Fixed problem where username was overwritten with cookie's value in Opera.

Hopefuly the end of the quotemeta problem for usernames and passwords.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@899 7612ce4b-ef26-0410-bec9-ea0150e637f0

diff --git a/src/redirect.php b/src/redirect.php
index 8075f360fa3e80eeac5282b8c2c59cae5088a188..18d96199b2b7a1eb47c525f47e3025e4b9f01c52 100644 (file)
--- a/src/redirect.php
+++ b/src/redirect.php
@@ -29,7 +29,7 @@
 
    session_register ("base_uri");
 
-   if(!isset($username)) {
+   if(!isset($login_username)) {
       exit;
    }
 
@@ -56,10 +56,12 @@
       $key = OneTimePadEncrypt($secretkey, $onetimepad);
       session_register("onetimepad");
       // verify that username and password are correct
-      $imapConnection = sqimap_login($username, quotemeta($key), $imapServerAddress, $imapPort, 0);
+      if ($force_username_lowercase)
+          username = strtolower($login_username);
+      $imapConnection = sqimap_login($login_username, $key, $imapServerAddress, $imapPort, 0);
       sqimap_logout($imapConnection);
 
-      setcookie("username", $username, 0, $base_uri);
+      setcookie("username", $login_username, 0, $base_uri);
       setcookie("key", $key, 0, $base_uri);
       setcookie("logged_in", 1, 0, $base_uri);
       do_hook ("login_verified");