Opened 4 years ago
Closed 4 years ago
#1486292 closed Bugs (fixed)
PHP warning when user authentication fails
| Reported by: | duelli | Owned by: | |
|---|---|---|---|
| Priority: | 5 | Milestone: | 0.4-beta |
| Component: | PHP backend | Version: | 0.3.1 |
| Severity: | normal | Keywords: | |
| Cc: |
Description
When user authentication fails, e.g. due to wrong password, the following is listed in the errors logfile.
[11-Nov-2009 16:02:32 +0100]: IMAP Error: Authentication for userXY failed (LOGIN): "a001 NO Authentication failed." (POST /roundcube /?_task=&_action=login) [11-Nov-2009 16:02:32] PHP Warning: Cannot modify header information - headers already sent in /srv/roundcube/program/ include/rcmail.php on line 1066
The PHP warning could be avoided. I think this is due to recently introduced https check.
Change History (9)
comment:1 Changed 4 years ago by alec
- Milestone changed from later to 0.4-beta
comment:2 Changed 4 years ago by alec
comment:3 Changed 4 years ago by duelli
Well, for instance, we also get this error message:
[18-Nov-2009 10:05:22 +0100]: IMAP Error: Empty password (POST /roundcube/?_task=&_action=login) [18-Nov-2009 10:05:22] PHP Warning: Cannot modify header information - headers already sent in /srv/roundcube/program/inc lude/rcmail.php on line 1066
Possibly it is important to mention that we authenticate users against IMAP servers.
(We have a plugin within the authentication process which selects between two IMAP servers according to LDAP determined groups of a user during login.
This plugin would only fail if the user name was invalid, but the error occurs for valid user names and wrong passwords.)
comment:4 Changed 4 years ago by duelli
Due to some temporary connection problem with our IMAP server I also got this new and extended error message which seems to be related to my original post.
[01-Dec-2009 09:51:14 +0100]: IMAP Error: Could not connect to my.server.de at port 143: Verbindungsaufbau abgelehnt (GET /roundcube/?_task=mail&_action=check-recent&_t=1259657473936&_list=1&_remote=1&_=1259657473937&_unlock=1) [01-Dez-2009 09:51:14] PHP Warning: Cannot modify header information - headers already sent in /srv/roundcube/program/include/rcmail.php on line 1066 [01-Dez-2009 09:51:14] PHP Warning: Cannot modify header information - headers already sent in /srv/roundcube/program/include/rcube_json_output.php on line 220
comment:5 Changed 4 years ago by alec
What's your debug_level setting?
comment:6 Changed 4 years ago by duelli
It is $rcmail_config['debug_level'] = 5;
comment:7 Changed 4 years ago by alec
And you know what this means? You set it to send errors to log file and to the browser. This should be used only for debugging. I'm not sure if we should care of this issue. At least we could add headers_sent() check before setcookie in rcmail::setcookie().
comment:8 Changed 4 years ago by duelli
Yeah, you are right. I never had a look before at the HTML code when an authentication failed. Due to debug_level=5, I also had the error message in the HTML code.
I now set debug_level=1 and, of course, the problems are gone!
Possibly it is sufficient if you add a note to the main.inc.php.dist that this combinations of debug levels can cause such problems.
As far as I am concerned you can close this bug as invalid. Sorry for all this mess.
comment:9 Changed 4 years ago by alec
- Resolution set to fixed
- Status changed from new to closed
I've added in [317a7d9f] a check to prevent from this warning.
No warning here. Maybe it's from some plugin?