sqsetcookie is called every time sqsession_is_active is called, which results in...

[squirrelmail.git] / functions / global.php

diff --git a/functions/global.php b/functions/global.php
index c3b611299e4a6d5a3c47e0483b531e298b4e452f..1faeac33917879d79387f97a244b9800fbe273da 100644 (file)
--- a/functions/global.php
+++ b/functions/global.php
@@ -416,12 +416,19 @@ function sqsession_start() {
     // was: @session_start();
     $session_id = session_id();
 
     // was: @session_start();
     $session_id = session_id();
 

-    // session_starts sets the sessionid cookie buth without the httponly var
+    // session_starts sets the sessionid cookie but without the httponly var

     // setting the cookie again sets the httponly cookie attribute
     // setting the cookie again sets the httponly cookie attribute

-    sqsetcookie(session_name(),$session_id,false,$base_uri);
+    //
+    // need to check if headers have been sent, since sqsession_is_active()
+    // has become just a passthru to this function, so the sqsetcookie()
+    // below is called every time, even after headers have already been sent
+    //
+    if (!headers_sent())
+       sqsetcookie(session_name(),$session_id,false,$base_uri);

 }
 
 
 }
 
 

+

 /**
  * Set a cookie
  * @param string  $sName     The name of the cookie.
 /**
  * Set a cookie
  * @param string  $sName     The name of the cookie.