Opened 6 years ago
Closed 5 years ago
#1484638 closed Bugs (fixed)
opening Settings caused logout - patch provided
| Reported by: | kaystrobach | Owned by: | |
|---|---|---|---|
| Priority: | 5 | Milestone: | 0.1-stable |
| Component: | Client Scripts | Version: | git-master |
| Severity: | normal | Keywords: | |
| Cc: | kaystrobach |
Description
hi, i checked out the latest svn version through having problems with 0.1rc2
after a while of using i figured out, that i was always logged out after opening the settings.
I found the mistake in
program/steps/settings/func.inc
$username = $USER_DATAusername? . (!strpos($USER_DATAusername?, '@') ? '@'.$USER_DATAmail_host? : );
after changing this line to
$username = $USER_DATAusername?; . (!strpos($USER_DATAusername?, '@') ? '@'.$USER_DATAmail_host? : );
(commented the additional domain out!!!) rc worked perfectly.
I think it not good to guess the username via adding an additional part. most people have usernames, with have nothing to to with the emailaddresses!!!
PS: please remove this automatism and replace the line with the shorter version!
or do not use the automated generated username for authentication => it's ok, if only you display it
$username seems to be used to get the username somewhere else, but i haven't searched the files yet.
regards kay
(rc is one of the best webmailer...:)
Change History (3)
comment:1 Changed 6 years ago by robinw
comment:2 Changed 5 years ago by seansan
- Cc kaystrobach added
- Milestone set to 0.1.1
- Summary changed from opening Settings caused logout to opening Settings caused logout - patch provided
review in 0.1.1
comment:3 Changed 5 years ago by thomasb
- Milestone changed from 0.1.1 to 0.1-stable
- Resolution set to fixed
- Status changed from new to closed
This is fixed.

Same problem as kaystrobach
Change the var $username, this gets saved into the $_SESSIONusername?.
The only purpose of these lines is to show the title on the settings page.
Lines 30+31 program/steps/settings/func.inc
btw we also skipped the mailhost because we use internal IP's for the mail_hosts and don't want to confuse our users.