* It also has some session register functions that work across various
* php versions.
*
- * @copyright © 1999-2006 The SquirrelMail Project Team
+ * @copyright © 1999-2007 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
if ($sName && isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']) {
$bSecure = true;
}
+
+ // admin config can override the restriction of secure-only cookies
+ global $only_secure_cookies;
+ if (!$only_secure_cookies)
+ $bSecure = false;
+
if (false && check_php_version(5,2)) {
// php 5 supports the httponly attribute in setcookie, but because setcookie seems a bit
// broken we use the header function for php 5.2 as well. We might change that later.