You are not logged in.
- Topics: Active | Unanswered
Announcement
Download last stable version of GLPI - What can you do for GLPI ? : Contribute
Pages: 1
Topic closed
#1 2013-04-14 12:30:37
- geoalbi
- Member
- From: Romania
- Registered: 2012-12-18
- Posts: 182
Mailbox authentication in mailcollector.class.php
Authentication using imap_open() in mailcollector.class.php fails when the password contains special characters (had problems with > ).
See patch:
--- a/inc/mailcollector.class.php Thu Mar 14 22:26:56 2013 +0200
+++ b/inc/mailcollector.class.php Sat Apr 13 18:02:12 2013 +0300
@@ -830,7 +830,7 @@
///Connect To the Mail Box
function connect() {
$this->marubox = @imap_open($this->fields['host'], $this->fields['login'],
- Toolbox::decrypt($this->fields['passwd'],GLPIKEY), CL_EXPUNGE);
+ Toolbox::unclean_cross_side_scripting_deep(Toolbox::decrypt($this->fields['passwd'],GLPIKEY)), CL_EXPUNGE);
}
Last edited by geoalbi (2013-04-15 11:28:16)
Offline
#2 2013-04-16 10:32:42
- MoYo
- GLPI - Lead
- From: Poitiers
- Registered: 2004-09-13
- Posts: 14,513
- Website
Re: Mailbox authentication in mailcollector.class.php
Thanks for the report.
I will integrate this patch
MoYo - Julien Dombre - Association INDEPNET
Contribute to GLPI : Support Contribute References Freshmeat
Offline
#3 2013-04-16 10:34:22
- MoYo
- GLPI - Lead
- From: Poitiers
- Registered: 2004-09-13
- Posts: 14,513
- Website
Re: Mailbox authentication in mailcollector.class.php
MoYo - Julien Dombre - Association INDEPNET
Contribute to GLPI : Support Contribute References Freshmeat
Offline
#4 2013-04-16 10:35:58
- MoYo
- GLPI - Lead
- From: Poitiers
- Registered: 2004-09-13
- Posts: 14,513
- Website
Re: Mailbox authentication in mailcollector.class.php
proposed patch : https://forge.indepnet.net/projects/glp … ions/20763
MoYo - Julien Dombre - Association INDEPNET
Contribute to GLPI : Support Contribute References Freshmeat
Offline
Pages: 1
Topic closed