From 886aafe167bde8b11ea923111d96636394983ffa Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Wed, 24 Aug 2011 04:39:23 -0400
Subject: [PATCH] Don't rely on rcmail->task for session error check; use _REQUEST data instead

---
 index.php |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/index.php b/index.php
index 001e6f5..e5a5ee0 100644
--- a/index.php
+++ b/index.php
@@ -155,7 +155,7 @@
 // not logged in -> show login page
 if (empty($RCMAIL->user->ID)) {
   // log session failures
-  if ($RCMAIL->task != 'login' && $RCMAIL->task != 'logout' && !$session_error && ($sess_id = $_COOKIE[ini_get('session.name')])) {
+  if (!in_array(get_input_value('_task', RCUBE_INPUT_GPC), array('login','logout')) && !$session_error && ($sess_id = $_COOKIE[ini_get('session.name')])) {
     $RCMAIL->session->log("Aborted session " . $sess_id . "; no valid session data found");
     $session_error = true;
   }

--
Gitblit v1.9.1