[BUGFIX] run session_start before outputing any html

And avoid some warnings when a user password is configured.

Signed-off-by: Jerome Jutteau <j.jutteau@gmail.com>

admin.php

@@ -16,7 +16,7 @@
  *  You should have received a copy of the GNU Affero General Public License
  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-
+session_start();
 define('JIRAFEAU_ROOT', dirname(__FILE__) . '/');
 
 require(JIRAFEAU_ROOT . 'lib/settings.php');
@@ -52,9 +52,6 @@ if (php_sapi_name() == "cli") {
       exit;
   }
 
-  /* Check session. */
-  session_start();
-
   /* Unlog if asked. */
   if (isset($_POST['action']) && (strcmp($_POST['action'], 'logout') == 0)) {
       $_SESSION['admin_auth'] = false;

index.php

@@ -18,6 +18,7 @@
  *  You should have received a copy of the GNU Affero General Public License
  *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
  */
+session_start();
 define('JIRAFEAU_ROOT', dirname(__FILE__) . '/');
 
 require(JIRAFEAU_ROOT . 'lib/settings.php');
@@ -38,8 +39,6 @@ require(JIRAFEAU_ROOT . 'lib/template/header.php');
 if (true === jirafeau_challenge_upload_ip($cfg['upload_ip'], get_ip_address($cfg))) {
     // Is an upload password required?
     if (jirafeau_has_upload_password($cfg)) {
-        session_start();
-
         // Logout action
         if (isset($_POST['action']) && (strcmp($_POST['action'], 'logout') == 0)) {
             session_unset();