public static function isConnectionSecure()
{
global $browser, $conf, $registry;
if ($browser->usingSSLConnection()) {
return true;
}
if (!empty($conf['safe_ips'])) {
if (reset($conf['safe_ips']) == '*') {
return true;
}
/* $_SERVER['HTTP_X_FORWARDED_FOR'] is user data and not
* reliable. We don't consult it for safe IPs. We also have to
* assume that if it is present, the user is coming through a proxy
* server. If so, we don't count any non-SSL connection as safe, no
* matter the source IP. */
$remote = $registry->remoteHost();
if (!$remote->proxy) {
foreach ($conf['safe_ips'] as $safe_ip) {
$safe_ip = preg_replace('/(\\.0)*$/', '', $safe_ip);
if (strpos($remote->addr, $safe_ip) === 0) {
return true;
}
}
}
}
return false;
}