From ffc4d2d06e7e4b2d5c2b31c1291a5bec9af08faf Mon Sep 17 00:00:00 2001
From: =?utf8?q?Frank=20J=2E=20G=C3=B3mez?= <frank@ginkgostreet.com>
Date: Mon, 28 Apr 2014 17:29:13 -0700
Subject: [PATCH] Fixed CRM-14283. Strips protocol and domain name from premium
 image before storing URL in DB.

----------------------------------------
* CRM-14283: Premium image upload button => http-only URL for images => Firefox insecure page warning
  https://issues.civicrm.org/jira/browse/CRM-14283
---
 CRM/Contribute/BAO/ManagePremiums.php | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/CRM/Contribute/BAO/ManagePremiums.php b/CRM/Contribute/BAO/ManagePremiums.php
index 1c3b3cbf27..4408c2824d 100644
--- a/CRM/Contribute/BAO/ManagePremiums.php
+++ b/CRM/Contribute/BAO/ManagePremiums.php
@@ -101,6 +101,15 @@ class CRM_Contribute_BAO_ManagePremiums extends CRM_Contribute_DAO_Product {
    * @return object
    */
   static function add(&$params, &$ids) {
+    // CRM-14283 - strip protocol and domain from image URLs
+    $image_type = array('image', 'thumbnail');
+    foreach ($image_type as $key) {
+      if (isset($params[$key])) {
+        $parsedURL = explode('/', $params[$key]);
+        $pathComponents = array_slice($parsedURL, 3);
+        $params[$key] = '/' . implode('/', $pathComponents);
+      }
+    }
 
     $params['is_active'] = CRM_Utils_Array::value('is_active', $params, FALSE);
     $params['is_deductible'] = CRM_Utils_Array::value('is_deductible', $params, FALSE);
-- 
2.25.1