/**
* Function to start the session and store the cookie with the session_id as
* HttpOnly cookie which means that the cookie isn't accessible by javascript
* (IE6 only)
* Note that as sqsession_is_active() no longer discriminates as to when
* it calls this function, session_start() has to have E_NOTICE suppression
* (thus the @ sign).
*/
function sqsession_start()
{
global $base_uri;
sq_call_function_suppress_errors('session_start');
// was: @session_start();
$session_id = session_id();
// session_starts sets the sessionid cookie but without the httponly var
// setting the cookie again sets the httponly cookie attribute
//
// need to check if headers have been sent, since sqsession_is_active()
// has become just a passthru to this function, so the sqsetcookie()
// below is called every time, even after headers have already been sent
//
if (!headers_sent()) {
sqsetcookie(session_name(), $session_id, false, $base_uri);
}
}
function saveAttachedFiles($session)
{
global $composeMessage, $username, $attachment_dir;
/* get out of here if no file was attached at all */
if (!is_uploaded_file($_FILES['attachfile']['tmp_name'])) {
return true;
}
$hashed_attachment_dir = getHashedDir($username, $attachment_dir);
$localfilename = sq_get_attach_tempfile();
$fullpath = $hashed_attachment_dir . '/' . $localfilename;
// m_u_f works better with restricted PHP installs (safe_mode, open_basedir),
// if that doesn't work, try a simple rename.
if (!sq_call_function_suppress_errors('move_uploaded_file', array($_FILES['attachfile']['tmp_name'], $fullpath))) {
if (!sq_call_function_suppress_errors('rename', array($_FILES['attachfile']['tmp_name'], $fullpath))) {
return true;
}
}
$type = strtolower($_FILES['attachfile']['type']);
$name = $_FILES['attachfile']['name'];
$composeMessage->initAttachment($type, $name, $localfilename);
}
