Opened 4 years ago
Closed 4 years ago
#1486118 closed Bugs (invalid)
Bug & solution in password plugin
| Reported by: | levente.csabai | Owned by: | |
|---|---|---|---|
| Priority: | 5 | Milestone: | later |
| Component: | Plugins | Version: | 0.3-stable |
| Severity: | normal | Keywords: | password plugin |
| Cc: |
Description
The bug:
In /plugins/password/config.inc.php the comment says:
// %d is replaced with the domain part of the username // (in case the username is an email address)
If I create a query (for Postfix):
$rcmail_config['password_query'] = 'UPDATE mailbox SET password=%p WHERE username=%u AND password=%o AND domain=%d LIMIT 1';
the domain will be the username's local part:
UPDATE mailbox SET password=asdasd WHERE username=user@domain.com AND password=qweqwe AND domain=user LIMIT 1
The solution:
In /plugins/password/drivers/sql.php replace this line (line 84):
$sql = str_replace('%d', $db->quote($user_info[0], 'text'), $sql);
to this:
$sql = str_replace('%d', $db->quote($user_info[1], 'text'), $sql);
because the second part of the username (after the @) is the domain part.
Change History (1)
comment:1 Changed 4 years ago by netbit
- Resolution set to invalid
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
This bug was fixed some days ago in [3dd90d32]. Please update your RC to latest version from trunk (http://trac.roundcube.net/changeset/latest/trunk/?old_path=%2F&format=zip).
Thank you.