X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FCore%2FInstaller.php;h=041771812526fe028b8e7cda42d7137f7e54ec33;hb=ae6e13815d66320f97cfca08b83eadc19ab6aaf0;hp=b2b84c6182eaa76e3618c87463e21d4470631972;hpb=55dda47f39f77537f0527ffd486003d15e77a850;p=friendica.git

diff --git a/src/Core/Installer.php b/src/Core/Installer.php
index b2b84c6182..0417718125 100644
--- a/src/Core/Installer.php
+++ b/src/Core/Installer.php
@@ -129,6 +129,10 @@ class Installer
 			$returnVal = false;
 		}
 
+		if (!$this->checkTLS()) {
+			$returnVal = false;
+		}
+
 		if (!$this->checkKeys()) {
 			$returnVal = false;
 		}
@@ -580,6 +584,38 @@ class Installer
 		return $status;
 	}
 
+	/**
+	 * TLS Check
+	 *
+	 * Tries to determine whether the connection to the server is secured
+	 * by TLS or not. If not the user will be warned that it is higly
+	 * encuraged to use TLS.
+	 *
+	 * @return bool (true) as TLS is not mandatory
+	 */
+	public function checkTLS()
+	{
+		$tls = false;
+
+		if (isset($_SERVER['HTTPS'])) {
+			if (($_SERVER['HTTPS'] == 1) || ($_SERVER['HTTPS'] == 'on')) {
+				$tls = true;
+			}
+		}
+		
+		if (!$tls) {
+			$help = DI::l10n()->t('The detection of TLS to secure the communication between the browser and the new Friendica server failed.');
+			$help .= ' ' . DI::l10n()->t('It is highly encouraged to use Friendica only over a secure connection as sensitive information like passwords will be transmitted.');
+			$help .= ' ' . DI::l10n()->t('Please ensure that the connection to the server is secure.');
+			$this->addCheck(DI::l10n()->t('No TLS detected'), $tls, false, $help);
+		} else {
+			$this->addCheck(DI::l10n()->t('TLS detected'), $tls, false, '');
+		}
+
+		// TLS is not required
+		return true;
+	}
+
 	/**
 	 * Imagick Check
 	 *