6.0.0-beta13
▾
Tasks
New Task
Search
Photos
Wiki
▾
Tickets
New Ticket
Search
dev.horde.org
Toggle Alerts Log
Help
4/11/26
H
istory
A
ttachments
C
omment
W
atch
Download
Comment on [#11570] Session without cookies: Re-login fails
*
Your Email Address
*
Spam protection
Enter the letters below:
\ /.__ __..___..__. >< [__)(__ _/ | | / \[__).__)./__.|__\
Comment
> Hi, > > when using sessions without cookies and having different IP addresses > for the horde installation and the IMAP server, I cannot reuse the > PHP session after a logout. > > I've enabled the "debug" and "debug_raw" option in > imp/config/backends.php so see what's going on. > > This small tweak is applied to the code to log the IMAP password: > --- a/framework/Imap_Client/lib/Horde/Imap/Client/Socket.php > +++ b/framework/Imap_Client/lib/Horde/Imap/Client/Socket.php > @@ -610,7 +610,7 @@ class Horde_Imap_Client_Socket extends > Horde_Imap_Client_Base > new > Horde_Imap_Client_Data_Format_Astring($this->getParam('password')) > )); > $this->_sendLine($cmd, array( > - 'debug' => sprintf('[LOGIN Command - username: %s]', > $this->_params['username']) > + 'debug' => sprintf('[LOGIN Command - username: %s, > password: "%s"]', $this->_params['username'], > $this->getParam('password')) > )); > break; > > > Some more info: > [root@intranator]# grep auth horde/config/conf.php > $conf['auth']['admins'] = array('admin'); > $conf['auth']['checkip'] = true; > $conf['auth']['checkbrowser'] = true; > $conf['auth']['resetpassword'] = true; > $conf['auth']['alternate_login'] = false; > $conf['auth']['redirect_on_logout'] = false; > $conf['auth']['list_users'] = 'list'; > $conf['auth']['params']['hostspec'] = '192.168.122.254'; > $conf['auth']['params']['port'] = 143; > $conf['auth']['params']['secure'] = 'none'; > $conf['auth']['driver'] = 'imap'; > $conf['auth']['params']['count_bad_logins'] = false; > $conf['auth']['params']['login_block'] = false; > $conf['auth']['params']['login_block_count'] = 5; > $conf['auth']['params']['login_block_time'] = 5; > > > > Analyzing at the IMAP debug output, I can see that > "$this->getParam('password')" is empty when trying to reuse the > session ID. > > -> The login screen somehow fails to set the "new" password or some > kind of other magic resets it. When using sessions with cookies, > re-login works fine. > > > Cheers, > Thomas >
Attachment
Watch this ticket
N
ew Ticket
M
y Tickets
S
earch
Q
uery Builder
R
eports
Saved Queries
Open Bugs
Bugs waiting for Feedback
Open Bugs in Releases
Open Enhancements
Enhancements waiting for Feedback
Bugs with Patches
Enhancements with Patches
Release Showstoppers
Stalled Tickets
New Tickets
Horde 5 Showstoppers