Home Explore Help
Sign In
website
/
finlabsindia
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
finlabsindia
/
wp-content
/
plugins
/
woocommerce
/
includes
/
class-wc-https.php

class-wc-https.php 4.3 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138 
  1. <?php
    2. 

  2. 

  3. if ( ! defined( 'ABSPATH' ) ) {
    4. 

  4. 	exit; // Exit if accessed directly
    5. 

  5. }
    6. 

  6. 

  7. /**
    8. 

  8.  * WC_HTTPS class.
    9. 

  9.  *
    10. 

  10.  * @class    WC_HTTPS
    11. 

  11.  * @version  2.2.0
    12. 

  12.  * @package  WooCommerce/Classes
    13. 

  13.  * @category Class
    14. 

  14.  * @author   WooThemes
    15. 

  15.  */
    16. 

  16. class WC_HTTPS {
    17. 

  17. 

  18. 	/**
    19. 

  19. 	 * Hook in our HTTPS functions if we're on the frontend. This will ensure any links output to a page (when viewing via HTTPS) are also served over HTTPS.
    20. 

  20. 	 */
    21. 

  21. 	public static function init() {
    22. 

  22. 		if ( 'yes' === get_option( 'woocommerce_force_ssl_checkout' ) && ! is_admin() ) {
    23. 

  23. 			// HTTPS urls with SSL on
    24. 

  24. 			$filters = array(
    25. 

  25. 				'post_thumbnail_html',
    26. 

  26. 				'wp_get_attachment_image_attributes',
    27. 

  27. 				'wp_get_attachment_url',
    28. 

  28. 				'option_stylesheet_url',
    29. 

  29. 				'option_template_url',
    30. 

  30. 				'script_loader_src',
    31. 

  31. 				'style_loader_src',
    32. 

  32. 				'template_directory_uri',
    33. 

  33. 				'stylesheet_directory_uri',
    34. 

  34. 				'site_url',
    35. 

  35. 			);
    36. 

  36. 

  37. 			foreach ( $filters as $filter ) {
    38. 

  38. 				add_filter( $filter, array( __CLASS__, 'force_https_url' ), 999 );
    39. 

  39. 			}
    40. 

  40. 

  41. 			add_filter( 'page_link', array( __CLASS__, 'force_https_page_link' ), 10, 2 );
    42. 

  42. 			add_action( 'template_redirect', array( __CLASS__, 'force_https_template_redirect' ) );
    43. 

  43. 

  44. 			if ( 'yes' == get_option( 'woocommerce_unforce_ssl_checkout' ) ) {
    45. 

  45. 				add_action( 'template_redirect', array( __CLASS__, 'unforce_https_template_redirect' ) );
    46. 

  46. 			}
    47. 

  47. 		}
    48. 

  48. 		add_action( 'http_api_curl', array( __CLASS__, 'http_api_curl' ), 10, 3 );
    49. 

  49. 	}
    50. 

  50. 

  51. 	/**
    52. 

  52. 	 * Force https for urls.
    53. 

  53. 	 *
    54. 

  54. 	 * @param mixed $content
    55. 

  55. 	 * @return string
    56. 

  56. 	 */
    57. 

  57. 	public static function force_https_url( $content ) {
    58. 

  58. 		if ( is_ssl() ) {
    59. 

  59. 			if ( is_array( $content ) ) {
    60. 

  60. 				$content = array_map( 'WC_HTTPS::force_https_url', $content );
    61. 

  61. 			} else {
    62. 

  62. 				$content = str_replace( 'http:', 'https:', $content );
    63. 

  63. 			}
    64. 

  64. 		}
    65. 

  65. 		return $content;
    66. 

  66. 	}
    67. 

  67. 

  68. 	/**
    69. 

  69. 	 * Force a post link to be SSL if needed.
    70. 

  70. 	 *
    71. 

  71. 	 * @param string $link
    72. 

  72. 	 * @param int $page_id
    73. 

  73. 	 *
    74. 

  74. 	 * @return string
    75. 

  75. 	 */
    76. 

  76. 	public static function force_https_page_link( $link, $page_id ) {
    77. 

  77. 		if ( in_array( $page_id, array( get_option( 'woocommerce_checkout_page_id' ), get_option( 'woocommerce_myaccount_page_id' ) ) ) ) {
    78. 

  78. 			$link = str_replace( 'http:', 'https:', $link );
    79. 

  79. 		} elseif ( 'yes' === get_option( 'woocommerce_unforce_ssl_checkout' ) && ! wc_site_is_https() ) {
    80. 

  80. 			$link = str_replace( 'https:', 'http:', $link );
    81. 

  81. 		}
    82. 

  82. 		return $link;
    83. 

  83. 	}
    84. 

  84. 

  85. 	/**
    86. 

  86. 	 * Template redirect - if we end up on a page ensure it has the correct http/https url.
    87. 

  87. 	 */
    88. 

  88. 	public static function force_https_template_redirect() {
    89. 

  89. 		if ( ! is_ssl() && ( is_checkout() || is_account_page() || apply_filters( 'woocommerce_force_ssl_checkout', false ) ) ) {
    90. 

  90. 

  91. 			if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) {
    92. 

  92. 				wp_safe_redirect( preg_replace( '|^http://|', 'https://', $_SERVER['REQUEST_URI'] ) );
    93. 

  93. 				exit;
    94. 

  94. 			} else {
    95. 

  95. 				wp_safe_redirect( 'https://' . ( ! empty( $_SERVER['HTTP_X_FORWARDED_HOST'] ) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : $_SERVER['HTTP_HOST'] ) . $_SERVER['REQUEST_URI'] );
    96. 

  96. 				exit;
    97. 

  97. 			}
    98. 

  98. 		}
    99. 

  99. 	}
    100. 

  100. 

  101. 	/**
    102. 

  102. 	 * Template redirect - if we end up on a page ensure it has the correct http/https url.
    103. 

  103. 	 */
    104. 

  104. 	public static function unforce_https_template_redirect() {
    105. 

  105. 		if ( function_exists( 'is_customize_preview' ) && is_customize_preview() ) {
    106. 

  106. 			return;
    107. 

  107. 		}
    108. 

  108. 

  109. 		if ( ! wc_site_is_https() && is_ssl() && $_SERVER['REQUEST_URI'] && ! is_checkout() && ! is_ajax() && ! is_account_page() && apply_filters( 'woocommerce_unforce_ssl_checkout', true ) ) {
    110. 

  110. 

  111. 			if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) {
    112. 

  112. 				wp_safe_redirect( preg_replace( '|^https://|', 'http://', $_SERVER['REQUEST_URI'] ) );
    113. 

  113. 				exit;
    114. 

  114. 			} else {
    115. 

  115. 				wp_safe_redirect( 'http://' . ( ! empty( $_SERVER['HTTP_X_FORWARDED_HOST'] ) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : $_SERVER['HTTP_HOST'] ) . $_SERVER['REQUEST_URI'] );
    116. 

  116. 				exit;
    117. 

  117. 			}
    118. 

  118. 		}
    119. 

  119. 	}
    120. 

  120. 

  121. 	/**
    122. 

  122. 	 * Force posts to PayPal to use TLS v1.2. See:
    123. 

  123. 	 *        https://core.trac.wordpress.org/ticket/36320
    124. 

  124. 	 *        https://core.trac.wordpress.org/ticket/34924#comment:13
    125. 

  125. 	 *        https://www.paypal-knowledge.com/infocenter/index?page=content&widgetview=true&id=FAQ1914&viewlocale=en_US
    126. 

  126. 	 *
    127. 

  127. 	 * @param string $handle
    128. 

  128. 	 * @param mixed $r
    129. 

  129. 	 * @param string $url
    130. 

  130. 	 */
    131. 

  131. 	public static function http_api_curl( $handle, $r, $url ) {
    132. 

  132. 		if ( strstr( $url, 'https://' ) && ( strstr( $url, '.paypal.com/nvp' ) || strstr( $url, '.paypal.com/cgi-bin/webscr' ) ) ) {
    133. 

  133. 			curl_setopt( $handle, CURLOPT_SSLVERSION, 6 );
    134. 

  134. 		}
    135. 

  135. 	}
    136. 

  136. }
    137. 

  137. 

  138. WC_HTTPS::init();
    139.