← Back to branch summary

~ubuntu-branches/ubuntu/quantal/squirrelmail/quantal

« back to all changes in this revision

Viewing changes to include/validate.php

  • Committer: Bazaar Package Importer
  • Author(s): Thijs Kinkhorst
  • Date: 2008-09-28 16:33:48 UTC
  • mfrom: (11.1.7 intrepid)
  • Revision ID: james.westby@ubuntu.com-20080928163348-hgxf8au2d4zspabg
Tags: 2:1.4.15-3
http://bugs.debian.org/499942
Cookies sent over HTTPS will now be confined to HTTPS only
(cookie secure flag) and more support for the HTTPOnly cookie
attribute. Patch taken from upstream release.
(CVE-2008-3663, closes: #499942)

Show diffs side-by-side

added added

removed removed

Lines of Context:
include/validate.php
3
3
/**
4
4
 * validate.php
5
5
 *
6
 
 * @copyright © 1999-2006 The SquirrelMail Project Team
 
6
 * @copyright © 1999-2007 The SquirrelMail Project Team
7
7
 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
8
 
 * @version $Id: validate.php,v 1.9.2.7 2006/08/07 19:07:44 kink Exp $
 
8
 * @version $Id: validate.php 12932 2008-02-10 16:49:47Z kink $
9
9
 * @package squirrelmail
10
10
 */
11
11
 
 
12
/**
 
13
 * Make sure we have a page name
 
14
 *
 
15
 */
 
16
if ( !defined('PAGE_NAME') ) define('PAGE_NAME', NULL);
 
17
 
 
18
 
12
19
/** include the mime class before the session start ! otherwise we can't store
13
20
 * messages with a session_register.
14
21
 *
40
47
/* SquirrelMail required files. */
41
48
require_once(SM_PATH . 'class/mime.class.php');
42
49
require_once(SM_PATH . 'functions/global.php');
43
 
require_once(SM_PATH . 'functions/strings.php');
44
 
require_once(SM_PATH . 'config/config.php');
45
 
 
46
 
/* set the name of the session cookie */
47
 
if(isset($session_name) && $session_name) {
48
 
    ini_set('session.name' , $session_name);
49
 
} else {
50
 
    ini_set('session.name' , 'SQMSESSID');
51
 
}
52
 
 
53
 
sqsession_is_active();
54
 
 
55
50
require_once(SM_PATH . 'functions/i18n.php');
56
51
require_once(SM_PATH . 'functions/auth.php');
57
52
 
82
77
    putenv("TZ=".$timeZone);
83
78
}
84
79
 
85
 
?>