diff options
Diffstat (limited to 'index.php')
| -rwxr-xr-x | index.php | 25 |
1 files changed, 13 insertions, 12 deletions
@@ -27,9 +27,6 @@ $a->install = ((file_exists('.htconfig.php') && filesize('.htconfig.php')) ? fal @include(".htconfig.php"); -$a->language = get_best_language(); - - /** * * Try to open the database; @@ -54,10 +51,23 @@ if(! $a->install) { load_hooks(); call_hooks('init_1'); + $a->language = get_best_language(); load_translation_table($a->language); + // Force the cookie to be secure (https only) if this site is SSL enabled. Must be done before session_start(). + + if(intval($a->config['system']['ssl_cookie_protection'])) { + $arr = session_get_cookie_params(); + session_set_cookie_params( + ((isset($arr['lifetime'])) ? $arr['lifetime'] : 0), + ((isset($arr['path'])) ? $arr['path'] : '/'), + ((isset($arr['domain'])) ? $arr['domain'] : $a->get_hostname()), + ((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') ? true : false), + ((isset($arr['httponly'])) ? $arr['httponly'] : true)); + } } else { // load translations but do not check plugins as we have no database + $a->language = get_best_language(); load_translation_table($a->language,true); } @@ -73,15 +83,6 @@ else { * */ -// Force the cookie to be secure (https only) if this site is SSL enabled. Must be done before session_start(). - -$arr = session_get_cookie_params(); -session_set_cookie_params( - ((isset($arr['lifetime'])) ? $arr['lifetime'] : 60*5), - ((isset($arr['path'])) ? $arr['path'] : '/'), - ((isset($arr['domain'])) ? $arr['domain'] : $a->get_hostname()), - ((isset($_SERVER['HTTPS'])) ? true : false), - ((isset($arr['httponly'])) ? $arr['httponly'] : true)); session_start(); /** |