[Tickets #8996] accidental whitespace in username causing problems in session
bugs at horde.org
bugs at horde.org
Thu Apr 29 18:34:02 UTC 2010
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/8996
------------------------------------------------------------------------------
Ticket | 8996
Created By | bpoyner at ccac.edu
Summary | accidental whitespace in username causing problems in
| session
Queue | IMP
Version | 4.3.6
Type | Bug
State | Unconfirmed
Priority | 2. Medium
Milestone |
Patch |
Owners |
------------------------------------------------------------------------------
bpoyner at ccac.edu (2010-04-29 14:34) wrote:
We're seeing a problem if our users logging to IMP and accidentally
add whitespace in their username. Our Horde is configured to let IMP
handle authentication, and IMP is set to authenticate against Cyrus
IMAP.
The authentication against the Cyrus IMAP server works just fine, but
any white space is added to the session information and ends up
looking like this:
testmail @acd.ccac.edu [xxxxxxxxxxxxxxxxxxxxxxxxxxxxx]
Session Timestamp: Thu, 29 Apr 2010 14:12:14 -0400
Browser: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.3)
Gecko/20100401 Firefox/3.6.3 (.NET CLR 3.5.30729)
Realm: [None]
Remote Host: xyz.ccac.edu [xxx.xxx.xxx.xxx]
This causes a few problems, the biggest of which is that the user
cannot send email (see attached image). The username also doesn't
line up properly with the preferences stored in the MySQL database.
I notice that if I go into redirect.php and change this:
IMP_Session::createSession($imapuser, $pass, $sessArray['server'], $sessArray)
to this:
IMP_Session::createSession(trim($imapuser), $pass,
$sessArray['server'], $sessArray)
The problem seems to disappear. But that probably isn't the recommended fix.
More information about the bugs
mailing list