[Sderby] Anyone fancy a challenge?

Rob Keeling rob at rjkeeling.freeserve.co.uk
Sat Feb 21 11:48:28 GMT 2004 

> >
> > Mike, may well be completely off at a tangent with this! Is the web
server
> > doing the authentication?
> > If so, there is a squirrelmail plug in that auto-authenticates using the
> > username & password supplied  by
> > http auth. Oviously https is required for this!
> >
> > Rob Keeling
> > Network Manager
> > Queen Elizabeth`s Grammar School
>
> Hmm, at the moment I've written some PHP to do the auth.  I'm not sure if
the
> webserver can do auth as it belongs to the hosting company.  If it can,
then
> I guess I just need to figure out how PHP finds the current user as I use
> this in the scripts.  I guess it should be fairly easy?
>
> Thanks,
> Mike.

Mike, the PHP code below takes the Https auth username and password, does a
database lookup,
then checks the number of un-read emails using cyrus imap and the password
the user entered to log in.

You are restricted to basic authentication, meaning https would be a good
idea if this was used anywhere
packets may get sniffed, but it works for us.

Rob


        <?php
        $conn = mysql_connect("dbserver", "systemusers", "systemusers");
        mysql_select_db ("system_users") or die ("Failed to open database");

        $sql = "SELECT * FROM currentusers WHERE UserName =
'".$_SERVER["REMOTE_USER"]."'";

        $result = mysql_query($sql, $conn);
        if (mysql_num_rows($result) > 0)
        {
        echo mysql_result($result,0,"forename")."
".mysql_result($result,0,"midinital")."
".mysql_result($result,0,"surname")." ";
        echo "Your Password expires
".mysql_result($result,0,"PasswordExpirationDate")."<BR></FONT>";
        }

$username = $_SERVER["PHP_AUTH_USER"];
$password = $_SERVER["PHP_AUTH_PW"];

$mbox = imap_open("{mail:143}INBOX", $username, $password, OP_HALFOPEN) or
die("can't connect: " . imap_last_error());

$status = imap_status($mbox, "{mail:143}INBOX", SA_ALL);
if ($status) {
        echo "<strong/>You have " . $status->messages . " email messages, of
which " . $status->unseen . " are unread <br /></STRONG/>\n";
        }
imap_close($mbox);
?>

More information about the Sderby mailing list