From: stekkel Date: Thu, 6 Apr 2006 17:18:29 +0000 (+0000) Subject: More cookie stuff. Clean up old cookies so they do not get priority over our X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=1d537493eaf89337f6a40373a61b8663fafa8a72;p=squirrelmail.git More cookie stuff. Clean up old cookies so they do not get priority over our own cookies with the corrected cookie path. git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@11031 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- diff --git a/include/init.php b/include/init.php index d41abd28..3b056dc5 100644 --- a/include/init.php +++ b/include/init.php @@ -11,22 +11,10 @@ * @package squirrelmail */ - - - - -/** - * SquirrelMail internal version number -- DO NOT CHANGE - * $sm_internal_version = array (release, major, minor) - */ - -$SQM_INTERNAL_VERSION = array(1,5,2); - /** * This is a development version so in order to track programmer mistakes we * set the error reporting to E_ALL */ - error_reporting(E_ALL); @@ -34,7 +22,6 @@ error_reporting(E_ALL); * If register_globals are on, unregister globals. * Code requires PHP 4.1.0 or newer. */ - if ((bool) @ini_get('register_globals')) { /** * Remove all globals from $_GET, $_POST, and $_COOKIE. @@ -143,17 +130,17 @@ if (!isset($session_name) || !$session_name) { /** * if session.auto_start is On then close the session - */ -$session_autostart_name = session_name(); -if ((isset($session_autostart_name) || $session_autostart_name == '') && - $session_autostart_name !== $session_name) { - $cookiepath = ini_get('session.cookie_path'); - $cookiedomain = ini_get('session.cookie_domain'); + */ +$sSessionAutostartName = session_name(); +if ((isset($sSessionAutostartName) || $sSessionAutostartName == '') && + $sSessionAutostartName !== $session_name) { + $sCookiePath = ini_get('session.cookie_path'); + $sCookieDomain = ini_get('session.cookie_domain'); // reset the cookie - setcookie($session_autostart_name,'',time() - 604800,$cookiepath,$cookiedomain); + setcookie($sSessionAutostartName,'',time() - 604800,$sCookiePath,$sCookieDomain); @session_destroy(); session_write_close(); -} +} /** * includes from classes stored in the session @@ -180,6 +167,12 @@ sqsession_register($base_uri, SM_BASE_URI); */ $version = '1.5.2 [CVS]'; +/** + * SquirrelMail internal version number -- DO NOT CHANGE + * $sm_internal_version = array (release, major, minor) + */ +$SQM_INTERNAL_VERSION = array(1,5,2); + /** * Retrieve the language cookie */ @@ -240,6 +233,20 @@ switch ($sInitLocation) { require(SM_PATH . 'functions/display_messages.php' ); require(SM_PATH . 'functions/page_header.php'); require(SM_PATH . 'functions/html.php'); + /** + * cleanup old cookies with a cookie path the same as the standard php.ini + * cookie path. All previous SquirrelMail version used the standard php.ini + * cookie path for storing the session name. That behaviour changed. + */ + if ($sCookiePath !== SM_BASE_URI) { + /** + * do not delete the standard sessions with session.name is i.e. PHPSESSID + * because they probably belong to other php apps + */ + if (ini_get('session.name') !== $sSessionAutostartName) { + sqsetcookie(ini_get('session.name'),'',0,$sCookiePath); + } + } break; default: require(SM_PATH . 'functions/display_messages.php' ); diff --git a/src/login.php b/src/login.php index 2fea9d04..a758525c 100644 --- a/src/login.php +++ b/src/login.php @@ -110,6 +110,10 @@ if (! isset($color) || ! is_array($color)) { $color[7] = '#0000cc'; /* blue Links */ $color[8] = '#000000'; /* black Normal text */ } +/** + * send out all the cookies + */ +sqsetcookieflush(); displayHtmlHeader( "$org_name - " . _("Login"), $header, FALSE );