File Editor
Directories:
.. (Back)
assets
languages
lets-encrypt
lib
mailer
modal
onboarding
placeholders
progress
security
settings
testssl
upgrade
Files:
class-admin.php
class-cache.php
class-certificate.php
class-front-end.php
class-installer.php
class-mixed-content-fixer.php
class-multisite.php
class-server.php
class-site-health.php
class-wp-cli.php
compatibility.php
force-deactivate.txt
functions.php
index.php
readme.txt
rlrsssl-really-simple-ssl.php
rsssl-auto-loader.php
ssl-test-page.php
system-status.php
uninstall.php
upgrade.php
Create New File
Create
Edit File: class-multisite.php
<?php defined('ABSPATH') or die(); if (!class_exists('rsssl_multisite')) { class rsssl_multisite { private static $_this; function __construct() { if (isset(self::$_this)) wp_die(); self::$_this = $this; register_activation_hook( __DIR__ . "/" . rsssl_plugin, array($this, 'activate')); add_action( 'network_admin_menu', array( $this, 'add_multisite_menu' ) ); /*filters to make sure WordPress returns the correct protocol */ add_filter("admin_url", array($this, "check_admin_protocol"), 20, 3); add_filter('home_url', array($this, 'check_site_protocol'), 20, 4); add_filter('site_url', array($this, 'check_site_protocol'), 20, 4); add_action('plugins_loaded', array($this, 'maybe_redirect_old_settings_url'), 10); if ( is_network_admin() ) { add_action('network_admin_notices', array($this, 'show_notices'), 10); } //If WP version is 5.1 or higher, use wp_insert_site hook for multisite SSL activation in new blogs if( version_compare(get_bloginfo('version'),'5.1', '>=') ) { add_action('wp_initialize_site', array($this, 'maybe_activate_ssl_in_new_blog'), 20, 1); } else { add_action('wpmu_new_blog', array($this, 'maybe_activate_ssl_in_new_blog_deprecated'), 10, 6); } add_filter('rsssl_notices', array($this, 'add_multisite_notices')); } static function this() { return self::$_this; } /** * Redirect to the new settings page * * @return void */ public function maybe_redirect_old_settings_url(){ if ( !rsssl_user_can_manage() || !is_network_admin() ) { return; } if ( isset($_GET['page']) && $_GET['page'] === 'rlrsssl_really_simple_ssl' ){ wp_redirect(add_query_arg(['page' => 'really-simple-security'], network_admin_url('settings.php') ) ); exit; } } /** * Add notices to the dashboard * @param array $notices * * @return array */ public function add_multisite_notices( array $notices): array { $unset_array = array( 'mixed_content_fixer_detected', 'elementor', 'divi', ); foreach ( $unset_array as $unset_item ) { unset( $notices[$unset_item] ); } $notices['ssl_enabled'] = array( 'callback' => 'rsssl_ssl_enabled', 'score' => 30, 'output' => array( 'true' => array( 'msg' =>__('SSL is enabled networkwide.', 'really-simple-ssl'), 'icon' => 'success' ), 'false' => array( 'msg' => __('SSL is not enabled on your network', 'really-simple-ssl'), 'icon' => 'open', 'plusone' => true, ), ), ); $notices['multisite_server_variable_warning'] = array( 'condition' => array('rsssl_ssl_enabled'), 'callback' => 'RSSSL()->multisite->multisite_server_variable_warning', 'score' => 30, 'output' => array( 'no-server-variable' => array( 'msg' => __('You run a Multisite installation with subfolders, which prevents this plugin from fixing your missing server variable in the wp-config.php.', 'really-simple-ssl') . " " .__('Because the $_SERVER["HTTPS"] variable is not set, your website may experience redirect loops.', 'really-simple-ssl') . " " .__('Activate networkwide to fix this.', 'really-simple-ssl'), 'icon' => 'warning', 'plusone' => true, ), ), ); $notices['activation_not_completed'] = array( 'callback' => 'RSSSL()->multisite->ssl_activation_started_but_not_completed', 'score' => 30, 'output' => array( 'true' => array( 'title' => __("SSL activation in progress", "really-simple-ssl"), 'msg' => __('A networkwide SSL activation process has been started, but has not been completed. Please go to the SSL settings page to complete the process.', 'really-simple-ssl').' '. '<a href="'.add_query_arg(['page'=>'really-simple-security'], network_admin_url('settings.php') ).'">'.__('View settings page','really-simple-ssl').'</a>', 'icon' => 'warning', 'plusone' => true, 'admin_notice' => true, ), ), ); $notices['subdomains_no_wildcard'] = array( 'condition' => array('rsssl_ssl_enabled'), 'callback' => 'RSSSL()->multisite->subdomains_no_wildcard', 'score' => 30, 'output' => array( 'subdomains-no-wildcard' => array( 'msg' => __("You run a Multisite installation with subdomains, but your site doesn't have a wildcard certificate.", 'really-simple-ssl') . " " . __("This leads to issues when activating SSL networkwide since subdomains will be forced over SSL as well while they don't have a valid certificate.", 'really-simple-ssl') . " " . __("Activate SSL per site or install a wildcard certificate to fix this.", 'really-simple-ssl'), 'icon' => 'warning', 'dismissible' => true, 'plusone' => true, ), ), ); return $notices; } /** * Check if site has a server var issue. * @return string */ public function multisite_server_variable_warning(){ if (!function_exists('is_plugin_active_for_network')) require_once(ABSPATH . '/wp-admin/includes/plugin.php'); if ( is_multisite() && !is_plugin_active_for_network(rsssl_plugin) && $this->is_multisite_subfolder_install() ) { //with no server variables, the website could get into a redirect loop. if (RSSSL()->admin->no_server_variable) { return 'no-server-variable'; } } return 'success'; } /** * Check if we have a subdomains setup, but no wildcard * @return string */ public function subdomains_no_wildcard(){ if ( get_site_option('rsssl_network_activation_status' !== 'completed') && !$this->is_multisite_subfolder_install() && !RSSSL()->certificate->is_wildcard() ) { return 'subdomains-no-wildcard'; } return 'success'; } /** * When a new site is added, maybe activate SSL as well. * * @param int $blog_id * @param bool $user_id * @param bool $domain * @param bool $path * @param bool $site_id * @param bool $meta */ public function maybe_activate_ssl_in_new_blog_deprecated( int $blog_id, $user_id=false, $domain=false, $path=false, $site_id=false, $meta=false) { if ( get_site_option('rsssl_network_activation_status' === 'completed') ) { $site = get_blog_details($blog_id); switch_to_blog($site->blog_id); RSSSL()->admin->activate_ssl(false); restore_current_blog(); } } /** * Activate SSl in new block * @since 3.1.6 * @param $site * @return void */ public function maybe_activate_ssl_in_new_blog($site) { if ( get_site_option('rsssl_network_activation_status' === 'completed') ) { switch_to_blog($site->blog_id); RSSSL()->admin->activate_ssl(false); restore_current_blog(); } } /** Add network menu for SSL Only when plugin is network activated. */ public function add_multisite_menu() { if ( ! is_multisite() || ! rsssl_is_networkwide_active() ) { return; } if ( ! rsssl_user_can_manage() ) { return; } $count = RSSSL()->admin->count_plusones(); $update_count = $count > 0 ? "<span class='update-plugins rsssl-update-count'><span class='update-count'>$count</span></span>" : ""; $icon_svg = '<?xml version="1.0" encoding="UTF-8"?> <svg id="rss-menu-logo" xmlns="http://www.w3.org/2000/svg" viewBox="0 -15 100 130" width="28" height="28"> <defs> <style>.cls-1{fill:#fff;stroke-width:0px;}</style> </defs> <g fill="none" stroke-width="2"> <path class="cls-1" d="M72.92,26.6h-13v-9.4c0-7.6-6.1-13.7-13.7-13.7s-13.8,6.1-13.8,13.7v9.4h-13.1v-9.4C19.32,2.4,31.32,-9.6,46.12,-9.6s26.8,12,26.8,26.8v9.4h0Z"/> <rect class="cls-1" x="10.02" y="84.6" width="72.3" height="5.6"/> <path class="cls-1" d="M82.32,82H10.02V31.8c0-2.9,2.3-5.2,5.2-5.2h61.9c2.9,0,5.2,2.3,5.2,5.2V82h0ZM64.62,37.8c-2.2-2.2-5.9-2.2-8.2,0l-15.7,15.3l-4.9-4.9c-2.2-2.2-5.9-2.2-8.2,0l-1.9,1.9c-2.2,2.2-2.2,5.9,0,8.2l8.5,8.5c0.1,0.2,0.3,0.4,0.5,0.6l1.9,1.9l4.2,4l3.5-3.5c0.2-0.1,0.4-0.3,0.6-0.5l1.9-1.9c0.2-0.2,0.4-0.4,0.5-0.6l19.1-18.9c2.2-2.2,2.2-5.9,0-8.2l-1.8-1.9Z"/> </g> </svg>'; $icon_base64 = 'data:image/svg+xml;base64,' . base64_encode($icon_svg); $page_hook_suffix = add_menu_page( __( "Security", "really-simple-ssl" ), __( "Security", "really-simple-ssl" ) . $update_count, 'manage_security', 'really-simple-security', 'rsssl_settings_page', $icon_base64, 100 // This will place it near the bottom of the menu ); add_action( "admin_print_scripts-{$page_hook_suffix}", 'rsssl_plugin_admin_scripts' ); // Update the page title to prevent issues with an empty title causing strip_tags deprecation warnings add_action("load-{$page_hook_suffix}", 'rsssl_set_admin_page_title'); add_action('admin_head', 'rsssl_override_wordpress_svg_size'); } /** * Check if an SSL process is active * @return bool */ public function ssl_process_active(){ if ( get_site_option('rsssl_ssl_activation_active') ){ return true; } return false; } /** * Run SSL upgrade process * * @return void */ public function run_ssl_process(){ if ( get_site_option('rsssl_ssl_activation_active') ){ $this->activate_ssl_networkwide(); } update_site_option('rsssl_run', false); } /** * @param WP_REST_Request $request * * @return array */ public function process_ssl_activation_step(){ if ( !$this->ssl_process_active() ) { $this->start_ssl_activation(); } $this->run_ssl_process(); $progress = $this->get_process_completed_percentage(); return [ 'progress' => $progress, 'success' => true ]; } /** * Get SSL process completed percentage * @return int */ public function get_process_completed_percentage(){ if ( get_site_option('rsssl_network_activation_status') === 'completed' ) { return 100; } $complete_count = get_site_option('rsssl_siteprocessing_progress'); $blog_count = $this->get_total_blog_count(); $blog_count = $blog_count !== 0 ? $blog_count : 1; //prevent division by zero $percentage = round(( $complete_count/$blog_count )*100,0); if ( $percentage > 99 ) { $percentage = 100; } return (int) $percentage; } /** * Check if website has started activation, but didn't completed * @return bool */ public function ssl_activation_started_but_not_completed(){ if ( !get_option('rsssl_network_activation_status') ) { return false; } return get_option('rsssl_network_activation_status')!=='completed'; } /** * Start SSL activation * * @return void */ public function start_ssl_activation(){ if (!rsssl_user_can_manage()) { return; } update_site_option('rsssl_siteprocessing_progress', 0); update_site_option('rsssl_ssl_activation_active', true); } /** * End SSL activation * * @return void */ public function end_ssl_activation(){ if (!rsssl_user_can_manage()) { return; } update_site_option('rsssl_ssl_activation_active', false); } /** * Activate SSL network wide */ public function activate_ssl_networkwide() { if (!rsssl_user_can_manage()) { return; } //run chunked $nr_of_sites = 200; $current_offset = get_site_option('rsssl_siteprocessing_progress'); //set batch of sites $args = array( 'number' => $nr_of_sites, 'offset' => $current_offset, 'meta_query' => [ 'relation' => 'or', [ 'key' => 'rsssl_ssl_activated', 'compare' => 'NOT EXISTS' ], [ 'key' => 'rsssl_ssl_activated', 'value' => false, 'compare' => '=', ], ] ); $sites = get_sites($args); //if no sites are found, we assume we're done. if ( count($sites)==0 ) { $this->end_ssl_activation(); update_site_option('rsssl_network_activation_status', 'completed'); } else { foreach ($sites as $site) { switch_to_blog($site->blog_id); update_site_meta($site->blog_id, 'rsssl_ssl_activated', true ); RSSSL()->admin->activate_ssl(false); restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop update_site_option('rsssl_siteprocessing_progress', $current_offset+$nr_of_sites); } } } /** * Deactivate SSL on all subsites * * @return void */ public function deactivate() { if (!rsssl_user_can_manage()) { return; } $ssl_was_enabled = rsssl_get_option('ssl_enabled'); delete_site_option('rsssl_network_activation_status'); rsssl_update_option('ssl_enabled', false); //main site first $site_id = get_main_site_id(); switch_to_blog($site_id); RSSSL()->admin->deactivate_site($ssl_was_enabled); restore_current_blog(); //because the deactivation should be a one click procedure, chunking this would cause difficulties $args = array( 'number' => $this->get_total_blog_count(), 'offset' => 0, ); $sites = get_sites($args); foreach ($sites as $site) { switch_to_blog($site->blog_id); update_site_meta($site->blog_id, 'rsssl_ssl_activated', false ); //we already did the main site if ( !is_main_site() ) { RSSSL()->admin->deactivate_site($ssl_was_enabled); } restore_current_blog(); } } /** * filters the get_admin_url function to correct the false https urls wordpress returns for non SSL websites. * * @since 2.3.10 * */ public function check_admin_protocol($url, $path, $blog_id) { if ( !$blog_id ) $blog_id = get_current_blog_id(); //if the force_ssl_admin is defined, the admin_url should not be forced back to http: all admin panels should be https. if (defined('FORCE_SSL_ADMIN')) return $url; //do not force to http if the request is made for an url of the current blog. //if a site is loaded over https, it should return https links, unless the url is requested for another blog. //In that case, we only return a https link if the site_url is https, and http otherwise. if (get_current_blog_id() == $blog_id) return $url; //now check if the blog is http or https, and change the url accordingly if (!function_exists('is_plugin_active_for_network')) require_once(ABSPATH . '/wp-admin/includes/plugin.php'); if ( !is_plugin_active_for_network(rsssl_plugin) ) { $home_url = get_blog_option($blog_id, 'home'); if (strpos($home_url, "https://") === false) { $url = str_replace("https://", "http://", $url); } } return $url; } /** * filters the home_url and/or site_url function to correct the false https urls wordpress returns for non SSL websites. * * @since 2.3.17 * */ public function check_site_protocol($url, $path, $orig_scheme, $blog_id) { if ( !$blog_id ) { $blog_id = get_current_blog_id(); } if (get_current_blog_id() == $blog_id) return $url; if (!function_exists('is_plugin_active_for_network')) require_once(ABSPATH . '/wp-admin/includes/plugin.php'); if ( !is_plugin_active_for_network(rsssl_plugin) ) { $home_url = get_blog_option($blog_id, 'home'); if (strpos($home_url, "https://") === false) { $url = str_replace("https://", "http://", $url); } } return $url; } /** * Checks if we are on a subfolder install. (domain.com/site1 ) * * @since 2.2 * * @access public * **/ public function is_multisite_subfolder_install() { if ( !is_multisite() ) { return false; } //we check this manually, as the SUBDOMAIN_INSTALL constant of wordpress might return false for domain mapping configs $is_subfolder = false; $args = array( 'number' => 5, 'offset' => 0, ); $sites = get_sites($args); foreach ($sites as $site) { switch_to_blog($site->blog_id); if ($this->is_subfolder(home_url())) { $is_subfolder = true; } restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop if ($is_subfolder) return true; } return false; } /** * Test if a domain has a subfolder structure * * @param string $domain * * @access public * * @return bool * @since 2.2 * */ public function is_subfolder(string $domain): bool { //remove slashes of the http(s) $domain = preg_replace("/(http:\/\/|https:\/\/)/", "", $domain); return strpos( $domain, "/" ) !== false; } /** * Show notices * * @since 2.0 * * @access public * */ public function show_notices() { if ( !rsssl_user_can_manage() ) { return; } //prevent showing the review on edit screen, as gutenberg removes the class which makes it editable. $screen = get_current_screen(); if ( $screen && $screen->base === 'post' ) { return; } if ( !$this->is_settings_page() ) { $notices = RSSSL()->admin->get_notices_list( array('admin_notices'=>true) ); foreach ( $notices as $id => $notice ){ $notice = $notice['output']; $class = 'open' === $notice['status'] ? 'warning' : 'error'; $more_info = $notice['url'] ?? false; $logo = $notice['logo'] ?? false; $dismiss_id = isset( $notice['dismissible'] ) && $notice['dismissible'] ? $id : false; $dashboard_button = isset( $notice['dashboard_button'] ) && $notice['dashboard_button'] ? $id : false; echo RSSSL()->admin->notice_html( $class . ' ' . $id, $notice['msg'], $more_info, $logo, $dismiss_id, $dashboard_button ); } } } /** * Check if we are on the settings page * @return bool */ public function is_settings_page() { if (!rsssl_user_can_manage()) { return false; } return (isset($_GET['page']) && $_GET['page'] === 'really-simple-security'); } /** * Get blog count for all networks * * @return int */ public function get_total_blog_count() { //Get the total blog count from all multisite networks $networks = get_networks(); $total_blog_count = 0; foreach($networks as $network){ $network_id = ($network->__get('id')); $blog_count = get_blog_count($network_id); $total_blog_count += $blog_count; } return $total_blog_count; } } //class closure }
Save Changes
Rename File
Rename