« previous next »
Pages: [1]

Author Topic: Problem with error message $args['error']  (Read 4124 times)

Offline nixe

  • Newbie
  • *
  • Posts: 2
Problem with error message $args['error']
« on: May 30, 2014, 02:11:12 AM »
We've made our own login plugin, but now we have a problem.
When we check authentication there's mainly two possibilities when you need to give error message, case 1. Username is correct, but password is wrong, case 2. Username and password is wrong

In case 1 Roundcube gives error message "Login failed." that's fine.
But in case 2 Roundcube gives error message "Invalid request! No data was saved.", that's not fine, because you can find out existing accounts that way.

In documentation there's said that when I define $args['abort'] = true I also should define $args['error'] as error message shown. But this doesn't work in version 1.0.1 (don't know others). I've even tried to give error and abort in very beginning of plugin, but not working, always give that Invalid request error.

So my question is, how can I print my own error message while using own login plugin?
Logged

Offline JohnDoh

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 2,856
Re: Problem with error message $args['error']
« Reply #1 on: May 30, 2014, 03:10:30 AM »
I guess you are using the `authenticate` hook in your plugin?

Quote
In case 1 Roundcube gives error message "Login failed." that's fine.
But in case 2 Roundcube gives error message "Invalid request! No data was saved.", that's not fine, because you can find out existing accounts that way.

I think its your plugin doing that, normal behaviour is to get "login failed" for both.

In your plugin are you setting the `valid` arg to false? if so that thats what is doing it, if you set it to true then RC should display your custom error message (or the normal on).

The `valid` arg relates to if the request itself is valid not the data entered.
Logged
Roundcube Plugins: Contextmenu, SpamAssassin Prefs, and moreā€¦

Offline nixe

  • Newbie
  • *
  • Posts: 2
Re: Problem with error message $args['error']
« Reply #2 on: May 30, 2014, 03:40:55 AM »
Quote from: JohnDoh on May 30, 2014, 03:10:30 AM
I guess you are using the `authenticate` hook in your plugin?

I think its your plugin doing that, normal behaviour is to get "login failed" for both.

In your plugin are you setting the `valid` arg to false? if so that thats what is doing it, if you set it to true then RC should display your custom error message (or the normal on).

The `valid` arg relates to if the request itself is valid not the data entered.
You're guessing right, and yes that works. Thanks!  :D
Logged
Pages: [1]
« previous next »