Roundcube login via PHP script
目前正在整合 roundcube 1.0.5 的邮件系统和其他系统,想取消登录过程,发现了这个,先赞一个!
原文地址:http://blog.philippheckel.com/2008/05/16/roundcube-login-via-php-script/
Roundcubeis an AJAX/PHP based e-mail application which is really flexible and easy to use in comparison to other free web based solutions.
For the customer interface ofSilversun, I wanted to use RC as the internal web mail application and therefore had to embed it into my system. To avoid that the customer has to log in twice (customer interface and Roundcube), I had to simulate the login request with a PHP script.
Contents
Updates
A lot has changed over the years. As of now (July 2013), the class does exist for over 5 years. Here’s what happened in this time:
- November 2008: After the comment ofMatias, I reviewed the code and fixed some issues. Now it should work properly even with the newest Roundcube version (0.2-beta). The class file itself contains installation instructions. Please read them carefully.
- March 2009: Just tested the script with version 0.2.1 and it works like a charm, at least for my installation.
- December 2009:Diegojust confirmed (via e-mail) that the script also works for 0.3.1 without modification.
- May 2010: I just tested the scripts with Roundcube 0.4-beta, and it still works without modification. I also added the sectionDebuggingmake it easier to figure out what’s wrong.
- March 2011: AfterAlex’ comment, I adjusted a small part of the script. It should now also work with Roundcube 0.5.1. It now handles the new request token correctly. The pre-0.5.1 script is still available for download here:RoundcubeLogin.pre-0.5.1.class.php(plain text).
- April 2012: I have updated the script again. It now works with 0.7.2. Issues were PHP’s multiple-cookie handling, the sessauth-cookie as well as the user agent checks by RC. The pre-0.6 version is still available for download here:RoundcubeLogin.pre-0.6.class.php(plain text).
- May 2013: According toReznor’s comment, the script still works with 0.9.0.
- July 2013: The class is currently used in theRoundcube ownCloud PluginbyMartin Reinhardt. There have been some issues with the altered version. Make sure to update to the newest version or report bugs here.
- July 2013: After many user issues with SSL-hosted Roundcube installations, I finally got around to fix the SSL issues once and for all. The class now detects whether RC is running with SSL/TLS and set hostname, port and connection type accordingly. If that does not work, you can usesetHostname(),setPort()andsetSSLto adjust these settings to your environment. The old class is still available here:RoundcubeLogin.pre-0.9.2.class.php(plain text).
1. Prepare RC
To perform the Roundcube login via a web site, it is necessary to turn off thecheck_ip/ip_checkoption in themain.inc.phpfile, because our script (= server IP address) will send the login data and pass it to RC instead of the user’s browser (= user IP address).
2. The RoundcubeLogin class
This small class only consists of four functions and it shouldn’t be necessary to modify it in order to get the login to work.
- RoundcubeLogin.class.php(plain text)
Provides the functionality to login, logout and check the login status. - rclogin.php(plain text)
A small script to test if everything works as expected.
The class provides four public methods:
- login($username, $password)
Perform a login to the Roundcube mail system.
Note: If the client is already logged in, the script will re-login the user (logout/login). To prevent this behaviour, use theisLoggedIn()-function.
Returns:TRUEif the login suceeds,FALSEif the user/pass-combination is wrong
Throws: May throw aRoundcubeLoginExceptionif Roundcube sends an unexpected answer (that might happen if a new Roundcube version behaves differently) - isLoggedIn()
Checks whether the client/browser is logged in and has a valid Roundcube session.
Returns:TRUEif the user is logged in,FALSEotherwise.
Throws: May also throw aRoundcubeLoginException(see above). - logout()
Performs a logout on the current Roundcube session.
Returns:TRUEif the logout was a success,FALSEotherwise.
Throws: May also throw aRoundcubeLoginException(see above). - redirect()
Simply redirects to Roundcube. - setHostname($hostname)
Set hostname manually. Note that the hostname must point to the local machine. Itdoes not work for remote machines. - setPort($port)
Set port manually. Uses server port by default (auto detected). - setSSL($enableSSL)
Enable or disable SSL for this connection. This value impacts the connection string forfsockopen(). If enabled, the prefix “ssl://” is attached. IfNULLis set, the value of the$_SERVER['HTTPS']variable is used.
3. Sample usage
The script below demonstrates how the class can be used. If the client is already logged in, it simply redirects the browser to the Roundcube application. If not, it performs a login and then redirects to Roundcube.
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
<?php
include "RoundcubeLogin.class.php";
// Create RC login object.
// Note: The first parameter is the URL-path of the RC inst.,
//NOT the file-system path. Trailing slash REQUIRED.
// e.g. http://host.com/path/to/roundcube/ --> "/path/to/roundcube/"
$rcl = new RoundcubeLogin("/roundcube/", $debug);
// Override hostname, port or SSL-setting if necessary:
// $rcl->setHostname("example.localhost");
// $rcl->setPort(443);
// $rcl->setSSL(true);
try {
// If we are already logged in, simply redirect
if ($rcl->isLoggedIn())
$rcl->redirect();
// If not, try to login and simply redirect on success
$rcl->login("some-email-address", "plain-text-password");
if ($rcl->isLoggedIn())
$rcl->redirect();
// If the login fails, display an error message
die("ERROR: Login failed due to a wrong user/pass combination.");
}
catch (RoundcubeLoginException $ex) {
echo "ERROR: Technical problem, ".$ex->getMessage();
$rcl->dumpDebugStack(); exit;
}
?>
|
4. Debugging
If you’re having problems with theRoundcubeLogin.class.phpclass (plain text) itself, try using therclogin.php-file (plain text) for debugging: open the file in your browser (http://myhost/roundcube/rclogin.php), and take a look at the output. TheRoundcubeLogin-class performs a series of request/response cycles and parses the output to figure out if you’re logged in.
Known issues:
- No Roundcube installation found at ‘…’
This error message is thrown if the path-value in theRoundcubeLoginconstructur was not set correctly. It must be set to the part of the URL that represents the path, e.g. in case of http://myhost/roundcube/ you must create the object like this:PHP1$rcl = new RoundcubeLogin("/roundcube/");- Unable to determine login-status due to technical problems.
This error can occur in the methods login(), logout() and isLoggedIn(). TheRoundcubeLogin-class expects Roundcube to send certain headers in response to the login/logout-requests. If those headers could not be found, this error is thrown. Possible reasons are:- New RC version
- Cookies must be enabled
- ip_check/check_ipoption in themain.inc.phpmust befalse
- Unable to determine the login status. Unable to continue due to technical problems.
This error occurs if the script cannot determine if you are logged in or not, because the returned HTML code neither contains the login-form (= logged out) nor the message DIV (= logged in). This might happen if Roundcube changed the HTML-code.- Test script “rclogin.php” says “400 Bad Request”: When you run the test script you get an error like this:
XHTML1234<h1 id="Bad-Request">Bad Request</h1><p>Your browser sent a request that this server could not understand.<br />Reason: You're speaking plain HTTP to an SSL-enabled server port.<br />Instead use the HTTPS scheme to access this URL, please.The reason for this exception is that the hostname in thefsockopen()has been called without an “ssl://”-prefix. In the class you can fix this by calling$rcl->setSSL(true).
5. I’m open for suggestions
Please feel free to post your comment or suggestions. That’s the only way to ensure that it works with all versions.
优质内容筛选与推荐>>
1、博客园首页推荐算法
2、Kali安装visual box增强版,解决无法全屏的问题.
3、SQL中GROUP BY语句与HAVING语句的使用
4、Flex 4.6 API 离线文档
5、redis数据库安装及主从部署详解
- Unable to determine login-status due to technical problems.