This is the response I gave to Shaun Lloyd yesterday. He seemed to be able to get it working:
I gave the tips, he put together the code.
Couple of things, just to make you aware.
1) make sure that:
<input name="_user" size="30" type="hidden" value="username" />
<input name="_pass" size="30" type="hidden" value="password" />
<input name="_host" size="30" type="hidden" value="host" />
are
set with the real username, password, and host. If you don't then you
can't login because it will be sending USERNAME, PASSWORD, and HOST as
actual words to the server. Honestly, this is a security problem
because if you hard-code that information anyone who access that page
will be logged right into that email account. There are ways around
this but it would require a lot of extra coding.
2) make sure you don't have that session ID hard-coded either.
Again, if its not dynamically pulled from roundcube then your app wont
work.
<?php
session_start();
?>
<html>
<head>
<script type="text/javascript"
src="
program/js/common.js"></script>
<script type="text/javascript"
src="
/program/js/app.js"></script>
<script type= "text/javascript">
<!--
var rcmail = new rcube_webmail();
rcmail.set_env('comm_path','
?_auth=<?session_id()?>&_task=mail');
rcmail.set_env('task', 'login');
rcmail.gui_object('message', 'message');
rcmail.gui_object('loginform', 'form');
//-->
</script>
</head>
<body onload="document.form.submit();">
<form name="form" action="./" method="post">
<input type="hidden" name="_auth" value="<?session_id()?>" />
<input name="_action" value="login" type="hidden" />
<input name="_user" size="30" type="hidden" value="USERNAME" />
<input name="_pass" size="30" type="hidden"
value="PASSWORD" />
<input name="_host" size="30" type="hidden" value="HOST" />
</form>
</body>
</html>