+/**
+ * When on login page, have to reset the user session, making
+ * sure to save session restore data first
+ */
+if (PAGE_NAME == 'login') {
+ if (!sqGetGlobalVar('session_expired_post', $sep, SQ_SESSION))
+ $sep = '';
+ if (!sqGetGlobalVar('session_expired_location', $sel, SQ_SESSION))
+ $sel = '';
+ sqsession_destroy();
+ session_write_close();
+
+ /**
+ * in some rare instances, the session seems to stick
+ * around even after destroying it (!!), so if it does,
+ * we'll manually flatten the $_SESSION data
+ */
+ if (!empty($_SESSION))
+ $_SESSION = array();
+
+ /**
+ * Allow administrators to define custom session handlers
+ * for SquirrelMail without needing to change anything in
+ * php.ini (application-level).
+ *
+ * In config_local.php, admin needs to put:
+ *
+ * $custom_session_handlers = array(
+ * 'my_open_handler',
+ * 'my_close_handler',
+ * 'my_read_handler',
+ * 'my_write_handler',
+ * 'my_destroy_handler',
+ * 'my_gc_handler',
+ * );
+ * session_module_name('user');
+ * session_set_save_handler(
+ * $custom_session_handlers[0],
+ * $custom_session_handlers[1],
+ * $custom_session_handlers[2],
+ * $custom_session_handlers[3],
+ * $custom_session_handlers[4],
+ * $custom_session_handlers[5]
+ * );
+ *
+ * We need to replicate that code once here because PHP has
+ * long had a bug that resets the session handler mechanism
+ * when the session data is also destroyed. Because of this
+ * bug, even administrators who define custom session handlers
+ * via a PHP pre-load defined in php.ini (auto_prepend_file)
+ * will still need to define the $custom_session_handlers array
+ * in config_local.php.
+ */
+ global $custom_session_handlers;
+ if (!empty($custom_session_handlers)) {
+ $open = $custom_session_handlers[0];
+ $close = $custom_session_handlers[1];
+ $read = $custom_session_handlers[2];
+ $write = $custom_session_handlers[3];
+ $destroy = $custom_session_handlers[4];
+ $gc = $custom_session_handlers[5];
+ session_module_name('user');
+ session_set_save_handler($open, $close, $read, $write, $destroy, $gc);
+ }
+
+ sqsession_is_active();
+ session_regenerate_id();
+
+ // put session restore data back into session if necessary
+ if (!empty($sel)) {
+ sqsession_register($sel, 'session_expired_location');
+ if (!empty($sep))
+ sqsession_register($sep, 'session_expired_post');
+ }
+}
+
+/**
+ * SquirrelMail internal version number -- DO NOT CHANGE
+ * $sm_internal_version = array (release, major, minor)
+ */
+$SQM_INTERNAL_VERSION = explode('.', SM_VERSION, 3);
+$SQM_INTERNAL_VERSION[2] = intval($SQM_INTERNAL_VERSION[2]);
+
+
+/* load prefs system; even when user not logged in, should be OK to do this here */
+require(SM_PATH . 'functions/prefs.php');
+
+
+/* if plugins are disabled only for one user and
+ * the current user is NOT that user, turn them
+ * back on
+ */
+sqgetGlobalVar('username', $username, SQ_SESSION);
+if ($disable_plugins && !empty($disable_plugins_user)
+ && $username != $disable_plugins_user) {
+ $disable_plugins = false;
+}
+
+
+/* remove all plugins if they are disabled */
+if ($disable_plugins) {
+ $plugins = array();
+}
+
+
+/**
+ * Include Compatibility plugin if available.
+ */
+if (!$disable_plugins && file_exists(SM_PATH . 'plugins/compatibility/functions.php'))
+ include_once(SM_PATH . 'plugins/compatibility/functions.php');
+
+
+/**
+ * MAIN PLUGIN LOADING CODE HERE
+ * On init, we no longer need to load all plugin setup files.
+ * Now, we load the statically generated hook registrations here
+ * and let the hook calls include only the plugins needed.
+ */
+$squirrelmail_plugin_hooks = array();
+if (!$disable_plugins && file_exists(SM_PATH . 'config/plugin_hooks.php')) {
+//FIXME: if we keep the plugin hooks array static like this, it seems like we should also keep the template files list in a static file too (when a new user session is started or the template set is changed, the code will dynamically iterate through the directory heirarchy of the template directory and catalog all the template files therein (and store the "catalog" in PHP session) -- instead, we could do that once at config-time and keep that static so SM can just include the file just like the line below)
+ require(SM_PATH . 'config/plugin_hooks.php');
+}
+
+
+/**
+ * Plugin authors note that the "config_override" hook used to be
+ * executed here, but please adapt your plugin to use this "prefs_backend"
+ * hook instead, making sure that it does NOT return anything, since
+ * doing so will interfere with proper prefs system functionality.
+ * Of course, otherwise, this hook may be used to do any configuration
+ * overrides as needed, as well as set up a custom preferences backend.
+ */
+$prefs_backend = do_hook('prefs_backend', $null);
+if (isset($prefs_backend) && !empty($prefs_backend) && file_exists(SM_PATH . $prefs_backend)) {
+ require(SM_PATH . $prefs_backend);
+} elseif (isset($prefs_dsn) && !empty($prefs_dsn)) {
+ require(SM_PATH . 'functions/db_prefs.php');
+} else {
+ require(SM_PATH . 'functions/file_prefs.php');
+}
+
+
+