Screen shots

Junk Email Filter

Security Notice
Phishing campain
Version 1.4.15
Security Upgrade

The PHP session information is by default stored in a directory that's set with the PHP session.save_path setting. This setting can be set in php.ini, the web server configuration or .htaccess files (for web servers supporting them).

If you want to share session information between two web servers, you can use a shared network directory.

If you prefer using a database, the PHP session extension provides functions that allow overriding default session storage back-end with custom back-end functions. See [session-set-save-handler].

[ADOdb] libraries provide an easy way to use this function. You only have to load ADOdb includes, session database configuration and ADOdb session includes before every session_start() function call.

In order to avoid need to hunt every session_start() call and modify every script that uses it, you can also use the PHP auto_prepend_file setting and load ADOdb code in that included file.

For example:

1. You create file /some-path/sessiondb.php that contains:\n

$ADODB_SESSION_DRIVER='some driver';
$ADODB_SESSION_CONNECT='some address';
$ADODB_SESSION_USER ='some username';
$ADODB_SESSION_PWD ='some password';
$ADODB_SESSION_DB ='session database';
include(ADODB_DIR . '/session/adodb-session.php');

2. Also edit config/config_local.php, adding the things explained in [src/login.php] in the comment on line 60 (at least in version 1.4.21). You'll need to duplicate the contents of session_set_save_handler() in the _init() function of "ADODB_DIR . '/session/adodb-session.php" in $custom_session_handlers.\n


 * Local config overrides.
 * You can override the config.php settings here.
 * Don't do it unless you know what you're doing.
 * Use standard PHP syntax, see config.php for examples.
 * @copyright &copy; 2002-2007 The SquirrelMail Project Team
 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
 * @version $Id: config_local.php 12522 2007-07-10 14:52:53Z kink $
 * @package squirrelmail
 * @subpackage config

$custom_session_handlers = array(


                        array('ADODB_Session', 'open'),
                        array('ADODB_Session', 'close'),
                        array('ADODB_Session', 'read'),
                        array('ADODB_Session', 'write'),
                        array('ADODB_Session', 'destroy'),
                        array('ADODB_Session', 'gc')


3. Then you prepare database for session information. ADOdb v.4.60 provides SQL dumps for MySQL and Oracle.

4. Then you add the auto_prepend_file setting to your web server configuration.\n

<directory /usr/share/squirrelmail>
   php_value auto_prepend_file "/some-path/sessiondb.php"
   # ... other directory options ...

5. Restart the web server in order to apply modifications in configuration and see how your SquirrelMail installation starts using database to store session info.

ADOdb session functions also support encryption and compression of session data.

WARNING: it is possible that sessions on networked filesystem or database are slower and there might be some problems with some IMAP servers.

© 1999-2016 by The SquirrelMail Project Team