sqsetcookie is called every time sqsession_is_active is called, which results in...

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@12872 7612ce4b-ef26-0410-bec9-ea0150e637f0

diff --git a/functions/global.php b/functions/global.php
index c3b611299e4a6d5a3c47e0483b531e298b4e452f..1faeac33917879d79387f97a244b9800fbe273da 100644 (file)
--- a/functions/global.php
+++ b/functions/global.php
@@ -416,12 +416,19 @@ function sqsession_start() {
     // was: @session_start();
     $session_id = session_id();
 
-    // session_starts sets the sessionid cookie buth without the httponly var
+    // session_starts sets the sessionid cookie but without the httponly var
     // setting the cookie again sets the httponly cookie attribute
-    sqsetcookie(session_name(),$session_id,false,$base_uri);
+    //
+    // need to check if headers have been sent, since sqsession_is_active()
+    // has become just a passthru to this function, so the sqsetcookie()
+    // below is called every time, even after headers have already been sent
+    //
+    if (!headers_sent())
+       sqsetcookie(session_name(),$session_id,false,$base_uri);
 }
 
 
+
 /**
  * Set a cookie
  * @param string  $sName     The name of the cookie.