--- securepages.module	2007-06-04 04:55:53.000000000 +0300
+++ securepages-new.module	2007-11-21 13:02:00.000000000 +0200
@@ -17,23 +17,38 @@
  */
 function securepages_init() {
   global $base_url;
+  if (variable_get('securepages_secure', 1) != 2) {
+    $path = $_GET['q'];
+    $page_match = securepages_match($path);
 
-  $path = $_GET['q'];
-  $page_match = securepages_match($path);
+    if ($_POST) {
+      // If something has been posted to here then ignore the rules.
+    }
+    elseif ($page_match && !$_SERVER['HTTPS']) {
+      securepages_goto(TRUE);
+    }
+    elseif ($page_match === FALSE && $_SERVER['HTTPS'] && variable_get('securepages_switch', FALSE)) {
+      securepages_goto(FALSE);
+    }
 
-  if ($_POST) {
-    // If something has been posted to here then ignore the rules.
-  }
-  elseif ($page_match && !$_SERVER['HTTPS']) {
-    securepages_goto(TRUE);
-  }
-  elseif ($page_match === FALSE && $_SERVER['HTTPS'] && variable_get('securepages_switch', FALSE)) {
-    securepages_goto(FALSE);
+    // Correct the base_url so that everything comes from https.
+    if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') {
+      $base_url = str_replace('http://', 'https://', $base_url);
+    }
   }
+}
 
-  // Correct the base_url so that everything comes from https.
-  if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') {
-    $base_url = str_replace('http://', 'https://', $base_url);
+/**
+ * Implementation of hook_user()
+ */
+function securepages_user($type, &$edit, &$user, $category = NULL) {
+  switch ($type) {
+  case 'logout':
+    if (variable_get('securepages_secure', 1) == 2) {
+      global $base_url;
+      $base_url = str_replace('https:', 'http:', $base_url);
+    }
+    break;
   }
 }
 
@@ -51,7 +66,7 @@
     '#type' => 'radios',
     '#title' => t('Pages which will be be secure'),
     '#default_value' => variable_get('securepages_secure', 1),
-    '#options' => array(t('Show on every page except the listed pages.'), t('Show on only the listed pages.')),
+    '#options' => array(t('Show on every page except the listed pages.'), t('Show on only the listed pages.'), t('Show on for authenticated user only.')),
   );
   $form['securepages_pages'] = array(
     '#type' => 'textarea',
@@ -89,7 +104,12 @@
     $path = drupal_get_normal_path($path);
     $query = drupal_query_string_encode($query);
     $page_match = securepages_match($path);
-    if ($page_match && !$_SERVER['HTTPS']) {
+    if (variable_get('securepages_secure', 1) == 2) {
+      if ($form_id == 'user_login_block' || $form_id == 'user_login' || $form_id == 'user_pass_reset') {
+        $form['#action'] = securepages_get_destination($path, $query, TRUE);
+      }
+    }
+    else if ($page_match && !$_SERVER['HTTPS']) {
       $form['#action'] = securepages_get_destination($path, $query, TRUE);
     }
     elseif ($page_match === FALSE && $_SERVER['HTTPS'] && variable_get('securepages_switch', FALSE)) {
