From 319ad3c0c8da205707d50cfbd9c37e61d70cc314 Mon Sep 17 00:00:00 2001 From: pdontthink Date: Tue, 28 Aug 2007 23:36:51 +0000 Subject: [PATCH] Make session restore work in compose_in_new. Cannot do login session reset until after correct session has been started once. git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@12618 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- include/init.php | 43 ++++++++++++++++++++++++++----------------- src/redirect.php | 6 +++--- 2 files changed, 29 insertions(+), 20 deletions(-) diff --git a/include/init.php b/include/init.php index 22696472..26e43e4e 100644 --- a/include/init.php +++ b/include/init.php @@ -206,32 +206,17 @@ if (!isset($session_name) || !$session_name) { } /** - * When on login page or if session.auto_start is On - * we want to destroy/close the session (save off - * possible session restoration values first) + * When session.auto_start is On we want to destroy/close the session */ -if (!sqGetGlobalVar('session_expired_post', $sep, SQ_SESSION)) - $sep = ''; -if (!sqGetGlobalVar('session_expired_location', $sel, SQ_SESSION)) - $sel = ''; $sSessionAutostartName = session_name(); $sCookiePath = null; -if (PAGE_NAME == 'login' - || (isset($sSessionAutostartName) && $sSessionAutostartName !== $session_name)) { +if (isset($sSessionAutostartName) && $sSessionAutostartName !== $session_name) { $sCookiePath = ini_get('session.cookie_path'); $sCookieDomain = ini_get('session.cookie_domain'); // reset the cookie setcookie($sSessionAutostartName,'',time() - 604800,$sCookiePath,$sCookieDomain); @session_destroy(); session_write_close(); - - /** - * in some rare instances, the session seems to stick - * around even after destroying it (!!), so if it does, - * we'll manually flatten the $_SESSION data - */ - if (!empty($_SESSION)) - $_SESSION = array(); } /** @@ -243,6 +228,30 @@ ini_set('session.name' , $session_name); session_set_cookie_params (0, $base_uri); sqsession_is_active(); +/** + * When on login page, have to reset the user session, making + * sure to save session restore data first + */ +if (PAGE_NAME == 'login') { + if (!sqGetGlobalVar('session_expired_post', $sep, SQ_SESSION)) + $sep = ''; + if (!sqGetGlobalVar('session_expired_location', $sel, SQ_SESSION)) + $sel = ''; + sqsession_destroy(); + session_write_close(); + + /** + * in some rare instances, the session seems to stick + * around even after destroying it (!!), so if it does, + * we'll manually flatten the $_SESSION data + */ + if (!empty($_SESSION)) + $_SESSION = array(); + + sqsession_is_active(); + session_regenerate_id(); +} + /** * SquirrelMail internal version number -- DO NOT CHANGE * $sm_internal_version = array (release, major, minor) diff --git a/src/redirect.php b/src/redirect.php index 6443ce5a..4c910bcb 100644 --- a/src/redirect.php +++ b/src/redirect.php @@ -149,12 +149,12 @@ if ( sqgetGlobalVar('session_expired_location', $session_expired_location, SQ_SE if ($compose_new_win) { // do not prefix $location here because $session_expired_location is set to the PAGE_NAME // of the last page - $redirect_url = $location . $session_expired_location . '.php'; + $redirect_url = $location . '/' . $session_expired_location . '.php'; } else { - $redirect_url = $location . '/webmail.php?right_frame=compose.php'; + $redirect_url = $location . '/webmail.php?right_frame=' . urlencode($session_expired_location . '.php'); } } else { - $redirect_url = $location . '/webmail.php?right_frame=' . urlencode($session_expired_location) . '.php'; + $redirect_url = $location . '/webmail.php?right_frame=' . urlencode($session_expired_location . '.php'); } unset($session_expired_location); } -- 2.25.1