- Move some checks into login() method

index.php

@@ -97,8 +97,7 @@ if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') {
     $OUTPUT->show_message("cookiesdisabled", 'warning');
   }
   else if ($auth['valid'] && !$auth['abort'] &&
-        !empty($auth['host']) && !empty($auth['user']) &&
-        $RCMAIL->login($auth['user'], $auth['pass'], $auth['host'])
+    $RCMAIL->login($auth['user'], $auth['pass'], $auth['host'])
   ) {
     // create new session ID, don't destroy the current session
     // it was destroyed already by $RCMAIL->kill_session() above

program/include/rcmail.php

@@ -750,11 +750,15 @@ class rcmail
    * @param string IMAP user name
    * @param string IMAP password
    * @param string IMAP host
+   *
    * @return boolean True on success, False on failure
    */
   function login($username, $pass, $host=NULL)
   {
-    $user = NULL;
+    if (empty($username)) {
+      return false;
+    }
+
     $config = $this->config->all();
 
     if (!$host)