summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGELOG1
-rw-r--r--index.php27
-rw-r--r--program/include/rcmail.php45
-rw-r--r--program/localization/en_US/messages.inc1
4 files changed, 62 insertions, 12 deletions
diff --git a/CHANGELOG b/CHANGELOG
index e80471100..7e298fbe7 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG Roundcube Webmail
===========================
+- Show explicit error message when provided hostname is invalid (#1488550)
- Fix wrong compose screen elements focus in IE9 (#1488541)
- Fix fatal error when date.timezone isn't set (#1488546)
- Update to TinyMCE 3.5.4.1
diff --git a/index.php b/index.php
index 3f4aebb94..d58947d32 100644
--- a/index.php
+++ b/index.php
@@ -103,12 +103,9 @@ if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') {
'valid' => $request_valid,
));
- // check if client supports cookies
- if ($auth['cookiecheck'] && empty($_COOKIE)) {
- $OUTPUT->show_message("cookiesdisabled", 'warning');
- }
- else if ($auth['valid'] && !$auth['abort'] &&
- $RCMAIL->login($auth['user'], $auth['pass'], $auth['host'])
+ // Login
+ if ($auth['valid'] && !$auth['abort'] &&
+ $RCMAIL->login($auth['user'], $auth['pass'], $auth['host'], $auth['cookiecheck'])
) {
// create new session ID, don't destroy the current session
// it was destroyed already by $RCMAIL->kill_session() above
@@ -143,9 +140,23 @@ if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') {
$OUTPUT->redirect($redir);
}
else {
- $error_code = is_object($RCMAIL->storage) ? $RCMAIL->storage->get_error_code() : 1;
+ if (!$auth['valid']) {
+ $error_code = RCMAIL::ERROR_INVALID_REQUEST;
+ }
+ else {
+ $error_code = $auth['error'] ? $auth['error'] : $RCMAIL->login_error();
+ }
+
+ $error_labels = array(
+ RCMAIL::ERROR_STORAGE => 'storageerror',
+ RCMAIL::ERROR_COOKIES_DISABLED => 'cookiesdisabled',
+ RCMAIL::ERROR_INVALID_REQUEST => 'invalidrequest',
+ RCMAIL::ERROR_INVALID_HOST => 'invalidhost',
+ );
+
+ $error_message = $error_labels[$error_code] ? $error_labels[$error_code] : 'loginfailed';
- $OUTPUT->show_message($error_code < -1 ? 'storageerror' : (!$auth['valid'] ? 'invalidrequest' : 'loginfailed'), 'warning');
+ $OUTPUT->show_message($error_message, 'warning');
$RCMAIL->plugins->exec_hook('login_failed', array(
'code' => $error_code, 'host' => $auth['host'], 'user' => $auth['user']));
$RCMAIL->kill_session();
diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index 66e9a5c06..b287acc2e 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -131,6 +131,11 @@ class rcmail
private $shutdown_functions = array();
private $expunge_cache = false;
+ const ERROR_STORAGE = -2;
+ const ERROR_INVALID_REQUEST = 1;
+ const ERROR_INVALID_HOST = 2;
+ const ERROR_COOKIES_DISABLED = 3;
+
/**
* This implements the 'singleton' design pattern
@@ -814,15 +819,23 @@ class rcmail
* @param string Mail storage (IMAP) user name
* @param string Mail storage (IMAP) password
* @param string Mail storage (IMAP) host
+ * @param bool Enables cookie check
*
* @return boolean True on success, False on failure
*/
- function login($username, $pass, $host=NULL)
+ function login($username, $pass, $host = null, $cookiecheck = false)
{
+ $this->login_error = null;
+
if (empty($username)) {
return false;
}
+ if ($cookiecheck && empty($_COOKIE)) {
+ $this->login_error = self::ERROR_COOKIES_DISABLED;
+ return false;
+ }
+
$config = $this->config->all();
if (!$host)
@@ -839,11 +852,18 @@ class rcmail
break;
}
}
- if (!$allowed)
- return false;
+ if (!$allowed) {
+ $host = null;
}
- else if (!empty($config['default_host']) && $host != rcube_parse_host($config['default_host']))
+ }
+ else if (!empty($config['default_host']) && $host != rcube_parse_host($config['default_host'])) {
+ $host = null;
+ }
+
+ if (!$host) {
+ $this->login_error = self::ERROR_INVALID_HOST;
return false;
+ }
// parse $host URL
$a_host = parse_url($host);
@@ -983,6 +1003,23 @@ class rcmail
}
+ /**
+ * Returns error code of last login operation
+ *
+ * @return int Error code
+ */
+ public function login_error()
+ {
+ if ($this->login_error) {
+ return $this->login_error;
+ }
+
+ if ($this->storage && $this->storage->get_error_code() < -1) {
+ return self::ERROR_STORAGE;
+ }
+ }
+
+
/**
* Set storage parameters.
* This must be done AFTER connecting to the server!
diff --git a/program/localization/en_US/messages.inc b/program/localization/en_US/messages.inc
index 995be7b65..cabc9998b 100644
--- a/program/localization/en_US/messages.inc
+++ b/program/localization/en_US/messages.inc
@@ -33,6 +33,7 @@ $messages['requesttimedout'] = 'Request timed out';
$messages['errorreadonly'] = 'Unable to perform operation. Folder is read-only.';
$messages['errornoperm'] = 'Unable to perform operation. Permission denied.';
$messages['invalidrequest'] = 'Invalid request! No data was saved.';
+$messages['invalidhost'] = 'Invalid server name.';
$messages['nomessagesfound'] = 'No messages found in this mailbox.';
$messages['loggedout'] = 'You have successfully terminated the session. Good bye!';
$messages['mailboxempty'] = 'Mailbox is empty.';