From 5b06e24265ca9dfcb9ced320b8f78716372fcc56 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Mon, 26 Nov 2012 10:27:19 +0100
Subject: Cleaner way of handling user password in framework-based programs
 with no session

---
 program/lib/Roundcube/rcube_smtp.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'program/lib/Roundcube/rcube_smtp.php')

diff --git a/program/lib/Roundcube/rcube_smtp.php b/program/lib/Roundcube/rcube_smtp.php
index 490ea8ad6..96534c0b8 100644
--- a/program/lib/Roundcube/rcube_smtp.php
+++ b/program/lib/Roundcube/rcube_smtp.php
@@ -135,8 +135,8 @@ class rcube_smtp
       $this->conn->setTimeout($timeout);
     }
 
-    $smtp_user = str_replace('%u', $_SESSION['username'], $CONFIG['smtp_user']);
-    $smtp_pass = str_replace('%p', $rcube->decrypt($_SESSION['password']), $CONFIG['smtp_pass']);
+    $smtp_user = str_replace('%u', $rcube->get_user_name(), $CONFIG['smtp_user']);
+    $smtp_pass = str_replace('%p', $rcube->get_user_password(), $CONFIG['smtp_pass']);
     $smtp_auth_type = empty($CONFIG['smtp_auth_type']) ? NULL : $CONFIG['smtp_auth_type'];
 
     if (!empty($CONFIG['smtp_auth_cid'])) {
-- 
cgit v1.2.3