Refactor: Remove unused is_https_request function and related comments; clean up test_login function by removing unnecessary password list

Author: jokob-sk

front/index.php

@@ -87,32 +87,6 @@ function login_user(): void {
     session_regenerate_id(true);
 }
 
-function is_https_request(): bool {
-
-    // Direct HTTPS detection
-    if (!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') {
-        return true;
-    }
-
-    // Standard port check
-    if (!empty($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == 443) {
-        return true;
-    }
-
-    // Trusted proxy headers (only valid if behind a trusted reverse proxy)
-    if (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
-        strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) === 'https') {
-        return true;
-    }
-
-    if (!empty($_SERVER['HTTP_X_FORWARDED_SSL']) &&
-        strtolower($_SERVER['HTTP_X_FORWARDED_SSL']) === 'on') {
-        return true;
-    }
-
-    return false;
-}
-
 
 function logout_user(): void {
     $_SESSION = [];

test/ui/test_ui_login.py

@@ -32,8 +32,6 @@ def get_login_password():
     # SHA256 hash of "password" - the default test password (from index.php)
     DEFAULT_PASSWORD_HASH = '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92'
 
-    # List of passwords to try in order
-    passwords_to_try = ["123456", "password", "test", "admin"]
 
     # Try common config file locations
     config_paths = [