[RCU] R: autologin from other php page

kaifamm at libero.it kaifamm at libero.it
Tue Mar 6 18:21:12 CET 2012


Hi,

in my previous email I was wrong to write : the autologin plugin  does NOT  
work !!!

Thank you 
Mark



>----Messaggio originale----
>Da: kaifamm at libero.it
>Data: 06/03/2012 17.01
>A: <users at lists.roundcube.net>
>Ogg: [RCU] autologin from other php page
>
>Hi All, 
>
>   it's me again :-) !!!!!!!
>
>I would use roundcube with autologin from another php script. I found the 
>plugin "autologin" but it seems to work.
>This is my php script :
>
><!DOCTYPE html>
><html>
><head>
></head>
><body>
><?
>$_POST['password'] = 'password in clear and in plain text';
>$_SESSION['userpassword'] = strrev(base64_encode('*yourkey*'.$_POST
>['password']));
>?>
><form name="roundcubelogin" action="http://192.168.254.201/roundcube/?
>_task=mail" method="post" target="roundcube">
><input type="hidden" name="_timezone" value="_default_" />
><input type="hidden" name="_task" value="mail" />
><input type="hidden" name="_autologin" value="1" />
><input type="hidden" name="_user" value="mark" />
><input type="hidden" name="_host" value="192.168.254.201:143" />
><input type="hidden" name="_pass" value="<?echo $_SESSION['userpassword']?>" 
>/>
><input type="submit" name="submit" value="SUBMIT" />
></form>
></body>
></html>
>
>The plugin autologin.php :
>
><?php
>
>/**
> * This plugin performs an automatic login if accessed
> * with post Data from other Site an Portal or CMS
> * Based on sample autologon PlugIn
> *
> * @version 0.2
> * @author Eric Appelt (lacri)
> *
> * show into README to install and config
> *
> * changes
> * 0.2 make a little bit secure with base64_encode strrev
> * and a key thats replace after submitting encoded pass data
> *
> */
>
>class autologin extends rcube_plugin
>{
>
>  function init()
>  {
>    $this->add_hook('startup', array($this, 'startup'));
>    $this->add_hook('authenticate', array($this, 'authenticate'));
>  }
>
>  function startup($args)
>  {
>    $rcmail = rcmail::get_instance();
>
>    $autologin = get_input_value('_autologin', RCUBE_INPUT_POST);
>
>    // change action to login
>    if ($args['task'] == 'mail' && empty($args['action']) && empty($_SESSION
>['user_id']) && !empty($autologin)) {
>      $args['action'] = 'login';
>
>      // decode pass, revert and replace key
> 		  $_POST['_pass'] = str_replace('*yourkey*','',base64_decode(strrev
>(get_input_value('_pass', RCUBE_INPUT_POST, true, 'ISO-8859-1'))));
>
>      // set initial cookie without this cookie login is not possible
>      $_COOKIE['roundcube_sessid'] = session_id();
>    }
>    return $args;
>  }
>
>  function authenticate($args)
>  {
>    $autologin = get_input_value('_autologin', RCUBE_INPUT_POST);
>
>    if (!empty($autologin)) {
>      $args['user'] = get_input_value('_user', RCUBE_INPUT_POST);
>      $args['pass'] = get_input_value('_pass', RCUBE_INPUT_POST);
>      $args['host'] = get_input_value('_host', RCUBE_INPUT_POST);
>    }
>    return $args;
>  }
>}
>_______________________________________________
>Roundcube Users mailing list
>users at lists.roundcube.net
>http://lists.roundcube.net/mailman/listinfo/users
>




More information about the users mailing list