From c1dd4e872c2046d83338b8eaa691d03d56a841ed Mon Sep 17 00:00:00 2001 From: pdontthink Date: Mon, 26 Mar 2007 16:32:26 +0000 Subject: [PATCH] Using the string 'deleted' in expired cookies can have unintented consequences for cookies treated as boolean, also 'deleted' could be a potential valid cookie value. Using empty string instead. Anyone know of any reason 'deleted' is actually useful? git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@12349 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- functions/global.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/functions/global.php b/functions/global.php index 8d28dd24..b88311fd 100644 --- a/functions/global.php +++ b/functions/global.php @@ -378,7 +378,7 @@ function sqsession_start() { * @param boolean $bHttpOnly Disallow JS to access the cookie (IE6 only) * @return void */ -function sqsetcookie($sName,$sValue="deleted",$iExpire=0,$sPath="",$sDomain="",$bSecure=false,$bHttpOnly=true) { +function sqsetcookie($sName,$sValue='',$iExpire=0,$sPath="",$sDomain="",$bSecure=false,$bHttpOnly=true) { // if we have a secure connection then limit the cookies to https only. if ($sName && isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']) { $bSecure = true; @@ -403,7 +403,7 @@ function sqsetcookie($sName,$sValue="deleted",$iExpire=0,$sPath="",$sDomain="",$ $Port = strpos($Domain, ':'); if ($Port !== false) $Domain = substr($Domain, 0, $Port); } - if (!$sValue) $sValue = 'deleted'; + if (!$sValue) $sValue = ''; header('Set-Cookie: ' . rawurlencode($sName) . '=' . rawurlencode($sValue) . (empty($iExpires) ? '' : '; expires=' . gmdate('D, d-M-Y H:i:s', $iExpires) . ' GMT') . (empty($sPath) ? '' : '; path=' . $sPath) -- 2.25.1