I've run across a small issue with the More Privacy Options plugin (http://wpmudevorg.wordpress.com/project/More-Privacy-Options)
How to reproduce the issue:
- enable FORCE_SSL_LOGIN in wp-config.php (I haven't tested, but this probably happens with FORCE_SSL_ADMIN also)
- set blog visibility to one of the 3 options provided by this plugin (registered users from blog community || registered members of this blog || administrators )
- visit the blog at http://blog123.example.com
- login at the prompt
What should happen:
- after login you should be redirected to http://blog123.example.com
What actually happens:
- after login you will be redirected to https://blog123.example.com
I've included a patch below that seems to take care of the problem on my site. Hopefully dsader will see this post and can comment on my fix since I'm a PHP noob.
--- ds_private_blog.php.orig 2010-01-14 11:40:46.000000000 -0500
+++ ds_private_blog.php 2010-01-14 11:56:34.000000000 -0500
@@ -166,7 +166,7 @@
} else {
nocache_headers();
header("HTTP/1.1 302 Moved Temporarily");
- header('Location: ' . get_settings('siteurl') . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']));
+ header('Location: ' . get_settings('siteurl') . '/wp-login.php?redirect_to=' . urlencode(site_url($_SERVER['REQUEST_URI'])));
header("Status: 302 Moved Temporarily");
exit();
}
@@ -221,7 +221,7 @@
} elseif (!current_user_can('read')) {
nocache_headers();
header("HTTP/1.1 302 Moved Temporarily");
- header('Location: ' . get_settings('siteurl') . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']));
+ header('Location: ' . get_settings('siteurl') . '/wp-login.php?redirect_to=' . urlencode(site_url($_SERVER['REQUEST_URI'])));
header("Status: 302 Moved Temporarily");
exit();
}
@@ -252,7 +252,7 @@
} elseif (!current_user_can('manage_options')) {
nocache_headers();
header("HTTP/1.1 302 Moved Temporarily");
- header('Location: ' . get_settings('siteurl') . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']));
+ header('Location: ' . get_settings('siteurl') . '/wp-login.php?redirect_to=' . urlencode(site_url($_SERVER['REQUEST_URI'])));
header("Status: 302 Moved Temporarily");
exit();
}