It's bit more complicated than that. Actually you have to do what index.php of RoundCube does on the first couple of lines:
$INSTALL_PATH = './';
ini_set('session.name', 'sessid'); ini_set('session.use_cookies', 1);
// include base files // ! make sure the include path is set correctly ! require_once('include/rcube_shared.inc'); require_once('include/rcube_imap.inc'); require_once('include/bugs.inc'); require_once('include/main.inc'); require_once('PEAR.php');
// start roundcube session // this will set the session cookie and define $sess_auth rcmail_startup('dummy');
// print the hidden field with the valid authorization hash // to your page printf('<input type="hidden" name="_auth" value="%s" />', $sess_auth);
I know that this is not a very nice way and I think we will create some API to open a RoundCube session and optain a valid authorization hash form the RoundCube server.
Good luck! Thomas
P.S. The code above is untested.
Jared W. Alessandroni wrote:
Question:
I'm trying to create my own out-of-directory script for logging into RC. I tried it myself, and then with the info from
http://lists.dorkzilla.org/archive/roundcube-dev/2005Dec/1352.html
and still haven't been able to get it.
My page does this...
<?php start_session(); ?>
<html head and stuff>
<script type="text/javascript" src="/path-to-roundcube/program/js/common.js"></script>
<script type="text/javascript" src="/path-to-roundcube/program/js/app.js"></script>
<script type="text/javascript"> <!-- var rcmail = new rcube_webmail(); rcmail.set_env('comm_path', '/path-to-roundcube/?_auth=<?php print session_id(); ?>&_task=mail'); rcmail.display_message('Read below to learn more about our two development Webmail projects.'); rcmail.set_env('task', 'login'); rcmail.gui_object('message', 'message'); rcmail.gui_object('loginform', 'form'); //--> </script>
Then a login form with the hidden (as well as the _user, _pass variable as text entry)
<input type="hidden" name="_auth" value="<?php print session_id(); ?>" /> <input name="_action" value="login" type="hidden" />
The form worked when I first copied it, not thinking about session variables or anything, when that session variable was still active, so I'm confident that the issue is that the $_auth is not being set with the JS - please let me know any thoughts you might have 'cause this is the only thing stopping this baby from going live.
Thanks!
J-dawg