+/**
+ * Prevents users from reposting their form data after a successful logout.
+ *
+ * Derived from webmail.php by Ralf Kraudelt <kraude@wiwi.uni-rostock.de>
+ *
+ * @copyright © 1999-2006 The SquirrelMail Project Team
+ * @license http://opensource.org/licenses/gpl-license.php GNU Public License
+ * @version $Id$
+ * @package squirrelmail
+ */
+$sInitLocation = 'redirect';
+
+/**
+ * Include the SquirrelMail initialization file.
+ */
+require('../include/init.php');
+
+/* SquirrelMail required files. */
+require_once(SM_PATH . 'functions/imap_general.php');
+require_once(SM_PATH . 'functions/strings.php');
+
+header('Pragma: no-cache');
+$location = get_location();
+
+// session_set_cookie_params (0, $base_uri);
+
+sqsession_unregister ('user_is_logged_in');
+sqsession_register ($base_uri, 'base_uri');
+
+/* get globals we me need */
+sqGetGlobalVar('login_username', $login_username);
+sqGetGlobalVar('secretkey', $secretkey);
+if(!sqGetGlobalVar('squirrelmail_language', $squirrelmail_language) || $squirrelmail_language == '') {
+ $squirrelmail_language = $squirrelmail_default_language;
+}
+if (!sqgetGlobalVar('mailto', $mailto)) {
+ $mailto = '';
+}
+
+/* end of get globals */
+
+set_up_language($squirrelmail_language, true);
+/* Refresh the language cookie. */
+sqsetcookie('squirrelmail_language', $squirrelmail_language, time()+2592000,
+ $base_uri);
+
+if (!isset($login_username)) {
+ logout_error( _("You must be logged in to access this page.") );
+ exit;
+}
+
+if (!sqsession_is_registered('user_is_logged_in')) {
+ do_hook ('login_before');
+
+ $onetimepad = OneTimePadCreate(strlen($secretkey));
+ $key = OneTimePadEncrypt($secretkey, $onetimepad);
+
+ /* remove redundant spaces */
+ $login_username = trim($login_username);
+
+ /* Verify that username and password are correct. */
+ if ($force_username_lowercase) {
+ $login_username = strtolower($login_username);
+ }
+
+ $imapConnection = sqimap_login($login_username, $key, $imapServerAddress, $imapPort, 0);
+ /* From now on we are logged it. If the login failed then sqimap_login handles it */
+
+ /* regenerate the session id to avoid session hyijacking */
+ sqsession_destroy();
+ @sqsession_is_active();
+ session_regenerate_id();