if ($auth_method == "imap") { $imap_address = get_rewritten_email_address($address, $address_rewriting_type); $user_name = get_user_from_email($imap_address); } elseif ($auth_method == "pop3" && empty($routing_domain)) { $user_name = get_user_from_email($address); } elseif ($auth_method == "external") { $user_name = ereg_replace('@.*$', '', $user_name); // FIXME there has to be a better way to do this. It implements the // assumption (valid here) that the LHS of all addresses that need to // be authenticated against is the user name. But some things just didn't // work right until I added this code. } list($authenticated, $email) = auth($user_name, $pwd, $address, $nt_domain); if ($authenticated === true) { if (is_primary_email($email)) { $owner_id = get_email_address_owner(get_email_address_id($email)); $uid = get_user_id($user_name, $email); if ($owner_id != 0 && $owner_id != $uid) { $authenticated = PEAR::raiseError($lang['error_case_mixup_rejected_html']); $logger->warning(sprintf($lang['error_case_mixup_rejected_log'], $email, $address, $user_name, $uid, $owner_id)); } } else { $authenticated = PEAR::raiseError(sprintf($lang['error_link_login_failed'], $email)); $logger->warning(sprintf($lang['error_link_login_failed'], $email)); } } } if ($authenticated === true) { session_start(); session_unset(); // clear any session data
$domain_name = get_user_name($euid); $domain_id = get_domain_id($domain_name); } else { $domain_user = false; $domain_name = ""; $domain_id = ""; } $smarty->assign('domain_user', $domain_user); $smarty->assign('domain_name', $domain_name); $smarty->assign('domain_id', $domain_id); $smarty->assign("euid", $euid); $smarty->assign('super', $super); //verify that the supplied address is valid for the current user if (isset($_GET["addid"])) { $address_id = trim($_GET["addid"]); if (get_email_address_owner($address_id) != $euid) { header("Location: index.php{$sid}"); exit; } } else { if ($domain_user) { $address_id = get_primary_email_id($euid); } else { $address_id = 0; } } $smarty->assign('address_id', $address_id); if (isset($_GET['tab'])) { $smarty->assign('tab', $_GET['tab']); } else { $smarty->assign('tab', 0);
if (isset($_POST["domain"])) { $domain = trim($_POST["domain"]); } else { $domain = ""; } if ($auth_method == "pop3" && !empty($routing_domain) || $auth_method == "ldap" || $auth_method == "exchange" || $auth_method == "sql" || $auth_method == "internal" || $auth_method == "external") { $user_name = $login; $address = ""; } else { $address = $login; $user_name = ""; } list($authenticated, $email) = auth($user_name, $password, $address, $domain); if ($authenticated === true) { $address_id = get_email_address_id($email); $old_owner = get_email_address_owner($address_id); if (!$old_owner) { add_email_address_to_user($euid, $email); } else { transfer_email_address_to_user($old_owner, $euid, $email); } $message = sprintf($lang['text_address_added'], $email); } else { $message = sprintf($lang['text_login_failed'], $login); if (PEAR::isError($authenticated)) { $message .= "<br>" . $authenticated->getMessage(); } } $_SESSION['message'] = $message; header("Location: settings.php{$msid}tab=0"); exit;