Refactor: Remove unused is_https_request function and related comments; clean up test_login function by removing unnecessary password list

2026-02-23 18:56:05 -05:00 · 2026-02-22 05:11:09 +00:00
parent c4c966ffa7
commit 39f617be5f
2 changed files with 0 additions and 28 deletions
--- a/front/index.php
+++ b/front/index.php
@@ -87,32 +87,6 @@ function login_user(): void {
    session_regenerate_id(true);
 }

-function is_https_request(): bool {
-
-    // Direct HTTPS detection
-    if (!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') {
-        return true;
-    }
-
-    // Standard port check
-    if (!empty($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == 443) {
-        return true;
-    }
-
-    // Trusted proxy headers (only valid if behind a trusted reverse proxy)
-    if (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
-        strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) === 'https') {
-        return true;
-    }
-
-    if (!empty($_SERVER['HTTP_X_FORWARDED_SSL']) &&
-        strtolower($_SERVER['HTTP_X_FORWARDED_SSL']) === 'on') {
-        return true;
-    }
-
-    return false;
-}
-

 function logout_user(): void {
    $_SESSION = [];
--- a/test/ui/test_ui_login.py
+++ b/test/ui/test_ui_login.py
@@ -32,8 +32,6 @@ def get_login_password():
    # SHA256 hash of "password" - the default test password (from index.php)
    DEFAULT_PASSWORD_HASH = '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92'

-    # List of passwords to try in order
-    passwords_to_try = ["123456", "password", "test", "admin"]

    # Try common config file locations
    config_paths = [