[Svn] r4290 - in trunk/roundcubemail: . config program/include

trac at roundcube.net trac at roundcube.net
Tue Nov 30 14:43:05 CET 2010


Author: alec
Date: 2010-11-30 07:43:04 -0600 (Tue, 30 Nov 2010)
New Revision: 4290

Modified:
   trunk/roundcubemail/CHANGELOG
   trunk/roundcubemail/config/main.inc.php.dist
   trunk/roundcubemail/program/include/rcmail.php
   trunk/roundcubemail/program/include/rcube_user.php
Log:
- Add 'login_lc' config option for case-insensitive authentication (#1487113)
- Make username comparison case sensitive on MySQL


Modified: trunk/roundcubemail/CHANGELOG
===================================================================
--- trunk/roundcubemail/CHANGELOG	2010-11-29 11:41:20 UTC (rev 4289)
+++ trunk/roundcubemail/CHANGELOG	2010-11-30 13:43:04 UTC (rev 4290)
@@ -3,6 +3,7 @@
 
 - Plugin API: Add 'pass' argument in 'authenticate' hook (#1487134)
 - Fix attachments of type message/rfc822 are not listed on attachments list
+- Add 'login_lc' config option for case-insensitive authentication (#1487113)
 
 RELEASE 0.5-BETA
 ----------------

Modified: trunk/roundcubemail/config/main.inc.php.dist
===================================================================
--- trunk/roundcubemail/config/main.inc.php.dist	2010-11-29 11:41:20 UTC (rev 4289)
+++ trunk/roundcubemail/config/main.inc.php.dist	2010-11-30 13:43:04 UTC (rev 4290)
@@ -183,6 +183,10 @@
 // Allow browser-autocompletion on login form
 $rcmail_config['login_autocomplete'] = false;
 
+// If users authentication is not case sensitive this must be enabled.
+// You can also use it to force conversion of logins to lower case.
+$rcmail_config['login_lc'] = false;
+
 // automatically create a new Roundcube user when log-in the first time.
 // a new user will be created once the IMAP login succeeds.
 // set to false if only registered users can use this service

Modified: trunk/roundcubemail/program/include/rcmail.php
===================================================================
--- trunk/roundcubemail/program/include/rcmail.php	2010-11-29 11:41:20 UTC (rev 4289)
+++ trunk/roundcubemail/program/include/rcmail.php	2010-11-30 13:43:04 UTC (rev 4290)
@@ -678,10 +678,16 @@
         $username .= '@'.rcube_parse_host($config['username_domain']);
     }
 
+    // Convert username to lowercase. If IMAP backend
+    // is case-insensitive we need to store always the same username (#1487113)
+    if ($config['login_lc']) {
+      $username = mb_strtolower($username);
+    }
+
     // try to resolve email address from virtuser table
-    if (strpos($username, '@'))
-      if ($virtuser = rcube_user::email2user($username))
-        $username = $virtuser;
+    if (strpos($username, '@') && ($virtuser = rcube_user::email2user($username))) {
+      $username = $virtuser;
+    }
 
     // Here we need IDNA ASCII
     // Only rcube_contacts class is using domain names in Unicode
@@ -704,8 +710,14 @@
     if (!($imap_login = $this->imap->connect($host, $username, $pass, $imap_port, $imap_ssl))) {
       // try with lowercase
       $username_lc = mb_strtolower($username);
-      if ($username_lc != $username && ($imap_login = $this->imap->connect($host, $username_lc, $pass, $imap_port, $imap_ssl)))
-        $username = $username_lc;
+      if ($username_lc != $username) {
+        // try to find user record again -> overwrite username
+        if (!$user && ($user = rcube_user::query($username_lc, $host)))
+          $username_lc = $user->data['username'];
+
+        if ($imap_login = $this->imap->connect($host, $username_lc, $pass, $imap_port, $imap_ssl))
+          $username = $username_lc;
+      }
     }
 
     // exit if IMAP login failed

Modified: trunk/roundcubemail/program/include/rcube_user.php
===================================================================
--- trunk/roundcubemail/program/include/rcube_user.php	2010-11-29 11:41:20 UTC (rev 4289)
+++ trunk/roundcubemail/program/include/rcube_user.php	2010-11-30 13:43:04 UTC (rev 4290)
@@ -358,13 +358,17 @@
     {
         $dbh = rcmail::get_instance()->get_dbh();
 
+        // use BINARY (case-sensitive) comparison on MySQL, other engines are case-sensitive
+        $prefix = preg_match('/^mysql/', $dbh->db_provider) ? 'BINARY ' : '';
+
         // query for matching user name
         $query = "SELECT * FROM ".get_table_name('users')." WHERE mail_host = ? AND %s = ?";
-        $sql_result = $dbh->query(sprintf($query, 'username'), $host, $user);
 
+        $sql_result = $dbh->query(sprintf($query, $prefix.'username'), $host, $user);
+
         // query for matching alias
         if (!($sql_arr = $dbh->fetch_assoc($sql_result))) {
-            $sql_result = $dbh->query(sprintf($query, 'alias'), $host, $user);
+            $sql_result = $dbh->query(sprintf($query, $prefix.'alias'), $host, $user);
             $sql_arr = $dbh->fetch_assoc($sql_result);
         }
 

_______________________________________________
http://lists.roundcube.net/mailman/listinfo/svn



More information about the Svn mailing list