Allow login via a secure login form

git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@1144 7be80a69-a1ef-0310-a953-fb0f7c49ff36

3 files changed, 9 insertions, 7 deletions

diff --git a/wp-admin/menu.php b/wp-admin/menu.php
index 11e04f4..81ce496 100644
--- a/wp-admin/menu.php
+++ b/wp-admin/menu.php
@@ -4,6 +4,9 @@
 // Menu item name
 // The minimum level the user needs to access the item: between 0 and 10
 // The URL of the item's file
+
+$schema = ( isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ) ? 'https://' : 'http://';
+
 $menu[0] = array(__('Dashboard'), 'read', 'index.php');
 
 if (strpos($_SERVER['REQUEST_URI'], 'edit-pages.php') !== false)
@@ -160,19 +163,19 @@ if (! user_can_access_admin_page()) {
 			$blogs = get_blogs_of_user( $user_ID );
 			if ( empty($blogs) || $blogs == false ) { // If user haven't any blog
 				update_usermeta( $user_ID, 'wp_1_capabilities', array('subscriber' => true)); // Add subscriber permission for first blog.
-				wp_redirect( 'http://'.$current_site->domain . $current_site->path. 'wp-admin/' );
+				wp_redirect( $schema . $current_site->domain . $current_site->path. 'wp-admin/' );
 				exit();
 			}
 
 			foreach ( (array) $blogs as $blog ) {
 				if ( $blog->userblog_id == $newblog->blog_id ) {
-					wp_redirect( 'http://'.$newblog->domain . $newblog->path . 'wp-admin/' );
+					wp_redirect( $schema . $newblog->domain . $newblog->path . 'wp-admin/' );
 					exit();
 				}
 			}
 			
 			$blog = $blogs[0]; // Take the first blog...
-			wp_redirect( 'http://'.$blog->domain . $blog->path. 'wp-admin/' );
+			wp_redirect( $schema . $blog->domain . $blog->path. 'wp-admin/' );
 			exit();
 		}
 	}
diff --git a/wp-admin/wpmu-blogs.php b/wp-admin/wpmu-blogs.php
index 642e842..56335c0 100644
--- a/wp-admin/wpmu-blogs.php
+++ b/wp-admin/wpmu-blogs.php
@@ -5,7 +5,6 @@ $title = __('WordPress MU › Admin › Blogs');
 $parent_file = 'wpmu-admin.php';
 wp_enqueue_script( 'listman' );
 require_once('admin-header.php');
-
 if( is_site_admin() == false ) {
     wp_die( __('<p>You do not have permission to access this page.</p>') );
 }
@@ -519,7 +518,7 @@ switch( $_GET['action'] ) {
 							case 'control_backend':
 							?>
 								<td valign="top">
-									<?php echo "<a href='http://" . $blog['domain'] . $blog['path'] . "wp-admin/' class='edit'>" . __('Backend') . "</a>"; ?>
+									<?php echo "<a href='". $schema . $blog['domain'] . $blog['path'] . "wp-admin/' class='edit'>" . __('Backend') . "</a>"; ?>
 								</td>
 							<?php
 							break;
diff --git a/wp-login.php b/wp-login.php
index 9eacdb0..87f13df 100644
--- a/wp-login.php
+++ b/wp-login.php
@@ -11,11 +11,11 @@ nocache_headers();
 
 header('Content-Type: '.get_bloginfo('html_type').'; charset='.get_bloginfo('charset'));
 
+$schema = ( isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ) ? 'https://' : 'http://';
 if ( defined('RELOCATE') ) { // Move flag is set
 	if ( isset( $_SERVER['PATH_INFO'] ) && ($_SERVER['PATH_INFO'] != $_SERVER['PHP_SELF']) )
 		$_SERVER['PHP_SELF'] = str_replace( $_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF'] );
 
-	$schema = ( isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ) ? 'https://' : 'http://';
 	if ( dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']) != get_option('siteurl') )
 		update_option('siteurl', dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']) );
 }
@@ -270,7 +270,7 @@ default:
 	login_header(__('Login'));
 ?>
 
-<form name="loginform" id="loginform" action="http://<?php echo $current_blog->domain . $current_blog->path ?>wp-login.php" method="post">
+<form name="loginform" id="loginform" action="<?php echo $schema . $current_blog->domain . $current_blog->path ?>wp-login.php" method="post">
 <?php if ( !in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
 	<p>
 		<label><?php _e('Username:') ?><br />