pretty url and login in session

10 Feb 2006

      I didn't like the AUTH hash being public in the URL, so I make now

store it in a session in my installation.  Here is a diff on

index.php, apply it if you like.
--
Eddie Tejeda
diff roundcubemail-0.1-20051021/index.php roundcubemail/index.php
79c79
< $_auth = !empty($_POST['_auth']) ? $_POST['_auth'] : $_GET['_auth'];
...
$_auth = !empty($_POST['_auth']) ? $_POST['_auth'] : $_SESSION
['_auth'];
91,92c91,92
< $COMM_PATH = sprintf('./?_auth=%s&_task=%s', $sess_auth, $_task);
< $SESS_HIDDEN_FIELD = sprintf('<input type="hidden" name="_auth"  
value="%s" />', $sess_auth);

...
$COMM_PATH = sprintf('./?_task=%s', $_task);
//$SESS_HIDDEN_FIELD = sprintf('<input type="hidden" name="_auth"
value="%s" />', $sess_auth);
125a126
...
$_SESSION['_auth'] = $sess_auth;

263a265
...

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

pretty url and login in session

< $_auth = !empty($_POST['_auth']) ? $_POST['_auth'] : $_GET['_auth'];