Add ability to show login error from the IMAP server instead of traditional "Unknown user or password incorrect" (thanks to Alain Williams)

config/conf.pl

@@ -495,6 +495,7 @@ $disable_security_tokens = 'false'     if ( !$disable_security_tokens );
 $check_referrer = ''                   if ( !$check_referrer );
 $ask_user_info = 'true'                if ( !$ask_user_info );
 $use_transparent_security_image = 'true' if ( !$use_transparent_security_image );
+$display_imap_login_error = 'false'    if ( !$display_imap_login_error );
 
 if ( $ARGV[0] eq '--install-plugin' ) {
     print "Activating plugin " . $ARGV[1] . "\n";
@@ -727,6 +728,7 @@ while ( ( $command ne "q" ) && ( $command ne "Q" ) && ( $command ne ":q" ) ) {
         print "18. Disable secure forms         : $WHT$disable_security_tokens$NRM\n";
         print "19. Page referal requirement     : $WHT$check_referrer$NRM\n";
         print "20. Security image               : $WHT" . (lc($use_transparent_security_image) eq 'true' ? 'Transparent' : 'Textual') . "$NRM\n";
+        print "21. Display login error from IMAP: $WHT$display_imap_login_error$NRM\n";
         print "\n";
         print "R   Return to Main Menu\n";
     } elsif ( $menu == 5 ) {
@@ -1004,6 +1006,7 @@ while ( ( $command ne "q" ) && ( $command ne "Q" ) && ( $command ne ":q" ) ) {
             elsif ( $command == 18 ) { $disable_security_tokens  = command320(); }
             elsif ( $command == 19 ) { $check_referrer           = command321(); }
             elsif ( $command == 20 ) { $use_transparent_security_image = command322(); }
+            elsif ( $command == 21 ) { $display_imap_login_error = command323(); }
         } elsif ( $menu == 5 ) {
             if ( $command == 1 )     { $use_icons      = commandB3(); }
 #            elsif ( $command == 3 )  { $icon_theme_def = command53(); }
@@ -2879,6 +2882,35 @@ sub command322 {
 
 
 
+# display_imap_login_error (since 1.5.2)
+sub command323 {
+    print "Some IMAP servers return detailed information about why a login is\n";
+    print "being refused (the username or password could be invalid or there\n";
+    print "might be an administrative lock on the account).\n";
+    print "\n";
+    print "Enabling this option will cause SquirrelMail to display login failure\n";
+    print "messages directly from the IMAP server.  When it is disabled, login\n";
+    print "failures are always reported to the user with the traditional \"Unknown\n";
+    print "user or password incorrect.\"\n";
+    print "\n";
+
+    if ( lc($display_imap_login_error) eq 'true' ) {
+        $default_value = "y";
+    } else {
+        $default_value = "n";
+    }
+    print "Display login error messages directly from the IMAP server? (y/n) [$WHT$default_value$NRM]: $WHT";
+    $display_imap_login_error = <STDIN>;
+    if ( ( $display_imap_login_error =~ /^y\n/i ) || ( ( $display_imap_login_error =~ /^\n/ ) && ( $default_value eq "y" ) ) ) {
+        $display_imap_login_error = 'true';
+    } else {
+        $display_imap_login_error = 'false';
+    }
+    return $display_imap_login_error;
+}
+
+
+
 sub command_userThemes {
     print "\nDefine the user themes that you wish to use.  If you have added\n";
     print "a theme of your own, just follow the instructions (?) about\n";
@@ -5194,6 +5226,8 @@ sub save_data {
         print CF "\$use_imap_tls          = $use_imap_tls;\n";
         # boolean
         print CF "\$use_smtp_tls          = $use_smtp_tls;\n";
+        # boolean
+        print CF "\$display_imap_login_error = $display_imap_login_error;\n";
         # string
         print CF "\$session_name          = '$session_name';\n";
         # boolean

config/config_default.php

@@ -298,6 +298,15 @@ $smtp_sitewide_pass = '';
  */
 $imap_auth_mech = 'login';
 
+/**
+ * Show login error from the IMAP server (true) or show
+ * the traditional/generic "Unknown user or password
+ * incorrect" (false)?
+ *
+ * @global boolean $display_imap_login_error
+ */
+$display_imap_login_error = false;
+
 /**
  * IMAP folder delimiter
  *

doc/ChangeLog

@@ -354,9 +354,9 @@ Version 1.5.2 - SVN
     attachment MIME type.
   - Fixed sqauth_read_password() for plugins on the login_verified hook.
   - Forced addition of a file suffix to attachments that lack a filename
-    (helps forwarded messages avoid spam filters) (Thanks to Petr
+    (helps forwarded messages avoid spam filters) (thanks to Petr
     Kletecka) (#3139004).
-  - Added smtp_authenticate hook (Thanks to Emmanuel Dreyfus).
+  - Added smtp_authenticate hook (thanks to Emmanuel Dreyfus).
   - Allow administrators to configure subfolders of user INBOXes to be
     treated as special folders by adding $subfolders_of_inbox_are_special
     to config_local.php.
@@ -384,9 +384,14 @@ Version 1.5.2 - SVN
   - Full date and time is used as "title" (mouseover) text for dates
     shown on the message list screen
   - Added advanced control over the SSL context used when connecting
-    to the SMTP and IMAP servers over SSL/TLS (Thanks to Emmanuel
+    to the SMTP and IMAP servers over SSL/TLS (thanks to Emmanuel
     Dreyfus).  See $imapSslOptions and $smtpSslOptions in
     config_local.example.php for more information.
+  - Added ability to show login error from the IMAP server instead of
+    traditional "Unknown user or password incorrect" (thanks to Alain
+    Williams).  See $display_imap_login_error in the configuration
+    file or "4.  General Options ==> 21. Display login error from IMAP" 
+    in the configuration tool.
 
 Version 1.5.1 (branched on 2006-02-12)
 --------------------------------------

functions/imap_general.php

@@ -821,7 +821,7 @@ function sqimap_create_stream($server,$port,$tls=0,$ssl_options=array()) {
 function sqimap_login ($username, $password, $imap_server_address,
                        $imap_port, $hide, $ssl_options=array()) {
     global $color, $squirrelmail_language, $onetimepad, $use_imap_tls,
-           $imap_auth_mech, $sqimap_capabilities;
+           $imap_auth_mech, $sqimap_capabilities, $display_imap_login_error;
 
     // Note/TODO: This hack grabs the $authz argument from the session. In the short future,
     // a new argument in function sqimap_login() will be used instead.
@@ -996,8 +996,30 @@ function sqimap_login ($username, $password, $imap_server_address,
 
                 /* terminate the session nicely */
                 sqimap_logout($imap_stream);
-                if ($hide == 3) return _("Unknown user or password incorrect.");
-                logout_error( _("Unknown user or password incorrect.") );
+
+                // determine what error message to use
+                //
+                $fail_msg = _("Unknown user or password incorrect.");
+                if ($display_imap_login_error) {
+                    // See if there is an error message from the server
+                    // Skip any rfc5530 response code: '[something]' at the
+                    // start of the message
+                    if (!empty($message)
+                     && $message{0} == '['
+                     && ($end = strstr($message, ']'))
+                     && $end != ']') {
+                        $message = substr($end, 1);
+                    }
+                    // Remove surrounding spaces and if there
+                    // is anything left, display that as the
+                    // error message:
+                    $message = trim($message);
+                    if (strlen($message))
+                        $fail_msg = _($message);
+                }
+
+                if ($hide == 3) return $fail_msg;
+                logout_error($fail_msg);
                 exit;
             }
         } else {

plugins/administrator/defines.php

@@ -296,6 +296,9 @@ $defcfg = array( '$config_version' => array( 'name' => _("Config File Version"),
                  '$use_transparent_security_image' => array( 'name' => _("Use transparent security image"),
                                           'type' => SMOPT_TYPE_BOOLEAN,
                                           'default' => true ),
+                 '$display_imap_login_error' => array( 'name' => _("Show login error message directly from IMAP server instead of generic one"),
+                                          'type' => SMOPT_TYPE_BOOLEAN,
+                                          'default' => false ),
                  /* --------------------------------------------------------*/
                  'Group5' => array( 'name' => _("Message of the Day"),
                                     'type' => SMOPT_TYPE_TITLE ),