Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: PHP Script Auth

  1. #11
    Join Date
    Sep 2007
    Location
    Hoquiam,Wa,USA
    Posts
    59
    Rep Power
    8

    Question Cookie error

    Fairly new at at php but here is what I've done by using your example in a custom login page which I've called index.php
    ----

    ?php
    function zimbraLogin($username, $password, $client)
    {
    // Bring the zimbra server value into this function:
    global $zimbra_server; // In the format: https://yourdomain.com/

    if($client == "")
    $client = "preferred";

    // Attempt login to zimbra server:
    $ch = curl_init();

    $crap = fopen ("/dev/null", "w"); // We don't want to log curl's stderr output - contains passwords...

    curl_setopt($ch, CURLOPT_URL, $zimbra_server);
    curl_setopt($ch, CURLOPT_VERBOSE, 0);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // Stop Curl from validating SSL cert - needed for self-signed...
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($ch, CURLOPT_FAILONERROR, 0);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0); // Allow redirects
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // Return into a variable
    curl_setopt($ch, CURLOPT_TIMEOUT, 0); // Time out setting
    curl_setopt($ch, CURLOPT_HEADER, 1); // Return the headers along with the output...
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_STDERR, $crap);
    curl_setopt($ch, CURLOPT_COOKIE, 'ZM_TEST=true');
    curl_setopt($ch, CURLOPT_REFERER, "$zimbra_server");
    curl_setopt($ch, CURLOPT_POSTFIELDS, "loginOp=login&username=$username&password=$passwo rd&client=$client");

    $result = curl_exec($ch);

    curl_close($ch);
    fclose($crap);

    $values = explode("\n",$result);

    // Search through the headers to find the Location value to pass to the browser:
    foreach($values as $key => $value)
    {
    list($start, $good) = split(':', $value);

    // Found an anamoly where people with cleared cookies have to log in twice...
    // Fix it by taking the auth token out of the cookie and passing it through as a URL
    if($start == "Set-Cookie")
    {
    $newurl = $zimbra_server . "?client=$client&zauthtoken=" . $values[$key];
    header("Location: $newurl");
    die;
    }

    if($start == "Location")
    {
    header($values[$key]);
    die;
    }
    }
    // If we get here that means that no location header was found - most likely incorrect password, zimbra is down, etc.
    return false;
    }

    ?>


    I also have copied the login form into my page which looks like --
    <form action="https://mydomain.com/zimbra/" method="post" name="form1" id="form1">
    <div align="center"> Email Address
    <input name="username" type="text" size="55"/>
    <br />
    Password
    <input name="password" type="password" size="45" />
    <input type="hidden" name="loginOp" value="login"/>
    <input type="hidden" name="client" value="preferred"/>
    <input type="submit" name="Submit" value="Submit"/>
    </div>
    </form>

    If my users clear there cache or have there browser set to remove cookies at when they close there browser they get a cookie error when trying to login. All they need to do is click login again and it works. What have I done wrong in the code?
    Chris Priamos
    Olympic Global Technologies
    http://www.olympicglobal.com

  2. #12
    Join Date
    Nov 2010
    Posts
    2
    Rep Power
    5

    Default

    Quote Originally Posted by chrisp8756 View Post
    Fairly new at at php but here is what I've done by using your example in a custom login page which I've called index.php
    ----

    ?php
    function zimbraLogin($username, $password, $client)
    {
    // Bring the zimbra server value into this function:
    global $zimbra_server; // In the format: https://yourdomain.com/

    if($client == "")
    $client = "preferred";

    // Attempt login to zimbra server:
    $ch = curl_init();

    $crap = fopen ("/dev/null", "w"); // We don't want to log curl's stderr output - contains passwords...

    curl_setopt($ch, CURLOPT_URL, $zimbra_server);
    curl_setopt($ch, CURLOPT_VERBOSE, 0);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // Stop Curl from validating SSL cert - needed for self-signed...
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($ch, CURLOPT_FAILONERROR, 0);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0); // Allow redirects
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // Return into a variable
    curl_setopt($ch, CURLOPT_TIMEOUT, 0); // Time out setting
    curl_setopt($ch, CURLOPT_HEADER, 1); // Return the headers along with the output...
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_STDERR, $crap);
    curl_setopt($ch, CURLOPT_COOKIE, 'ZM_TEST=true');
    curl_setopt($ch, CURLOPT_REFERER, "$zimbra_server");
    curl_setopt($ch, CURLOPT_POSTFIELDS, "loginOp=login&username=$username&password=$passwo rd&client=$client");

    $result = curl_exec($ch);

    curl_close($ch);
    fclose($crap);

    $values = explode("\n",$result);

    // Search through the headers to find the Location value to pass to the browser:
    foreach($values as $key => $value)
    {
    list($start, $good) = split(':', $value);

    // Found an anamoly where people with cleared cookies have to log in twice...
    // Fix it by taking the auth token out of the cookie and passing it through as a URL
    if($start == "Set-Cookie")
    {
    $newurl = $zimbra_server . "?client=$client&zauthtoken=" . $values[$key];
    header("Location: $newurl");
    die;
    }

    if($start == "Location")
    {
    header($values[$key]);
    die;
    }
    }
    // If we get here that means that no location header was found - most likely incorrect password, zimbra is down, etc.
    return false;
    }

    ?>


    I also have copied the login form into my page which looks like --
    <form action="https://mydomain.com/zimbra/" method="post" name="form1" id="form1">
    <div align="center"> Email Address
    <input name="username" type="text" size="55"/>
    <br />
    Password
    <input name="password" type="password" size="45" />
    <input type="hidden" name="loginOp" value="login"/>
    <input type="hidden" name="client" value="preferred"/>
    <input type="submit" name="Submit" value="Submit"/>
    </div>
    </form>

    If my users clear there cache or have there browser set to remove cookies at when they close there browser they get a cookie error when trying to login. All they need to do is click login again and it works. What have I done wrong in the code?
    set cookie in the html page with following name and value
    "ZM_TEST", "true" and it will works. I just figure it out today ))

  3. #13
    Join Date
    Sep 2007
    Location
    Hoquiam,Wa,USA
    Posts
    59
    Rep Power
    8

    Default how to set cookie

    Sorry I'm not sure how to set a cookie in html or even in php. Can you tell me how I can do this?
    Chris Priamos
    Olympic Global Technologies
    http://www.olympicglobal.com

  4. #14
    Join Date
    Sep 2007
    Location
    Hoquiam,Wa,USA
    Posts
    59
    Rep Power
    8

    Default Oops! It appears your browser does not allow cookies. You need to enable cookies in

    I've managed to setup the cookie in my site. But when they close there browser or log out. Then return to login again I get the following error from the zimbra login screen "Oops! It appears your browser does not allow cookies. You need to enable cookies in".


    Any ideas on how I resolve this?

    I'm currently using using this code to set my cookie-

    <?php
    setcookie("ZM_TEST","true",time()+3600 , "/", ".mail.mydomain.com");
    ?>
    Chris Priamos
    Olympic Global Technologies
    http://www.olympicglobal.com

  5. #15
    Join Date
    Nov 2010
    Posts
    2
    Rep Power
    5

    Default

    this is a javascript is use to set the cookie

    function setCookie(name, value, expires, path, domain, secure) {
    document.cookie= name + "=" + escape(value) +
    ((expires) ? "; expires=" + expires.toGMTString() : "") +
    ((path) ? "; path=" + path : "") +
    ((domain) ? "; domain=" + domain : "") +
    ((secure) ? "; secure" : "");
    }

    setCookie("ZM_TEST","true");

  6. #16
    Join Date
    Jul 2011
    Posts
    5
    Rep Power
    4

    Default

    This function dont work anymore.

    Show me a message "Auth necessary".

    More ideias?

  7. #17
    Join Date
    Jul 2010
    Location
    Austria
    Posts
    59
    Rep Power
    5

    Default

    you can use preauth to authenticate from external php script.

  8. #18
    Join Date
    Jul 2011
    Posts
    5
    Rep Power
    4

    Default

    Quote Originally Posted by andy204 View Post
    you can use preauth to authenticate from external php script.
    But preauth not verify the password.

  9. #19
    Join Date
    Jul 2010
    Location
    Austria
    Posts
    59
    Rep Power
    5

    Default

    thats true, but you can verify the password before preauth.

  10. #20
    Join Date
    Jul 2011
    Posts
    5
    Rep Power
    4

    Default

    Quote Originally Posted by andy204 View Post
    thats true, but you can verify the password before preauth.
    How do it?

Similar Threads

  1. Replies: 658
    Last Post: 04-04-2014, 10:01 AM
  2. Simple backup script for OSE version
    By soulskater in forum Administrators
    Replies: 64
    Last Post: 08-03-2011, 08:47 AM
  3. Replies: 8
    Last Post: 11-30-2007, 11:12 AM
  4. Zimbra + Samba LDAP auth problems
    By fajarpri in forum Installation
    Replies: 3
    Last Post: 07-05-2007, 12:39 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •