added use of PHP's session management

[squirrelmail.git] / src / webmail.php

diff --git a/src/webmail.php b/src/webmail.php
index c30b0b355b0ffb5d34747a3a81ce01ce4a8dfb51..dc20b44eb90bfae76dd217e759ca05f87f21785d 100644 (file)
--- a/src/webmail.php
+++ b/src/webmail.php
@@ -6,24 +6,39 @@
     **
     **/
 
+   session_start();
+
    if(!isset($username)) {
       echo _("You need a valid user and password to access this page!");
       exit;
    }
 
-   setcookie("username", $username, 0, "/");
-   setcookie("key", $key, 0, "/");
-   setcookie("logged_in", 1, 0, "/");
+#   setcookie("username", $username, 0, "/");
+#   setcookie("key", $key, 0, "/");
+#   setcookie("logged_in", 1, 0, "/");
+   
+   session_register("username");
+   session_register("key");
+   session_register("logged_in");
+   $logged_in = 0;
+
+   $PHPSESSID = session_id();
+   
    // Refresh the language cookie.
-   if (isset($squirrelmail_language))
-      setcookie("squirrelmail_language", $squirrelmail_language,
-                time()+2592000);
+   if (isset($squirrelmail_language)) {
+      session_register("squirrelmail_language");
+#      setcookie("squirrelmail_language", $squirrelmail_language, time()+2592000);
+   }
 ?>
 <HTML><HEAD>
 <?
    include ("../config/config.php");
    include ("../functions/prefs.php");
+   include ("../functions/imap.php");
 
+   // verify that username and password are correct
+   $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
+   
    include ("../src/load_prefs.php");
    
    echo "<TITLE>";
@@ -45,15 +60,15 @@
 **/
    if ($right_frame == "right_main.php") {
       $urlMailbox = urlencode($mailbox);
-      echo "<FRAME SRC=\"left_main.php\" NAME=\"left\">";
-      echo "<FRAME SRC=\"right_main.php?mailbox=$urlMailbox&sort=$sort&startMessage=$startMessage\" NAME=\"right\">";
+      echo "<FRAME SRC=\"left_main.php?PHPSESSID=$PHPSESSID\" NAME=\"left\">";
+      echo "<FRAME SRC=\"right_main.php?PHPSESSID=$PHPSESSID&mailbox=$urlMailbox&sort=$sort&startMessage=$startMessage\" NAME=\"right\">";
    } else if ($right_frame == "folders.php") {
       $urlMailbox = urlencode($mailbox);
-      echo "<FRAME SRC=\"left_main.php\" NAME=\"left\">";
-      echo "<FRAME SRC=\"folders.php\" NAME=\"right\">";
+      echo "<FRAME SRC=\"left_main.php?PHPSESSID=$PHPSESSID\" NAME=\"left\">";
+      echo "<FRAME SRC=\"folders.php?PHPSESSID=$PHPSESSID\" NAME=\"right\">";
    } else {
-      echo "<FRAME SRC=\"left_main.php\" NAME=\"left\">";
-      echo "<FRAME SRC=\"right_main.php\" NAME=\"right\">";
+      echo "<FRAME SRC=\"left_main.php?PHPSESSID=$PHPSESSID\" NAME=\"left\">";
+      echo "<FRAME SRC=\"right_main.php?PHPSESSID=$PHPSESSID\" NAME=\"right\">";
    }
 ?>
 </FRAMESET>