Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 1.3.8

Bug #2663 Return value of _cmdApop not properly checked on _cmdAuthenticate
Submitted: 2004-11-01 17:08 UTC
From: bogart at ee dot upatras dot gr Assigned: damian
Status: Closed Package: Net_POP3
PHP Version: 4.3.9 OS: solaris
Roadmaps: (Not assigned)    

 [2004-11-01 17:08 UTC] bogart at ee dot upatras dot gr
Description: ------------ Net_PHP version 1.3.3 installed from, patched for bug #2523 On _cmdAuthenticate, the return value of _cmdApop is compared to "false". In case the server does not support APOP, it will not fallback to _authUSER as expected (the if statement is never taken). Reproduce code: --------------- require_once 'Net/POP3.php'; $pop3 =& new Net_POP3(); $pop3->setDebug(true); $ret = $pop3->connect('mymailserver', 110); $ret = $pop3->login('validlogin', 'validpass', false); if ( !PEAR::isError($ret) ) { echo "Success\n"; } else { echo "Failure\n"; } Tried on a non-public (sorry!) qmail server, which does not support APOP. Expected result: ---------------- S:+OK POP3 mymailserver server ready C: CAPA S:-ERR Unknown AUTHORIZATION state command C: USER validlogin S:+OK User name accepted, password please C: PASS validpass S:+OK Mailbox open, 1 messages Success A solution (may be wrong at all, but worked for me): change at about line 407 if($result===false){ to: if ( PEAR::isError( $result ) ) { Another solution (using an undocumented feature: the third parameter of login is assumed to be boolean but in the code is used as string): In the reproduce code, change: $ret = $pop3->login('validlogin', 'validpass', false); to: $ret = $pop3->login('validlogin', 'validpass', "USER"); Actual result: -------------- Failure


 [2004-12-05 16:47 UTC] damian
I'll fix in the next release, also I updated the documentation of login's method about the 3th parameter.
 [2005-02-02 15:54 UTC] damian
Thank you for your bug report. This issue has been fixed in the latest released version of the package, which you can download at
 [2005-02-22 07:14 UTC] hiroaki dot kawai at gmail dot com
damianm, I have a question about the updated document. Where can I get the documentation? With the current release 1.3.5 doesn't work for me. _getBestAuthMethod($user , $pass , False) returns False, not "USER" at the line 351. Should I set the 3rd param of login() 'USER' string? This will break backward compatibility.
 [2005-02-22 07:17 UTC] hiroaki dot kawai at gmail dot com
I could not figure out how to reopen this ticket, so forgive me to duplicate this bug ...