From 381ba3190e80164e6b477217c9b688324ac3b1c0 Mon Sep 17 00:00:00 2001
From: tokul <tokul@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Date: Sun, 4 Dec 2005 08:57:30 +0000
Subject: [PATCH] use sqsetcookie instead of setcookie. return OTP encrypted
 password key.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@10429 7612ce4b-ef26-0410-bec9-ea0150e637f0
---
 functions/auth.php | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/functions/auth.php b/functions/auth.php
index 493ddcd9..5b75a4f2 100644
--- a/functions/auth.php
+++ b/functions/auth.php
@@ -130,9 +130,13 @@ function sqauth_read_password() {
  * in authentication system used by IMAP server.
  *
  * Function must be called before any html output started. Direct access 
- * to password information is deprecated.
+ * to password information is deprecated. Saved password information is 
+ * available only to next executed SquirrelMail script. If your script needs
+ * access to saved password after sqauth_save_password() call, use returned 
+ * OTP encrypted key.
  * @param string $pass password
- * @return void
+ * @return string password encrypted with OTP. In case script wants to access 
+ *  password information before reloading page.
  * @since 1.5.1
  */
 function sqauth_save_password($pass) {
@@ -141,7 +145,8 @@ function sqauth_save_password($pass) {
     $onetimepad = OneTimePadCreate(strlen($pass));
     sqsession_register($onetimepad,'onetimepad');
     $key = OneTimePadEncrypt($pass, $onetimepad);
-    setcookie('key', $key, 0, $base_uri);
+    sqsetcookie('key', $key, false, $base_uri);
+    return $key;
 }
 
 /**
-- 
2.25.1