- Plugin API: Add 'pass' argument in 'authenticate' hook (#1487134)

2 files changed, 7 insertions, 5 deletions

diff --git a/CHANGELOG b/CHANGELOG
index 60bc323cd..555fdfc9f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,10 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Plugin API: Add 'pass' argument in 'authenticate' hook (#1487134)
+
+RELEASE 0.5-BETA
+----------------
 - Make session data storage more robust against garbage session data (#1487136)
 - Config option for autocomplete on login screen
 - Allow plugin templates to include local files (#1487133)
diff --git a/index.php b/index.php
index f1e5ac1d0..6e774f8d4 100644
--- a/index.php
+++ b/index.php
@@ -77,16 +77,14 @@ $RCMAIL->action = $startup['action'];
 if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') {
   // purge the session in case of new login when a session already exists 
   $RCMAIL->kill_session();
-  
+
   $auth = $RCMAIL->plugins->exec_hook('authenticate', array(
     'host' => $RCMAIL->autoselect_host(),
     'user' => trim(get_input_value('_user', RCUBE_INPUT_POST)),
+    'pass' => get_input_value('_pass', RCUBE_INPUT_POST, true,
+       $RCMAIL->config->get('password_charset', 'ISO-8859-1')),
     'cookiecheck' => true,
   ));
-  
-  if (!isset($auth['pass']))
-    $auth['pass'] = get_input_value('_pass', RCUBE_INPUT_POST, true,
-        $RCMAIL->config->get('password_charset', 'ISO-8859-1'));
 
   // check if client supports cookies
   if ($auth['cookiecheck'] && empty($_COOKIE)) {