// do not start a session if we are using http auth...
// we have a situation where the app is behind a http access and is also login
// need to work out a way to handle that.
-
- $session_started = false;
- if (php_sapi_name() != "cli" && empty($_SERVER['PHP_AUTH_USER']) && empty($_COOKIE['PHPSESSID'])) {
- $session_started = false;
- @session_start();
+
+ if (php_sapi_name() != "cli" && empty($_SERVER['PHP_AUTH_USER']) && !empty($ff->disable_http_auth)) {
+ @session_start();
}
-
-
- $ff= HTML_FlexyFramework::get();
+
$sesPrefix = $this->sesPrefix();
}
// at this point all http auth stuff is done, so we can init session
- if (php_sapi_name() != "cli" && !$session_started) {
- @session_start();
- }
+
//die("test init");
if (!$this->canInitializeSystem()) {