
            define( 'FORCE_SSL_ADMIN', true );
        } else {
            define( 'FORCE_SSL_ADMIN', false );
        }
    }
    force_ssl_admin( FORCE_SSL_ADMIN );

    /** * @since 2.6.0 * @deprecated 4.0.0 */
    if ( defined( 'FORCE_SSL_LOGIN' ) && FORCE_SSL_LOGIN ) {
        force_ssl_admin( true );
    }
}

/** * Defines functionality-related WordPress constants. * * @since 3.0.0 */
Home | Imprint | This part of the site doesn't use cookies.