From 826ceecab857d72d7cf8b2a347537f4f9b4bdd15 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Fri, 24 Jul 2009 09:00:12 +0000
Subject: Don't check request token on login

---
 index.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'index.php')

diff --git a/index.php b/index.php
index a6a7d7dba..3bb1227bb 100644
--- a/index.php
+++ b/index.php
@@ -2,7 +2,7 @@
 /*
  +-------------------------------------------------------------------------+
  | RoundCube Webmail IMAP Client                                           |
- | Version 0.3-20090721                                                    |
+ | Version 0.3-20090724                                                    |
  |                                                                         |
  | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland                   |
  |                                                                         |
@@ -149,7 +149,7 @@ if ($OUTPUT->ajax_call) {
   }
 }
 // check request token in POST form submissions
-else if (!empty($_POST) && !$RCMAIL->check_request()) {
+else if (!empty($_POST) && $RCMAIL->action != 'login' && !$RCMAIL->check_request()) {
   $OUTPUT->show_message('invalidrequest', 'error');
   $OUTPUT->send($RCMAIL->task);
 }
-- 
cgit v1.2.3