githubFork/roundcubemail.git

			@@ -34,8 +34,9 @@
			$db = $rcmail->get_dbh();
			}

			if ($err = $db->is_error())
			if ($db->is_error()) {
			return PASSWORD_ERROR;
			}

			// crypted password
			if (strpos($sql, '%c') !== FALSE) {
			@@ -59,8 +60,10 @@
			$len = 2;
			break;
			case 'blowfish':
			$len = 22;
			$salt_hashindicator = '$2a$';
			$cost = (int) $rcmail->config->get('password_blowfish_cost');
			$cost = $cost < 4 \|\| $cost > 31 ? 12 : $cost;
			$len = 22;
			$salt_hashindicator = sprintf('$2a$%02d$', $cost);
			break;
			case 'sha256':
			$len = 16;
			@@ -117,7 +120,7 @@
			// hashed passwords
			if (preg_match('/%[n\|q]/', $sql)) {
			if (!extension_loaded('hash')) {
			raise_error(array(
			rcube::raise_error(array(
			'code' => 600,
			'type' => 'php',
			'file' => __FILE__, 'line' => __LINE__,
			@@ -164,14 +167,14 @@

			// convert domains to/from punnycode
			if ($rcmail->config->get('password_idn_ascii')) {
			$domain_part = rcube_idn_to_ascii($domain_part);
			$username = rcube_idn_to_ascii($username);
			$host = rcube_idn_to_ascii($host);
			$domain_part = rcube_utils::idn_to_ascii($domain_part);
			$username = rcube_utils::idn_to_ascii($username);
			$host = rcube_utils::idn_to_ascii($host);
			}
			else {
			$domain_part = rcube_idn_to_utf8($domain_part);
			$username = rcube_idn_to_utf8($username);
			$host = rcube_idn_to_utf8($host);
			$domain_part = rcube_utils::idn_to_utf8($domain_part);
			$username = rcube_utils::idn_to_utf8($username);
			$host = rcube_utils::idn_to_utf8($host);
			}

			// at least we should always have the local part
			@@ -183,8 +186,8 @@
			$res = $db->query($sql, $sql_vars);

			if (!$db->is_error()) {
			if (strtolower(substr(trim($query),0,6))=='select') {
			if ($result = $db->fetch_array($res))
			if (strtolower(substr(trim($sql),0,6)) == 'select') {
			if ($db->fetch_array($res))
			return PASSWORD_SUCCESS;
			} else {
			// This is the good case: 1 row updated