You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Nov 14, 2018. It is now read-only.
login form should prevent user from logging-in when input contains '@'
(it used to work correctly before)
Actual behaviour
user is logged-in and actually a new user is created (different from the user without @Domain) - see this bug thread: #2219
Steps to reproduce
I've been having this modification of the imap.php file since 2016:
public function checkPassword($uid, $password) {
if (!function_exists('imap_open')) {
OCP\Util::writeLog('user_external', 'ERROR: PHP imap extension is not installed', OCP\Util::ERROR);
return false;
}
$mbox = @imap_open($this->mailbox, $uid, $password, OP_HALFOPEN, 1);
imap_errors();
imap_alerts();
if($mbox !== FALSE) {
imap_close($mbox);
$uid = mb_strtolower($uid);
$this->storeUser($uid);
/* START added/edited by crysman 2016-05-09 ...*/
//protection against whole e-mail input:
if( stripos($uid, "@") == false ) {
$this->storeUser($uid);
} else {
return false;
}
$config = \OC::$server->getConfig();
//Set default quota:
if($config->getUserValue($uid, 'files', 'quota') === null) {
$config->setUserValue($uid, 'files', 'quota', '333 MB');
}
//Set the IMAP user's email to their login:
$config->setUserValue( $uid, 'settings', 'email', $uid.'@mydomain.cz');
//Add a new user automatically to "SomeFantasticGroup" group:
$user = \OC::$server->getUserSession()->getUser();
if($user !== null) {
$group = \OC::$server->getGroupManager()->get('SomeFantasticGroup');
if(!$group->inGroup($user)) {
$group->addUser($user);
}
}
/* END crysman*/
return $uid;
}else{
return false;
}
}
recently it has stopped working (I do not know since when exactly) - why? As you can see, the piece of code after //protection against whole e-mail input: should prevent the user from logging. How to modify it to make it work again? Thank you.
Server configuration
Operating system:
Debian 8
Web server:
apache2
Database:
mysql
PHP version:
5.6.30
ownCloud version:
9.1.6
Affected apps
user_external
Expected behaviour
login form should prevent user from logging-in when input contains '@'
(it used to work correctly before)
Actual behaviour
user is logged-in and actually a new user is created (different from the user without @Domain) - see this bug thread: #2219
Steps to reproduce
I've been having this modification of the
imap.phpfile since 2016:recently it has stopped working (I do not know since when exactly) - why? As you can see, the piece of code after
//protection against whole e-mail input:should prevent the user from logging.How to modify it to make it work again? Thank you.
Server configuration
Operating system:
Debian 8
Web server:
apache2
Database:
mysql
PHP version:
5.6.30
ownCloud version:
9.1.6