diff options
author | Aleksander Machniak <alec@alec.pl> | 2012-06-30 18:41:18 +0200 |
---|---|---|
committer | Aleksander Machniak <alec@alec.pl> | 2012-06-30 18:41:18 +0200 |
commit | 7c8fd8031038e7958ef4dbb059e86decd6fefa28 (patch) | |
tree | 98b788759409a2916a7f49e74b2aef1d12cf48e9 | |
parent | f69eb5fd684a4b563308b9e024088bf7e0e5952a (diff) |
Show explicit error message when provided hostname is invalid (#1488550)
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | index.php | 27 | ||||
-rw-r--r-- | program/include/rcmail.php | 46 | ||||
-rw-r--r-- | program/localization/en_US/messages.inc | 1 |
4 files changed, 63 insertions, 12 deletions
@@ -1,6 +1,7 @@ CHANGELOG Roundcube Webmail =========================== +- Show explicit error message when provided hostname is invalid (#1488550) - Fix wrong compose screen elements focus in IE9 (#1488541) - Fix fatal error when date.timezone isn't set (#1488546) - Update to TinyMCE 3.5.4.1 @@ -100,12 +100,9 @@ if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') { 'valid' => $request_valid, )); - // check if client supports cookies - if ($auth['cookiecheck'] && empty($_COOKIE)) { - $OUTPUT->show_message("cookiesdisabled", 'warning'); - } - else if ($auth['valid'] && !$auth['abort'] && - $RCMAIL->login($auth['user'], $auth['pass'], $auth['host']) + // Login + if ($auth['valid'] && !$auth['abort'] && + $RCMAIL->login($auth['user'], $auth['pass'], $auth['host'], $auth['cookiecheck']) ) { // create new session ID, don't destroy the current session // it was destroyed already by $RCMAIL->kill_session() above @@ -140,9 +137,23 @@ if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') { $OUTPUT->redirect($redir); } else { - $error_code = is_object($RCMAIL->storage) ? $RCMAIL->storage->get_error_code() : 1; + if (!$auth['valid']) { + $error_code = RCMAIL::ERROR_INVALID_REQUEST; + } + else { + $error_code = $auth['error'] ? $auth['error'] : $RCMAIL->login_error(); + } + + $error_labels = array( + RCMAIL::ERROR_STORAGE => 'storageerror', + RCMAIL::ERROR_COOKIES_DISABLED => 'cookiesdisabled', + RCMAIL::ERROR_INVALID_REQUEST => 'invalidrequest', + RCMAIL::ERROR_INVALID_HOST => 'invalidhost', + ); + + $error_message = $error_labels[$error_code] ? $error_labels[$error_code] : 'loginfailed'; - $OUTPUT->show_message($error_code < -1 ? 'storageerror' : (!$auth['valid'] ? 'invalidrequest' : 'loginfailed'), 'warning'); + $OUTPUT->show_message($error_message, 'warning'); $RCMAIL->plugins->exec_hook('login_failed', array( 'code' => $error_code, 'host' => $auth['host'], 'user' => $auth['user'])); $RCMAIL->kill_session(); diff --git a/program/include/rcmail.php b/program/include/rcmail.php index 8ec8cfe47..63ae8e20f 100644 --- a/program/include/rcmail.php +++ b/program/include/rcmail.php @@ -58,6 +58,12 @@ class rcmail extends rcube const JS_OBJECT_NAME = 'rcmail'; + const ERROR_STORAGE = -2; + const ERROR_INVALID_REQUEST = 1; + const ERROR_INVALID_HOST = 2; + const ERROR_COOKIES_DISABLED = 3; + + /** * This implements the 'singleton' design pattern * @@ -366,15 +372,23 @@ class rcmail extends rcube * @param string Mail storage (IMAP) user name * @param string Mail storage (IMAP) password * @param string Mail storage (IMAP) host + * @param bool Enables cookie check * * @return boolean True on success, False on failure */ - function login($username, $pass, $host=NULL) + function login($username, $pass, $host = null, $cookiecheck = false) { + $this->login_error = null; + if (empty($username)) { return false; } + if ($cookiecheck && empty($_COOKIE)) { + $this->login_error = self::ERROR_COOKIES_DISABLED; + return false; + } + $config = $this->config->all(); if (!$host) @@ -391,11 +405,18 @@ class rcmail extends rcube break; } } - if (!$allowed) - return false; + if (!$allowed) { + $host = null; } - else if (!empty($config['default_host']) && $host != rcube_utils::parse_host($config['default_host'])) + } + else if (!empty($config['default_host']) && $host != rcube_utils::parse_host($config['default_host'])) { + $host = null; + } + + if (!$host) { + $this->login_error = self::ERROR_INVALID_HOST; return false; + } // parse $host URL $a_host = parse_url($host); @@ -534,6 +555,23 @@ class rcmail extends rcube } + /** + * Returns error code of last login operation + * + * @return int Error code + */ + public function login_error() + { + if ($this->login_error) { + return $this->login_error; + } + + if ($this->storage && $this->storage->get_error_code() < -1) { + return self::ERROR_STORAGE; + } + } + + /** * Auto-select IMAP host based on the posted login information * diff --git a/program/localization/en_US/messages.inc b/program/localization/en_US/messages.inc index 995be7b65..cabc9998b 100644 --- a/program/localization/en_US/messages.inc +++ b/program/localization/en_US/messages.inc @@ -33,6 +33,7 @@ $messages['requesttimedout'] = 'Request timed out'; $messages['errorreadonly'] = 'Unable to perform operation. Folder is read-only.'; $messages['errornoperm'] = 'Unable to perform operation. Permission denied.'; $messages['invalidrequest'] = 'Invalid request! No data was saved.'; +$messages['invalidhost'] = 'Invalid server name.'; $messages['nomessagesfound'] = 'No messages found in this mailbox.'; $messages['loggedout'] = 'You have successfully terminated the session. Good bye!'; $messages['mailboxempty'] = 'Mailbox is empty.'; |