summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAleksander Machniak <alec@alec.pl>2014-04-30 09:07:29 +0200
committerAleksander Machniak <alec@alec.pl>2014-04-30 09:08:28 +0200
commit34e6526c958f3a0143a2cf5c8f1b9be29ebd65ef (patch)
tree638fbeaa29b28a59d310ff8e3710ecd35a8aa846
parent50fee948fd6dda6774c3e95469023d15add0d9ea (diff)
Fix invalid host validation on login (#1489841)
-rw-r--r--CHANGELOG1
-rw-r--r--program/include/rcmail.php32
2 files changed, 11 insertions, 22 deletions
diff --git a/CHANGELOG b/CHANGELOG
index b2c97c87a..dcd5bdf35 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -20,6 +20,7 @@ CHANGELOG Roundcube Webmail
- Fix various db_prefix issues (#1489839)
- Fix too small length of users.preferences column data type on MySQL
- Fix redundant warning when switching from html to text in empty editor (#1489819)
+- Fix invalid host validation on login (#1489841)
RELEASE 1.0.0
-------------
diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index bf2291310..f0afc6b63 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -497,30 +497,18 @@ class rcmail extends rcube
$username_domain = $this->config->get('username_domain');
$login_lc = $this->config->get('login_lc', 2);
- if (!$host) {
- $host = $default_host;
- }
-
- // Validate that selected host is in the list of configured hosts
- if (is_array($default_host)) {
- $allowed = false;
-
- foreach ($default_host as $key => $host_allowed) {
- if (!is_numeric($key)) {
- $host_allowed = $key;
- }
- if ($host == $host_allowed) {
- $allowed = true;
- break;
- }
+ // host is validated in rcmail::autoselect_host(), so here
+ // we'll only handle unset host (if possible)
+ if (!$host && !empty($default_host)) {
+ if (is_array($default_host)) {
+ list($key, $val) = each($default_host);
+ $host = is_numeric($key) ? $val : $key;
}
-
- if (!$allowed) {
- $host = null;
+ else {
+ $host = $default_host;
}
- }
- else if (!empty($default_host) && $host != rcube_utils::parse_host($default_host)) {
- $host = null;
+
+ $host = rcube_utils::parse_host($host);
}
if (!$host) {