Merge branch 'master' of https://github.com/friendica/red

1 files changed, 11 insertions, 9 deletions

diff --git a/index.php b/index.php
index 6019cecd3..a07c1a633 100755
--- a/index.php
+++ b/index.php
@@ -55,6 +55,17 @@ if(! $a->install) {
 	call_hooks('init_1');
 	
 	load_translation_table($a->language);
+	// Force the cookie to be secure (https only) if this site is SSL enabled. Must be done before session_start().
+
+	if(intval($a->config['system']['ssl_cookie_protection'])) {
+		$arr = session_get_cookie_params();
+		session_set_cookie_params(
+			((isset($arr['lifetime']))  ? $arr['lifetime'] : 60*5),
+			((isset($arr['path']))      ? $arr['path']     : '/'),
+			((isset($arr['domain']))    ? $arr['domain']   : $a->get_hostname()),
+			((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') ? true : false),
+			((isset($arr['httponly']))  ? $arr['httponly'] : true));
+	}
 }
 else {
 	// load translations but do not check plugins as we have no database
@@ -73,15 +84,6 @@ else {
  *
  */
 
-// Force the cookie to be secure (https only) if this site is SSL enabled. Must be done before session_start().
-
-$arr = session_get_cookie_params();
-session_set_cookie_params(
-	((isset($arr['lifetime']))  ? $arr['lifetime'] : 60*5),
-	((isset($arr['path']))      ? $arr['path']     : '/'),
-	((isset($arr['domain']))    ? $arr['domain']   : $a->get_hostname()),
-	((isset($_SERVER['HTTPS'])) ? true             : false),
-	((isset($arr['httponly']))  ? $arr['httponly'] : true));
 session_start();
 
 /**