Fix password/username retrieval from session data

diff --git a/imp/lib/Compose.php b/imp/lib/Compose.php
index cf18add..d84442f 100644 (file)
--- a/imp/lib/Compose.php
+++ b/imp/lib/Compose.php
@@ -691,8 +691,8 @@ class IMP_Compose
          * current IMAP / POP3 connection are valid for SMTP authentication as
          * well. */
         if (!empty($params['auth']) && empty($params['username'])) {
-            $params['username'] = $_SESSION['imp']['user'];
-            $params['password'] = Horde_Secret::read(IMP::getAuthKey(), $_SESSION['imp']['pass']);
+            $params['username'] = $GLOBALS['imp_imap']->ob->getParam('username');
+            $params['password'] = $GLOBALS['imp_imap']->ob->getParam('password');
         }
 
         return array('driver' => $GLOBALS['conf']['mailer']['type'], 'params' => $params);

diff --git a/imp/redirect.php b/imp/redirect.php
index cbeba13..5daf5e7 100644 (file)
--- a/imp/redirect.php
+++ b/imp/redirect.php
@@ -114,8 +114,7 @@ if (isset($_SESSION['imp']) && is_array($_SESSION['imp'])) {
     /* Make sure that if a username was specified, it is the current
      * username. */
     if ((!is_null($imapuser) && ($imapuser != $_SESSION['imp']['user'])) ||
-        (!is_null($pass) && ($pass != Horde_Secret::read(IMP::getAuthKey(), $_SESSION['imp']['pass'])))) {
-
+        (!is_null($pass) && ($pass != $GLOBALS['imp_imap']->ob->getParam('password')))) {
         /* Disable the old session. */
         unset($_SESSION['imp']);
         _redirect(Auth::addLogoutParameters(IMP::logoutUrl(), AUTH_REASON_FAILED));