Add is_https() as a common function
diff --git a/system/core/Common.php b/system/core/Common.php
index 341402c..2dd31d3 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -330,6 +330,24 @@
// ------------------------------------------------------------------------
+if ( ! function_exists('is_https'))
+{
+ /**
+ * Is HTTPS?
+ *
+ * Determines if the application is accessed via an encrypted
+ * (HTTPS) connection.
+ *
+ * @return bool
+ */
+ function is_https()
+ {
+ return ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off');
+ }
+}
+
+// ------------------------------------------------------------------------
+
if ( ! function_exists('show_error'))
{
/**
diff --git a/system/core/Config.php b/system/core/Config.php
index 8e4f998..e78128c 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -75,7 +75,7 @@
{
if (isset($_SERVER['HTTP_HOST']))
{
- $base_url = ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') ? 'https' : 'http';
+ $base_url = is_https() ? 'https' : 'http';
$base_url .= '://'.$_SERVER['HTTP_HOST']
.str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']);
}
diff --git a/system/core/Security.php b/system/core/Security.php
index b22d2cf..2fbc5b3 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -198,7 +198,7 @@
$expire = time() + $this->_csrf_expire;
$secure_cookie = (bool) config_item('cookie_secure');
- if ($secure_cookie && (empty($_SERVER['HTTPS']) OR strtolower($_SERVER['HTTPS']) === 'off'))
+ if ($secure_cookie && ! is_https())
{
return FALSE;
}