Config option to set the domain for cookies to something other than the host itself.

[phallstrom]

The below patch allows a config option that will then ensure that cookies are set in that domain as opposed to the FQDN of the web server itself. This allows one to manipulate that cookie from additional servers in if necessary.

Additions to config/main.inc.php:

// session domain
$rcmail_config['session_domain'] = ".example.com";

--- program/include/main.inc    (revision 2)
+++ program/include/main.inc    (working copy)
@@ -43,6 +43,10 @@
   // load configuration
   $CONFIG = rcmail_load_config();
 
+  // set session domain
+  if (!empty($CONFIG['session_domain']))
+       ini_set('session.cookie_domain', $CONFIG['session_domain']);
+
   // set session garbage collecting time according to session_lifetime
   if (!empty($CONFIG['session_lifetime']))
     ini_set('session.gc_maxlifetime', ($CONFIG['session_lifetime']) * 120);

--- program/include/session.inc (revision 2)
+++ program/include/session.inc (working copy)
@@ -173,7 +173,7 @@
 
   session_id($random);
   $cookie = session_get_cookie_params();
-  setcookie(session_name(), $random, $cookie['lifetime'], $cookie['path']);
+  setcookie(session_name(), $random, $cookie['lifetime'], $cookie['path'], $cookie['domain']);
 
   return true;
   }

[till]

We could set this by default to the environment variable, whoever needs something else they may adjust it. Should be a quickfix moving to next milestone.

[till]

Thanks! It's in [2912dbd2]!