Per comments in the commit - setting the session cookie over and over can be troubles...

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14552 7612ce4b-ef26-0410-bec9-ea0150e637f0

diff --git a/functions/global.php b/functions/global.php
index 68e6e70b66b50d2c2ae53f953722850fed8a325d..1883494a0a04fafd97441ad1b40a378e9e997495 100644 (file)
--- a/functions/global.php
+++ b/functions/global.php
@@ -589,6 +589,21 @@ function sqsession_start() {
 function sqsetcookie($sName, $sValue='deleted', $iExpire=0, $sPath="", $sDomain="",
                      $bSecure=false, $bHttpOnly=true, $bReplace=false) {
  
+    // some environments can get overwhelmed by an excessive
+    // setting of the same cookie over and over (e.g., many
+    // calls to this function via sqsession_is_active() result
+    // in repeated setting of the session cookie when $bReplace
+    // is FALSE, but something odd happens (during login only)
+    // if we change that to default TRUE) ... so we keep our own
+    // naive per-request name/value cache and only set the cookie
+    // if its value is changing (or never seen before)
+    static $cookies = array();
+    if (isset($cookies[$sName]) && $cookies[$sName] === $sValue)
+        return;
+    else
+        $cookies[$sName] = $sValue;
+
+
     // if we have a secure connection then limit the cookies to https only.
     global $is_secure_connection;
     if ($sName && $is_secure_connection)