Title: SSL causes failure
Last modified: August 30, 2016

---

# SSL causes failure

 *  Resolved [TruthMerchant](https://wordpress.org/support/users/truthmerchant/)
 * (@truthmerchant)
 * [10 years, 7 months ago](https://wordpress.org/support/topic/ssl-causes-failure/)
 * If either “SSL_LOGIN” or “SSL_ADMIN” are defined true in wp_config then the votes
   of logged in users are not saved into the database and the display of hearts 
   remains sensitive.
 * //define(‘FORCE_SSL_ADMIN’, true);
    define(‘FORCE_SSL_LOGIN’, true);
 * What happens is that $_COOKIE shows empty when spr_rate is entered. $current_user
   is also null.
 * I’ve been debugging this for several days, but I know nothing about the browser
   stuff. I used firebug to see the cookies in the browser but these never make 
   it to the $_COOKIE array.
 * If I comment out both “SSL” defines in wp_conig then the plugin works. I now 
   have “define(‘FORCE_SSL_LOGIN’, true); in wp_config.
 * PLease login to occupytacoma.org as “demo” with password “demo” and rate an “
   Article” (Articles are displayed as opposed to “posts” on the front page). There
   seems to be something amiss in the browser code that causes the cookies to not
   be presented by the AJAX request.
 * It seems to me that I had this problem a year ago and I was able to get around
   it by setting LOGIN and not setting ADMIN. But now either one seems to break 
   the plugin.
 * [https://wordpress.org/plugins/simple-rating/](https://wordpress.org/plugins/simple-rating/)

Viewing 5 replies - 1 through 5 (of 5 total)

 *  Plugin Author [Igor Yavych](https://wordpress.org/support/users/flyerua/)
 * (@flyerua)
 * [10 years, 7 months ago](https://wordpress.org/support/topic/ssl-causes-failure/#post-6776125)
 * This happens when you vote from http:// instead of [https://](https://wordpress.org/support/topic/ssl-causes-failure/?output_format=md).
   If you vote from [https://](https://wordpress.org/support/topic/ssl-causes-failure/?output_format=md),
   it will work just fine.
    $current_user is internal WP stuff, this plugin has 
   nothing to do with populating this variable with data. I’m have no experience
   with WP+SSL, but I assume that it isn’t set up properly in your particular case.
   I might be wrong though. Workaround would be to force all traffic to go through
   https.
 *  Thread Starter [TruthMerchant](https://wordpress.org/support/users/truthmerchant/)
 * (@truthmerchant)
 * [10 years, 7 months ago](https://wordpress.org/support/topic/ssl-causes-failure/#post-6776358)
 * Forcing all traffic to ssl is not (for me) a good “workaround”. But after a few
   more days of rummaging around in WordPress core and such I found that the protocol
   on the request back to the server (used to facilitate AJAX) is defined wrongly
   by the “admin_url” function.
 * On further investigation I found that the problem came about in WordPress 4.0
   when “FORCE_SSL_LOGIN” was deprecated. As of 4.0 it is both “ADMIN” and “LOGIN”
   or neither because the function “force_ssl_admin” returns “true” if either of
   the aforesaid globals are defined “true”. That means that the “default” protocol
   returned by “admin_url” will always be ‘https’. And that causes the browser to
   see the AJAX request as “cross domain” and to NOT send the “COOKIES”.
 * SOLUTION:
 * Update “rating.php” in the “simple_rating” directory as follows:
 * Using your favorite text editor, insert immediately ahead of
    `if (is_user_logged_in()
   ==1)` at line 210, a new line of code as `$scheme = is_ssl() ? 'https': 'http';`
 * Then use the search and replace function of your editor to replace all instances
   of `=>admin_url('admin-ajax.php'` with
    =>admin_url(‘admin-ajax.php’,$scheme`
 * This should make the plugin function properly REGARDLESS of what you do with 
   SSL. All ssl, no ssl, login ssl admin ssl, or per page ssl or whatever.
 *  Plugin Author [Igor Yavych](https://wordpress.org/support/users/flyerua/)
 * (@flyerua)
 * [10 years, 7 months ago](https://wordpress.org/support/topic/ssl-causes-failure/#post-6776360)
 * I can do that, of course. But still, don’t you think it’s good idea to stop using
   deprecated features?
 *  Thread Starter [TruthMerchant](https://wordpress.org/support/users/truthmerchant/)
 * (@truthmerchant)
 * [10 years, 7 months ago](https://wordpress.org/support/topic/ssl-causes-failure/#post-6776366)
 * My updates are an appropriate address of the actual problem in that they “get
   around” THE actual bug in WordPress core and nothing more or less. I always wanted
   to use “FORCE_SSL_ADMIN” since I started using a “real” ssl cert as opposed to“
   self signed”. This “admin only” functionality has not been deprecated. It was
   simply breaking “Simple Rating” and other rating plugins. That is why I used “
   FORCE_SSL_LOGIN”.
 * I will assume that any further releases of “Simple Rating” will address this 
   core bug with my suggested changes or in some other way. And I would ask that
   you mark this issue resolved.
 *  Plugin Author [Igor Yavych](https://wordpress.org/support/users/flyerua/)
 * (@flyerua)
 * [10 years, 7 months ago](https://wordpress.org/support/topic/ssl-causes-failure/#post-6776373)
 * Already added it in 1.5

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘SSL causes failure’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/simple-rating_010101.svg)
 * [Simple Rating](https://wordpress.org/plugins/simple-rating/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/simple-rating/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/simple-rating/)
 * [Active Topics](https://wordpress.org/support/plugin/simple-rating/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/simple-rating/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/simple-rating/reviews/)

 * 5 replies
 * 2 participants
 * Last reply from: [Igor Yavych](https://wordpress.org/support/users/flyerua/)
 * Last activity: [10 years, 7 months ago](https://wordpress.org/support/topic/ssl-causes-failure/#post-6776373)
 * Status: resolved