X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=program%2Finclude%2Frcmail.php;h=4aa95a0ded775d39a0aae422165e700fbddc8e9d;hb=511160353722ebec8c258ddd6fa963ec8851eede;hp=cbfb884af307490c75bc1b6ff6c9f8136a4f7df5;hpb=4212156c5c79d2f58342feb0d3ed1893f177bcab;p=roundcube.git

diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index cbfb884..4aa95a0 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -15,7 +15,7 @@
  | Author: Thomas Bruederli <roundcube@gmail.com>                        |
  +-----------------------------------------------------------------------+
 
- $Id: rcmail.php 4396 2011-01-06 12:41:16Z thomasb $
+ $Id: rcmail.php 4626 2011-03-31 12:32:44Z alec $
 
 */
 
@@ -673,9 +673,9 @@ class rcmail
     // Check if we need to add domain
     if (!empty($config['username_domain']) && strpos($username, '@') === false) {
       if (is_array($config['username_domain']) && isset($config['username_domain'][$host]))
-        $username .= '@'.rcube_parse_host($config['username_domain'][$host]);
+        $username .= '@'.rcube_parse_host($config['username_domain'][$host], $host);
       else if (is_string($config['username_domain']))
-        $username .= '@'.rcube_parse_host($config['username_domain']);
+        $username .= '@'.rcube_parse_host($config['username_domain'], $host);
     }
 
     // Convert username to lowercase. If IMAP backend
@@ -691,12 +691,12 @@ class rcmail
 
     // Here we need IDNA ASCII
     // Only rcube_contacts class is using domain names in Unicode
-    $host = idn_to_ascii($host);
+    $host = rcube_idn_to_ascii($host);
     if (strpos($username, '@')) {
       // lowercase domain name
       list($local, $domain) = explode('@', $username);
       $username = $local . '@' . mb_strtolower($domain);
-      $username = idn_to_ascii($username);
+      $username = rcube_idn_to_ascii($username);
     }
 
     // user already registered -> overwrite username
@@ -1071,9 +1071,6 @@ class rcmail
    */
   public function shutdown()
   {
-    if (is_object($this->imap))
-      $this->imap->close();
-
     if (is_object($this->smtp))
       $this->smtp->disconnect();
 
@@ -1108,12 +1105,9 @@ class rcmail
    */
   public function get_request_token()
   {
-    $key = $this->task;
-
-    if (!$_SESSION['request_tokens'][$key])
-      $_SESSION['request_tokens'][$key] = md5(uniqid($key . mt_rand(), true));
-
-    return $_SESSION['request_tokens'][$key];
+    $sess_id = $_COOKIE[ini_get('session.name')];
+    if (!$sess_id) $sess_id = session_id();
+    return md5('RT' . $this->task . $this->config->get('des_key') . $sess_id);
   }
 
 
@@ -1126,7 +1120,8 @@ class rcmail
   public function check_request($mode = RCUBE_INPUT_POST)
   {
     $token = get_input_value('_token', $mode);
-    return !empty($token) && $_SESSION['request_tokens'][$this->task] == $token;
+    $sess_id = $_COOKIE[ini_get('session.name')];
+    return !empty($sess_id) && $token == $this->get_request_token();
   }
 
 
@@ -1198,6 +1193,9 @@ class rcmail
       }
     }
 
+    if (is_object($this->imap))
+      $this->imap->close();
+
     return $base64 ? base64_encode($cipher) : $cipher;
   }