Merge branch 'master' into newevent

Conflicts:
	include/zot.php

1 files changed, 13 insertions, 12 deletions

diff --git a/index.php b/index.php
index 6019cecd3..5a9ec1026 100755
--- a/index.php
+++ b/index.php
@@ -27,9 +27,6 @@ $a->install = ((file_exists('.htconfig.php') && filesize('.htconfig.php')) ? fal
 
 @include(".htconfig.php");
 
-$a->language = get_best_language();
-	
-
 /**
  *
  * Try to open the database;
@@ -54,10 +51,23 @@ if(! $a->install) {
 	load_hooks();
 	call_hooks('init_1');
 	
+	$a->language = get_best_language();
 	load_translation_table($a->language);
+	// Force the cookie to be secure (https only) if this site is SSL enabled. Must be done before session_start().
+
+	if(intval($a->config['system']['ssl_cookie_protection'])) {
+		$arr = session_get_cookie_params();
+		session_set_cookie_params(
+			((isset($arr['lifetime']))  ? $arr['lifetime'] : 0),
+			((isset($arr['path']))      ? $arr['path']     : '/'),
+			((isset($arr['domain']))    ? $arr['domain']   : $a->get_hostname()),
+			((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') ? true : false),
+			((isset($arr['httponly']))  ? $arr['httponly'] : true));
+	}
 }
 else {
 	// load translations but do not check plugins as we have no database
+	$a->language = get_best_language();
 	load_translation_table($a->language,true);
 }
 
@@ -73,15 +83,6 @@ else {
  *
  */
 
-// Force the cookie to be secure (https only) if this site is SSL enabled. Must be done before session_start().
-
-$arr = session_get_cookie_params();
-session_set_cookie_params(
-	((isset($arr['lifetime']))  ? $arr['lifetime'] : 60*5),
-	((isset($arr['path']))      ? $arr['path']     : '/'),
-	((isset($arr['domain']))    ? $arr['domain']   : $a->get_hostname()),
-	((isset($_SERVER['HTTPS'])) ? true             : false),
-	((isset($arr['httponly']))  ? $arr['httponly'] : true));
 session_start();
 
 /**