With Postgres, has anyone else seen any authentication issues? We had a table that had picked up a NOT NULL constraint (not in the default SQL file) and thus new user inserts were failing. The user was authenticated, though, and granted access to a seemingly random user record (and contacts, and identities). So a user logged in without a user record would be able to easily see contacts and confidential information for other users.
While not a moajor issue since it doesn't seem to happen with the default SQL file, why is there no sanitation or error handling revolving any of the authentication queries? (Roundcube RC2) _______________________________________________ List info: http://lists.roundcube.net/users/
