From 5e7012bc326653bdd4741d261986778df413d134 Mon Sep 17 00:00:00 2001
From: stronk7 <stronk7>
Date: Thu, 14 Jul 2005 22:52:48 +0000
Subject: [PATCH] Bump. Now login page is 100% HTTPS if required.

---
 login/index.php | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/login/index.php b/login/index.php
index ee1acdb1b02ec..5a436307ea667 100644
--- a/login/index.php
+++ b/login/index.php
@@ -4,6 +4,9 @@
 
     $loginguest = optional_param('loginguest', false); // determines whether visitors are logged in as guest automatically
 
+    //HTTPS is potentially required in this page
+    httpsrequired();
+
 /// Check if the guest user exists.  If not, create one.
     if (! record_exists("user", "username", "guest")) {
         $guest->auth        = "manual"; 
@@ -48,12 +51,7 @@
     } else {
         $currlang = current_language();
         $langs    = get_list_of_languages();
-        if (empty($CFG->loginhttps)) {
-            $wwwroot = $CFG->wwwroot;
-        } else {
-            $wwwroot = str_replace('http','https',$CFG->wwwroot);
-        }
-        $langmenu = popup_form ("$wwwroot/login/index.php?lang=", $langs, "chooselang", $currlang, "", "", "", true);
+        $langmenu = popup_form ("$CFG->httpswwwroot/login/index.php?lang=", $langs, "chooselang", $currlang, "", "", "", true);
     }
 
     $loginsite = get_string("loginsite");