diff options
Diffstat (limited to 'plugins/http_authentication')
-rw-r--r-- | plugins/http_authentication/config.inc.php.dist | 4 | ||||
-rw-r--r-- | plugins/http_authentication/http_authentication.php | 16 |
2 files changed, 9 insertions, 11 deletions
diff --git a/plugins/http_authentication/config.inc.php.dist b/plugins/http_authentication/config.inc.php.dist index 0940dee1f..0d798a586 100644 --- a/plugins/http_authentication/config.inc.php.dist +++ b/plugins/http_authentication/config.inc.php.dist @@ -5,5 +5,5 @@ // Default mail host to log-in using user/password from HTTP Authentication. // This is useful if the users are free to choose arbitrary mail hosts (or // from a list), but have one host they usually want to log into. -// Unlike $config['default_host'] this must be a string! -$config['http_authentication_host'] = ''; +// Unlike $rcmail_config['default_host'] this must be a string! +$rcmail_config['http_authentication_host'] = ''; diff --git a/plugins/http_authentication/http_authentication.php b/plugins/http_authentication/http_authentication.php index 83f29c84f..a94b6121a 100644 --- a/plugins/http_authentication/http_authentication.php +++ b/plugins/http_authentication/http_authentication.php @@ -7,7 +7,7 @@ * * Configuration: * // redirect the client to this URL after logout. This page is then responsible to clear HTTP auth - * $config['logout_url'] = 'http://server.tld/logout.html'; + * $rcmail_config['logout_url'] = 'http://server.tld/logout.html'; * * See logout.html (in this directory) for an example how HTTP auth can be cleared. * @@ -29,7 +29,7 @@ class http_authentication extends rcube_plugin function startup($args) { - if (!empty($_SERVER['PHP_AUTH_USER'])) { + if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) { $rcmail = rcmail::get_instance(); $rcmail->add_shutdown_function(array('http_authentication', 'shutdown')); @@ -38,8 +38,7 @@ class http_authentication extends rcube_plugin $args['action'] = 'login'; } // Set user password in session (see shutdown() method for more info) - else if (!empty($_SESSION['user_id']) && empty($_SESSION['password']) - && !empty($_SERVER['PHP_AUTH_PW'])) { + else if (!empty($_SESSION['user_id']) && empty($_SESSION['password'])) { $_SESSION['password'] = $rcmail->encrypt($_SERVER['PHP_AUTH_PW']); } } @@ -53,8 +52,8 @@ class http_authentication extends rcube_plugin $this->load_config(); $host = rcmail::get_instance()->config->get('http_authentication_host'); - if (is_string($host) && trim($host) !== '' && empty($args['host'])) - $args['host'] = rcube_utils::idn_to_ascii(rcube_utils::parse_host($host)); + if (is_string($host) && trim($host) !== '') + $args['host'] = rcube_idn_to_ascii(rcube_parse_host($host)); // Allow entering other user data in login form, // e.g. after log out (#1487953) @@ -62,10 +61,9 @@ class http_authentication extends rcube_plugin return $args; } - if (!empty($_SERVER['PHP_AUTH_USER'])) { + if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) { $args['user'] = $_SERVER['PHP_AUTH_USER']; - if (!empty($_SERVER['PHP_AUTH_PW'])) - $args['pass'] = $_SERVER['PHP_AUTH_PW']; + $args['pass'] = $_SERVER['PHP_AUTH_PW']; } $args['cookiecheck'] = false; |