]> git.donarmstrong.com Git - roundcube.git/blobdiff - program/include/rcmail.php
projects / roundcube.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Imported Debian patch 0.5.2+dfsg-1
[roundcube.git] / program / include / rcmail.php
diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index cbfb884af307490c75bc1b6ff6c9f8136a4f7df5..4aa95a0ded775d39a0aae422165e700fbddc8e9d 100644 (file)
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -15,7 +15,7 @@
  | Author: Thomas Bruederli <roundcube@gmail.com>                        |
  +-----------------------------------------------------------------------+
 
- $Id: rcmail.php 4396 2011-01-06 12:41:16Z thomasb $
+ $Id: rcmail.php 4626 2011-03-31 12:32:44Z alec $
 
 */
 
@@ -673,9 +673,9 @@ class rcmail
     // Check if we need to add domain
     if (!empty($config['username_domain']) && strpos($username, '@') === false) {
       if (is_array($config['username_domain']) && isset($config['username_domain'][$host]))
-        $username .= '@'.rcube_parse_host($config['username_domain'][$host]);
+        $username .= '@'.rcube_parse_host($config['username_domain'][$host], $host);
       else if (is_string($config['username_domain']))
-        $username .= '@'.rcube_parse_host($config['username_domain']);
+        $username .= '@'.rcube_parse_host($config['username_domain'], $host);
     }
 
     // Convert username to lowercase. If IMAP backend
@@ -691,12 +691,12 @@ class rcmail
 
     // Here we need IDNA ASCII
     // Only rcube_contacts class is using domain names in Unicode
-    $host = idn_to_ascii($host);
+    $host = rcube_idn_to_ascii($host);
     if (strpos($username, '@')) {
       // lowercase domain name
       list($local, $domain) = explode('@', $username);
       $username = $local . '@' . mb_strtolower($domain);
-      $username = idn_to_ascii($username);
+      $username = rcube_idn_to_ascii($username);
     }
 
     // user already registered -> overwrite username
@@ -1071,9 +1071,6 @@ class rcmail
    */
   public function shutdown()
   {
-    if (is_object($this->imap))
-      $this->imap->close();
-
     if (is_object($this->smtp))
       $this->smtp->disconnect();
 
@@ -1108,12 +1105,9 @@ class rcmail
    */
   public function get_request_token()
   {
-    $key = $this->task;
-
-    if (!$_SESSION['request_tokens'][$key])
-      $_SESSION['request_tokens'][$key] = md5(uniqid($key . mt_rand(), true));
-
-    return $_SESSION['request_tokens'][$key];
+    $sess_id = $_COOKIE[ini_get('session.name')];
+    if (!$sess_id) $sess_id = session_id();
+    return md5('RT' . $this->task . $this->config->get('des_key') . $sess_id);
   }
 
 
@@ -1126,7 +1120,8 @@ class rcmail
   public function check_request($mode = RCUBE_INPUT_POST)
   {
     $token = get_input_value('_token', $mode);
-    return !empty($token) && $_SESSION['request_tokens'][$this->task] == $token;
+    $sess_id = $_COOKIE[ini_get('session.name')];
+    return !empty($sess_id) && $token == $this->get_request_token();
   }
 
 
@@ -1198,6 +1193,9 @@ class rcmail
       }
     }
 
+    if (is_object($this->imap))
+      $this->imap->close();
+
     return $base64 ? base64_encode($cipher) : $cipher;
   }
 
Roundcube Debian Packaging