+ sqsession_start();
+ }
+}
+
+/**
+ * Function to start the session and store the cookie with the session_id as
+ * HttpOnly cookie which means that the cookie isn't accessible by javascript
+ * (IE6 only)
+ */
+function sqsession_start() {
+ global $PHP_SELF;
+
+ $dirs = array('|src/.*|', '|plugins/.*|', '|functions/.*|');
+ $repl = array('', '', '');
+ $base_uri = preg_replace($dirs, $repl, $PHP_SELF);
+
+
+ session_start();
+ $sessid = session_id();
+ // session_starts sets the sessionid cookie buth without the httponly var
+ // setting the cookie again sets the httponly cookie attribute
+ sqsetcookie(session_name(),$sessid,false,$base_uri);
+}
+
+
+/**
+ * Set a cookie
+ * @param string $sName The name of the cookie.
+ * @param string $sValue The value of the cookie.
+ * @param int $iExpire The time the cookie expires. This is a Unix timestamp so is in number of seconds since the epoch.
+ * @param string $sPath The path on the server in which the cookie will be available on.
+ * @param string $sDomain The domain that the cookie is available.
+ * @param boolean $bSecure Indicates that the cookie should only be transmitted over a secure HTTPS connection.
+ * @param boolean $bHttpOnly Disallow JS to access the cookie (IE6 only)
+ * @return void
+ */
+function sqsetcookie($sName,$sValue,$iExpire=false,$sPath="",$sDomain="",$bSecure=false,$bHttpOnly=true) {
+ $sHeader = "Set-Cookie: $sName=$sValue";
+ if ($sPath) {
+ $sHeader .= "; path=$sPath";
+ }
+ if ($iExpire !== false) {
+ $sHeader .= "; Max-Age=$iExpire";
+ // php uses Expire header, also add the expire header
+ if ($iExpire === 0) {
+ $sHeader .= "; expires=". date("r",time() - 3600);
+ } else {
+ $sHeader .= "; expires=". date("r",$iExpire);
+ }
+ }
+ if ($sDomain) {
+ $sHeader .= "; Domain=$sDomain";
+ }
+ if ($bSecure) {
+ $sHeader .= "; Secure";
+ }
+ if ($bHttpOnly) {
+ $sHeader .= "; HttpOnly";
+ }
+ // $sHeader .= "; Version=1";
+
+ header($sHeader);
+}
+
+function php_combined_lcg() {
+ $tv = gettimeofday();
+ $lcg['s1'] = $tv['sec'] ^ (~$tv['usec']);
+ $lcg['s2'] = posix_getpid();
+
+ $q = (int) ($lcg['s1'] / 53668);
+ $lcg['s1'] = (int) (40014 * ($lcg['s1'] - 53668 * $q) - 12211 * $q);
+ if ($lcg['s1'] < 0)
+ $lcg['s1'] += 2147483563;
+
+ $q = (int) ($lcg['s2'] / 52774);
+ $lcg['s2'] = (int) (40692 * ($lcg['s2'] - 52774 * $q) - 3791 * $q);
+ if ($lcg['s2'] < 0)
+ $lcg['s2'] += 2147483399;
+
+ $z = (int) ($lcg['s1'] - $lcg['s2']);
+ if ($z < 1) {
+ $z += 2147483562;
+ }
+
+ return $z * 4.656613e-10;
+}
+
+
+if (!function_exists('session_regenerate_id')) {
+
+ function session_regenerate_id() {
+ global $base_uri;
+
+ $tv = gettimeofday();
+ $buf = sprintf("%.15s%ld%ld%0.8f", $_SERVER['REMOTE_ADDR'], $tv['sec'], $tv['usec'], php_combined_lcg() * 10);
+ $sessid = session_id(md5($buf));
+ if (ini_get('session.use_cookies')) {
+ if (isset($_COOKIE[session_name()])) sqsetcookie(session_name(), $sessid, 0, $base_uri);
+ }
+ return true;