X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=include%2Finit.php;h=50124500e4bfc8bc9e83f57e346337e440600f98;hp=226964729d8302a4dd903db500bdaec578a362e3;hb=d9188d9ad875c5e29b88f3be6d65447f48984fff;hpb=c7ebdfcf0b4f318f9ae50f4da877f9471e20b435 diff --git a/include/init.php b/include/init.php index 22696472..50124500 100644 --- a/include/init.php +++ b/include/init.php @@ -85,6 +85,7 @@ if (!(bool)ini_get('session.use_cookies') || ini_set('session.use_cookies','1'); } + /** * calculate SM_PATH and calculate the base_uri * assumptions made: init.php is only called from plugins or from the src dir. @@ -92,27 +93,29 @@ if (!(bool)ini_get('session.use_cookies') || * */ if (isset($_SERVER['SCRIPT_NAME'])) { - $a = explode('/',$_SERVER['SCRIPT_NAME']); + $a = explode('/', $_SERVER['SCRIPT_NAME']); } elseif (isset($HTTP_SERVER_VARS['SCRIPT_NAME'])) { - $a = explode('/',$HTTP_SERVER_VARS['SCRIPT_NAME']); + $a = explode('/', $HTTP_SERVER_VARS['SCRIPT_NAME']); } else { - $error = 'Unable to detect script environment. ' - .'Please test your PHP settings and send PHP core config, $_SERVER ' - .'and $HTTP_SERVER_VARS to SquirrelMail developers.'; + $error = 'Unable to detect script environment. Please test your PHP ' + . 'settings and send your PHP core configuration, $_SERVER and ' + . '$HTTP_SERVER_VARS contents to the SquirrelMail developers.'; die($error); } $sSM_PATH = ''; -for($i = count($a) -2;$i > -1; --$i) { +for($i = count($a) -2; $i > -1; --$i) { $sSM_PATH .= '../'; if ($a[$i] === 'src' || $a[$i] === 'plugins') { break; } } -$base_uri = implode('/',array_slice($a,0,$i)). '/'; +$base_uri = implode('/', array_slice($a, 0, $i)). '/'; define('SM_PATH',$sSM_PATH); define('SM_BASE_URI', $base_uri); + + /** * global var $bInit is used to check if initialisation took place. * At this moment it's a workarounf for the include of addrbook_search_html @@ -206,32 +209,17 @@ if (!isset($session_name) || !$session_name) { } /** - * When on login page or if session.auto_start is On - * we want to destroy/close the session (save off - * possible session restoration values first) + * When session.auto_start is On we want to destroy/close the session */ -if (!sqGetGlobalVar('session_expired_post', $sep, SQ_SESSION)) - $sep = ''; -if (!sqGetGlobalVar('session_expired_location', $sel, SQ_SESSION)) - $sel = ''; $sSessionAutostartName = session_name(); $sCookiePath = null; -if (PAGE_NAME == 'login' - || (isset($sSessionAutostartName) && $sSessionAutostartName !== $session_name)) { +if (isset($sSessionAutostartName) && $sSessionAutostartName !== $session_name) { $sCookiePath = ini_get('session.cookie_path'); $sCookieDomain = ini_get('session.cookie_domain'); // reset the cookie setcookie($sSessionAutostartName,'',time() - 604800,$sCookiePath,$sCookieDomain); @session_destroy(); session_write_close(); - - /** - * in some rare instances, the session seems to stick - * around even after destroying it (!!), so if it does, - * we'll manually flatten the $_SESSION data - */ - if (!empty($_SESSION)) - $_SESSION = array(); } /** @@ -243,6 +231,37 @@ ini_set('session.name' , $session_name); session_set_cookie_params (0, $base_uri); sqsession_is_active(); +/** + * When on login page, have to reset the user session, making + * sure to save session restore data first + */ +if (PAGE_NAME == 'login') { + if (!sqGetGlobalVar('session_expired_post', $sep, SQ_SESSION)) + $sep = ''; + if (!sqGetGlobalVar('session_expired_location', $sel, SQ_SESSION)) + $sel = ''; + sqsession_destroy(); + session_write_close(); + + /** + * in some rare instances, the session seems to stick + * around even after destroying it (!!), so if it does, + * we'll manually flatten the $_SESSION data + */ + if (!empty($_SESSION)) + $_SESSION = array(); + + sqsession_is_active(); + session_regenerate_id(); + + // put session restore data back into session if necessary + if (!empty($sel)) { + sqsession_register($sel, 'session_expired_location'); + if (!empty($sep)) + sqsession_register($sep, 'session_expired_post'); + } +} + /** * SquirrelMail internal version number -- DO NOT CHANGE * $sm_internal_version = array (release, major, minor) @@ -254,6 +273,7 @@ $SQM_INTERNAL_VERSION[2] = intval($SQM_INTERNAL_VERSION[2]); /* load prefs system; even when user not logged in, should be OK to do this here */ require(SM_PATH . 'functions/prefs.php'); +// FIXME: config/plugin_hooks.php has not yet been loaded (see a few lines below); so this hook call should I think not be working -- has anyone actually tested it? Is there any reason we cannot move this prefs code block down below "MAIN PLUGIN LOADING CODE HERE" (see below)? Reading the code, I *think* it should be OK, but.... $prefs_backend = do_hook('prefs_backend', $null); if (isset($prefs_backend) && !empty($prefs_backend) && file_exists(SM_PATH . $prefs_backend)) { require(SM_PATH . $prefs_backend); @@ -374,13 +394,6 @@ switch (PAGE_NAME) { require(SM_PATH . 'functions/page_header.php'); require(SM_PATH . 'functions/html.php'); - // put session restore data back into session if necessary - if (!empty($sel)) { - sqsession_register($sel, 'session_expired_location'); - if (!empty($sep)) - sqsession_register($sep, 'session_expired_post'); - } - // reset template file cache // $sTemplateID = Template::get_default_template_set();