Author Topic: IMAP Error: Invalid password in on line 0  (Read 3507 times)

Offline adalle

  • Newbie
  • *
  • Posts: 9
IMAP Error: Invalid password in on line 0
« on: December 06, 2007, 04:28:55 PM »
I have a version of Roundcube that I believe I pulled from CVS/SVN in October 2006 - that works quite well.

I'm trying to upgrade to RC2 and I'm receiving the above error on login. I found the code producing it, and it looks like what is happening is the user/password form data isn't making it to that part of the code:

program/lib/imap.inc:
    //check input
    if (empty($host)) $iil_error .= "Invalid host\n";
    if (empty($user)) $iil_error .= "Invalid user\n";
    if (empty($password)) $iil_error .= "Invalid password\n";
    if (!empty($iil_error)) return false;
    if (!$ICL_PORT) $ICL_PORT = 143;

It looks like theres a blank between "password in" and "on line 0" .. I assume this is where it is failing in any case, I didn't find the text "Invalid password" elsewhere. It is definitely not getting as far as connecting to the IMAP server.

I think it must be something about my PHP5 and/or Apache2 environment that isn't playing well with Roundcube. Should I post the results of my phpinfo(); ? I couldn't find anything about recommended/required or conflicting options/modules so, not sure what to check for!

Offline adalle

  • Newbie
  • *
  • Posts: 9
Re: IMAP Error: Invalid password in on line 0
« Reply #1 on: December 07, 2007, 02:48:55 PM »
I was able to track the problem back to this:

 else if ($_SESSION['temp'] && !empty($_POST['_user']) && isset($_POST['_pass']) &&
      rcmail_login(get_input_value('_user', RCUBE_INPUT_POST),
       get_input_value('_pass', RCUBE_INPUT_POST, true, 'ISO-8859-1'), $host))
 {


The get_input_value is actually not getting the input for the password. It looks like its a charset conversion issue. If I set the charset to a blank string, it works.

Now, is there a good reason for doing this charset conversion? More to the point, is there any security concern with regards to evading it?