From: Michael M Slusarz <slusarz@curecanti.org>
Date: Tue, 17 Mar 2009 19:18:23 +0000 (-0600)
Subject: Fix password/username retrieval from session data
X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=82b4d442c72f5c37051ad33f4c3afa0a07365e81;p=horde.git

Fix password/username retrieval from session data
---

diff --git a/imp/lib/Compose.php b/imp/lib/Compose.php
index cf18add65..d84442f7d 100644
--- a/imp/lib/Compose.php
+++ b/imp/lib/Compose.php
@@ -691,8 +691,8 @@ class IMP_Compose
          * current IMAP / POP3 connection are valid for SMTP authentication as
          * well. */
         if (!empty($params['auth']) && empty($params['username'])) {
-            $params['username'] = $_SESSION['imp']['user'];
-            $params['password'] = Horde_Secret::read(IMP::getAuthKey(), $_SESSION['imp']['pass']);
+            $params['username'] = $GLOBALS['imp_imap']->ob->getParam('username');
+            $params['password'] = $GLOBALS['imp_imap']->ob->getParam('password');
         }
 
         return array('driver' => $GLOBALS['conf']['mailer']['type'], 'params' => $params);
diff --git a/imp/redirect.php b/imp/redirect.php
index cbeba13f7..5daf5e7d1 100644
--- a/imp/redirect.php
+++ b/imp/redirect.php
@@ -114,8 +114,7 @@ if (isset($_SESSION['imp']) && is_array($_SESSION['imp'])) {
     /* Make sure that if a username was specified, it is the current
      * username. */
     if ((!is_null($imapuser) && ($imapuser != $_SESSION['imp']['user'])) ||
-        (!is_null($pass) && ($pass != Horde_Secret::read(IMP::getAuthKey(), $_SESSION['imp']['pass'])))) {
-
+        (!is_null($pass) && ($pass != $GLOBALS['imp_imap']->ob->getParam('password')))) {
         /* Disable the old session. */
         unset($_SESSION['imp']);
         _redirect(Auth::addLogoutParameters(IMP::logoutUrl(), AUTH_REASON_FAILED));