Skip to content

Instantly share code, notes, and snippets.

@tott
Created August 28, 2012 08:42
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save tott/3496266 to your computer and use it in GitHub Desktop.
Save tott/3496266 to your computer and use it in GitHub Desktop.
enforce http
<?php
add_action( 'plugins_loaded', 'bypass_wp_login_for_pw_protected_posts' );
function bypass_wp_login_for_pw_protected_posts() {
// this functionality is a fork of http://core.trac.wordpress.org/browser/trunk/wp-login.php#L385
// keep this in sync with Core
$action = isset( $_REQUEST['action'] ) ? $_REQUEST['action'] : 'login';
if ( 'postpass' <> $action )
return;
if ( empty( $wp_hasher ) ) {
require_once( ABSPATH . 'wp-includes/class-phpass.php' );
// By default, use the portable hash from phpass
$wp_hasher = new PasswordHash(8, true);
}
// 10 days
setcookie( 'wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword( stripslashes( $_POST['post_password'] ) ), time() + 864000, COOKIEPATH );
wp_safe_redirect( wp_get_referer() );
exit();
}
add_filter( 'site_url', 'enforce_nonssl_postpass_url', 999, 4 );
function enforce_nonssl_postpass_url( $url, $path, $scheme, $blog_id ) {
if ( 'login_post' <> $scheme )
return $url;
if ( preg_match( '#\?action=postpass#', $url ) )
return str_replace( 'https://', 'http://', $url );
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment