sqsetcookie is called every time sqsession_is_active is called, which results in...

[squirrelmail.git] / functions / global.php

diff --git a/functions/global.php b/functions/global.php
index 1f560e89500cafa69f4420938ca146f64e80f5dc..1faeac33917879d79387f97a244b9800fbe273da 100644 (file)
--- a/functions/global.php
+++ b/functions/global.php
@@ -85,6 +85,8 @@ function sqstripslashes(&$array) {
 
 /**
  * Squelch error output to screen (only) for the given function.
+ * If the SquirrelMail debug mode SM_DEBUG_MODE_ADVANCED is not 
+ * enabled, error output will not go to the log, either.
  *
  * This provides an alternative to the @ error-suppression
  * operator where errors will not be shown in the interface
@@ -110,9 +112,21 @@ function sqstripslashes(&$array) {
  *
  */
 function sq_call_function_suppress_errors($function, $args=NULL) {
+   global $sm_debug_mode;
+
    $display_errors = ini_get('display_errors');
    ini_set('display_errors', '0');
+
+   // if advanced debug mode isn't enabled, don't log the error, either
+   //
+   if (!($sm_debug_mode & SM_DEBUG_MODE_ADVANCED))
+      $error_reporting = error_reporting(0);
+
    $ret = call_user_func_array($function, $args);
+
+   if (!($sm_debug_mode & SM_DEBUG_MODE_ADVANCED))
+      error_reporting($error_reporting);
+
    ini_set('display_errors', $display_errors);
    return $ret;
 }
@@ -360,9 +374,8 @@ function sqsession_destroy() {
 
     global $base_uri, $_COOKIE, $_SESSION;
 
-    if (isset($_COOKIE[session_name()]) && session_name()) sqsetcookie(session_name(), '', 0, $base_uri);
-    if (isset($_COOKIE['username']) && $_COOKIE['username']) sqsetcookie('username','',0,$base_uri);
-    if (isset($_COOKIE['key']) && $_COOKIE['key']) sqsetcookie('key','',0,$base_uri);
+    if (isset($_COOKIE[session_name()]) && session_name()) sqsetcookie(session_name(), $_COOKIE[session_name()], 1, $base_uri);
+    if (isset($_COOKIE['key']) && $_COOKIE['key']) sqsetcookie('key','SQMTRASH',1,$base_uri);
 
     $sessid = session_id();
     if (!empty( $sessid )) {
@@ -403,12 +416,19 @@ function sqsession_start() {
     // was: @session_start();
     $session_id = session_id();
 
-    // session_starts sets the sessionid cookie buth without the httponly var
+    // session_starts sets the sessionid cookie but without the httponly var
     // setting the cookie again sets the httponly cookie attribute
-    sqsetcookie(session_name(),$session_id,false,$base_uri);
+    //
+    // need to check if headers have been sent, since sqsession_is_active()
+    // has become just a passthru to this function, so the sqsetcookie()
+    // below is called every time, even after headers have already been sent
+    //
+    if (!headers_sent())
+       sqsetcookie(session_name(),$session_id,false,$base_uri);
 }
 
 
+
 /**
  * Set a cookie
  * @param string  $sName     The name of the cookie.