Added host auto-selection and correct password encoding for IMAP login

18 years ago · 0a020cac3e
parent d04d202234
commit 0a020cac3e
3 changed files with 46 additions and 7 deletions
--- a/index.php
+++ b/index.php
@ -166,7 +166,7 @@ if ($_action=='html2text')
 // try to log in
 if ($_action=='login' && $_task=='mail')
  {
-  $host = $_POST['_host'] ? $_POST['_host'] : $CONFIG['default_host'];
+  $host = rcmail_autoselect_host();
  
  // check if client supports cookies
  if (empty($_COOKIE))
@ -174,7 +174,8 @@ if ($_action=='login' && $_task=='mail')
    show_message("cookiesdisabled", 'warning');
    }
  else if (isset($_POST['_user']) && isset($_POST['_pass']) &&
-           rcmail_login(get_input_value('_user', RCUBE_INPUT_POST), $_POST['_pass'], $host))
+           rcmail_login(get_input_value('_user', RCUBE_INPUT_POST),
+              get_input_value('_pass', RCUBE_INPUT_POST, true, 'ISO-8859-1'), $host))
    {
    // send redirect
    header("Location: $COMM_PATH");
--- a/program/include/main.inc
+++ b/program/include/main.inc
@ -413,6 +413,34 @@ function rcmail_set_locale($lang)
  }


+// auto-select IMAP host based on the posted login information
+function rcmail_autoselect_host()
+  {
+  global $CONFIG;
+  
+  $host = isset($_POST['_host']) ? get_input_value('_host', RCUBE_INPUT_POST) : $CONFIG['default_host'];
+  if (is_array($host))
+    {
+    list($user, $domain) = explode('@', get_input_value('_user', RCUBE_INPUT_POST));
+    if (!empty($domain))
+      {
+      foreach ($host as $imap_host => $mail_domains)
+        if (is_array($mail_domains) && in_array($domain, $mail_domains))
+          {
+          $host = $imap_host;
+          break;
+          }
+      }
+
+    // take the first entry if $host is still an array
+    if (is_array($host))
+      $host = array_shift($host);
+    }
+  
+  return $host;
+  }
+
+
 // perfom login to the IMAP server and to the webmail service
 function rcmail_login($user, $pass, $host=NULL)
  {
@ -1732,14 +1760,22 @@ function rcmail_login_form($attrib)
    $select_host = new select(array('name' => '_host', 'id' => 'rcmloginhost'));
    
    foreach ($CONFIG['default_host'] as $key => $value)
-      $select_host->add($value, (is_numeric($key) ? $value : $key));
+    {
+      if (!is_array($value))
+        $select_host->add($value, (is_numeric($key) ? $value : $key));
+      else
+        {
+        unset($select_host);
+        break;
+        }
+    }
      
-    $fields['host'] = $select_host->show($_POST['_host']);
+    $fields['host'] = isset($select_host) ? $select_host->show($_POST['_host']) : null;
    }
  else if (!strlen($CONFIG['default_host']))
    {
-	$input_host = new textfield(array('name' => '_host', 'id' => 'rcmloginhost', 'size' => 30));
-	$fields['host'] = $input_host->show($_POST['_host']);
+    $input_host = new textfield(array('name' => '_host', 'id' => 'rcmloginhost', 'size' => 30));
+    $fields['host'] = $input_host->show($_POST['_host']);
    }

  $form_name = strlen($attrib['form']) ? $attrib['form'] : 'form';
--- a/program/lib/imap.inc
+++ b/program/lib/imap.inc
@ -39,6 +39,7 @@
 		- Added BCC and REFERENCE to the list of headers to fetch in iil_C_FetchHeaders()
 		- Leave messageID unchanged in iil_C_FetchHeaders()
 		- Avoid stripslahes in iil_Connect()
+		- Escape quotes and backslashes in iil_C_Login()
 		- Added patch to iil_SortHeaders() by Richard Green
 		- Removed <br> from error messages (better for logging)
 		- Added patch to iil_C_Sort() enabling UID SORT commands
@ -225,8 +226,9 @@ function iil_C_Authenticate(&$conn, $user, $pass, $encChallenge){

 function iil_C_Login(&$conn, $user, $password){

+    $password = strtr($password, array('"'=>'\\"', '\\' => '\\\\'));  
    fputs($conn->fp, "a001 LOGIN $user \"$password\"\r\n");
-		
+
 	do{
 	    $line = iil_ReadReply($conn->fp);
 	}while(!iil_StartsWith($line, "a001 "));