Added encryption of the password before it is stored in a cookie.

[squirrelmail.git] / functions / imap_general.php

diff --git a/functions/imap_general.php b/functions/imap_general.php
index c390e13a7b3b1905e8e5463133f26de551e1cca4..a9682dae314810fa6c1d50bb385a7d36bfd806a5 100755 (executable)
--- a/functions/imap_general.php
+++ b/functions/imap_general.php
@@ -67,11 +67,14 @@
     **  will be displayed.  This function returns the imap connection handle.
     ******************************************************************************/
    function sqimap_login ($username, $password, $imap_server_address, $imap_port, $hide) {
-      global $color, $squirrelmail_language, $HTTP_ACCEPT_LANGUAGE;
+      global $color, $squirrelmail_language, $HTTP_ACCEPT_LANGUAGE, $onetimepad;
 
       $imap_stream = fsockopen ($imap_server_address, $imap_port, &$error_number, &$error_string);
       $server_info = fgets ($imap_stream, 1024);
       
+      // Decrypt the password
+      $password = OneTimePadDecrypt($password, $onetimepad);
+
       // This function can sometimes be called before the check for
       // gettext is done.
       if (!function_exists("_")) {