Could one of the gurus please help?<br /><br />I am setting up a web site which will have a members only section. The members are required to log in to enter this section. The members are issued a generic password and then once logged in they have a link to allow them to change thier password. Each member has his/her own mailbox.<br /><br />I need to accomplish two things.<br /><br />The first would be direct login to a meil client without reentering login information. I notice while in cpanel that neither a user ID or password is required. Is this information stored in a session variable or a cookie?<br /><br />The second would be the ability to change the password for a mail client when a member changes his password for site access. It appears that the change password form for the email clients use a simple form that goes to a php page. Best guess would be the information is sent via POST, I know how to redirect the user to a page using the header(), but am not sure how to send the post information as if a form had been submitted!<br /><br />Any suggestions or comments would be greatly appreciated.<br /><br />Byron Thomas<br />7th District Fire Department<br />www.7thdistrictfd.org<!--content-->
Hi Bryon, welcome to the forums <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/smile.gif" style="vertical-align:middle" emoid="
" border="0" alt="smile.gif" /> <br /><br />will the standard yourtchdomainname.com/webmail do? You can change the password there, and you can log directly in.<!--content-->
Welcome to the forums Bryon <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/smile.gif" style="vertical-align:middle" emoid="" border="0" alt="smile.gif" /><!--content-->
<!--quoteo(post=203717:date=Apr 5 2007, 06:34 PM:name=TCH-Andy)--><div class='quotetop'>QUOTE(TCH-Andy @ Apr 5 2007, 06:34 PM) <a href="http://www.totalchoicehosting.com/forums/index.php?act=findpost&pid=203717"><img src='http://www.totalchoicehosting.com/forums/style_images/1/post_snapback.gif' alt='*' border='0' /></a></div><div class='quotemain'><!--quotec-->Hi Bryon, welcome to the forums <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/smile.gif" style="vertical-align:middle" emoid="" border="0" alt="smile.gif" /> <br /><br />will the standard yourtchdomainname.com/webmail do? You can change the password there, and you can log directly in.<!--QuoteEnd--></div><!--QuoteEEnd--><br /><br /><br />Hello Andy,<br /><br />yes I plan to use horde or squirrel mail form tch.<br />What part of my first post did I fail to communicate plainly enough.<br /><br />I neither want my end user to have to log into either e-mail client, as they will already be logged into my domain and a user object will already be created and stored in a session variable.<br />Once logged into cpanel my admin user Id and password are not required to log into my mail box.<br />The login dialog box for either is bypassed, there is a way to do this same proceedure for any/all of my members having mail boxes.<br /><br /><br />I also do not want my end user to have to set a password twice, once for the purpose of logging in to my members section, and the second for access to their mail box.<br /><br />Would I do better to contact Horde or Squirrel mail directly?<!--content-->
Thanks, I understand a little better what you are after now (it was late last night for me, that's my excuse for being slow <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/wink.gif" style="vertical-align:middle" emoid="" border="0" alt="wink.gif" /> ) <br /><br />How much into the code do you want to get ? <br /><br /><!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->"https://" + username + "+domain:" + password + "@" + domain + ":2096/horde/index.php"<!--c2--></div><!--ec2--><br /><br />Should get you in, but I think you will still get the language choice page that way. (You can do the same on sqmail - which may be easier, as you don't get the language request then).<!--content-->
The password is stored in <br /><br />/home/username/etc/domain/shadow <br /><br />So you should be able to change it there. I'll try and have a look later which crypt method it uses <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/wink.gif" style="vertical-align:middle" emoid="" border="0" alt="wink.gif" /><!--content-->
Hello again Andy;<br /><br />Examined your proposed solution, did not like the idea of having the password visible in the link.<br />( I constructed the anchor link as described in your post, showed both user name and password in the status bar of the browser. All our members have access to a common computer so if someone is looking over your shoulder then your password could be compromised.<br />Guess I could use a webmail handler page to hide all the details.<br />I cannot view the source code for the Authenticicate dialog box, but see that the action for the cpanel login form = "/login/" and the method is Post. The form fields are "user" & "pass". With PHP script I can use {header("Location:/login/")} to redirect, any idea of how to pass the POST data via code?<br /><br />The second part looks to be easy. The form name is "/dowebmailpasswd.cgi", the fields are "oldpass"( which I do not see where it ever gets a value!) and "newpass" the confiramtion password has no name tag so therefore on submission of the form this field is not sent. the form has no action tag so the default is GET. Easy enough to {header("Location:/dowebmailpasswd.cgi?newpass=[New Password]")}. Goes back to what we discussed on the phone, how is the user identified? <br /><br />Seems like the easiest way to accomplish all of this is to mimic / use your login / change password script via code.<!--content-->
Hello Fellow programmers;<br /><br />I came up with the following code with a little outside help.<br /><div class='codetop'>CODE</div><div class='codemain' style='height:200px;white-spacere;overflow:auto'>session_start();<br /><br />$user = $_SESSION['User']['Name'] ."%407thdistrictfd.org";<br />$pass = $_SESSION['User']['Password'];<br /><br />$params = "user=$user&password=$pass";<br /><br />$curl = curl_init("http://7thdistrictfd.org:2095/login/");<br />curl_setopt($curl, CURLOPT_POST, 1);<br />curl_setopt($curl, CURLOPT_POSTFIELDS,$params);<br />$response = curl_exec($curl);<br />curl_close($curl);</div><br /><br />Works great for sending the post variables. Must be right about the script writing cookies back to my machine, my cookie files are modified @ the time the code is run. The only problem right now is the response page has one statement and that is "Connection: close The Document has moved here". "The Document has moved here" is a hpertext link to my domain. Any ideals of how to suppress this message?<br /><br />Byron Thomas<br />7thdistrictfd.org<br />[email protected]<!--content-->
Hi Bryon, welcome to the forums <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/smile.gif" style="vertical-align:middle" emoid="
" border="0" alt="smile.gif" /> <br /><br />will the standard yourtchdomainname.com/webmail do? You can change the password there, and you can log directly in.<!--content-->Welcome to the forums Bryon <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/smile.gif" style="vertical-align:middle" emoid="
" border="0" alt="smile.gif" /><!--content--><!--quoteo(post=203717:date=Apr 5 2007, 06:34 PM:name=TCH-Andy)--><div class='quotetop'>QUOTE(TCH-Andy @ Apr 5 2007, 06:34 PM) <a href="http://www.totalchoicehosting.com/forums/index.php?act=findpost&pid=203717"><img src='http://www.totalchoicehosting.com/forums/style_images/1/post_snapback.gif' alt='*' border='0' /></a></div><div class='quotemain'><!--quotec-->Hi Bryon, welcome to the forums <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/smile.gif" style="vertical-align:middle" emoid="
" border="0" alt="smile.gif" /> <br /><br />will the standard yourtchdomainname.com/webmail do? You can change the password there, and you can log directly in.<!--QuoteEnd--></div><!--QuoteEEnd--><br /><br /><br />Hello Andy,<br /><br />yes I plan to use horde or squirrel mail form tch.<br />What part of my first post did I fail to communicate plainly enough.<br /><br />I neither want my end user to have to log into either e-mail client, as they will already be logged into my domain and a user object will already be created and stored in a session variable.<br />Once logged into cpanel my admin user Id and password are not required to log into my mail box.<br />The login dialog box for either is bypassed, there is a way to do this same proceedure for any/all of my members having mail boxes.<br /><br /><br />I also do not want my end user to have to set a password twice, once for the purpose of logging in to my members section, and the second for access to their mail box.<br /><br />Would I do better to contact Horde or Squirrel mail directly?<!--content-->Thanks, I understand a little better what you are after now (it was late last night for me, that's my excuse for being slow <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/wink.gif" style="vertical-align:middle" emoid="
" border="0" alt="wink.gif" /> ) <br /><br />How much into the code do you want to get ? <br /><br /><!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->"https://" + username + "+domain:" + password + "@" + domain + ":2096/horde/index.php"<!--c2--></div><!--ec2--><br /><br />Should get you in, but I think you will still get the language choice page that way. (You can do the same on sqmail - which may be easier, as you don't get the language request then).<!--content-->The password is stored in <br /><br />/home/username/etc/domain/shadow <br /><br />So you should be able to change it there. I'll try and have a look later which crypt method it uses <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/wink.gif" style="vertical-align:middle" emoid="
" border="0" alt="wink.gif" /><!--content-->Hello again Andy;<br /><br />Examined your proposed solution, did not like the idea of having the password visible in the link.<br />( I constructed the anchor link as described in your post, showed both user name and password in the status bar of the browser. All our members have access to a common computer so if someone is looking over your shoulder then your password could be compromised.<br />Guess I could use a webmail handler page to hide all the details.<br />I cannot view the source code for the Authenticicate dialog box, but see that the action for the cpanel login form = "/login/" and the method is Post. The form fields are "user" & "pass". With PHP script I can use {header("Location:/login/")} to redirect, any idea of how to pass the POST data via code?<br /><br />The second part looks to be easy. The form name is "/dowebmailpasswd.cgi", the fields are "oldpass"( which I do not see where it ever gets a value!) and "newpass" the confiramtion password has no name tag so therefore on submission of the form this field is not sent. the form has no action tag so the default is GET. Easy enough to {header("Location:/dowebmailpasswd.cgi?newpass=[New Password]")}. Goes back to what we discussed on the phone, how is the user identified? <br /><br />Seems like the easiest way to accomplish all of this is to mimic / use your login / change password script via code.<!--content-->
Hello Fellow programmers;<br /><br />I came up with the following code with a little outside help.<br /><div class='codetop'>CODE</div><div class='codemain' style='height:200px;white-space
re;overflow:auto'>session_start();<br /><br />$user = $_SESSION['User']['Name'] ."%407thdistrictfd.org";<br />$pass = $_SESSION['User']['Password'];<br /><br />$params = "user=$user&password=$pass";<br /><br />$curl = curl_init("http://7thdistrictfd.org:2095/login/");<br />curl_setopt($curl, CURLOPT_POST, 1);<br />curl_setopt($curl, CURLOPT_POSTFIELDS,$params);<br />$response = curl_exec($curl);<br />curl_close($curl);</div><br /><br />Works great for sending the post variables. Must be right about the script writing cookies back to my machine, my cookie files are modified @ the time the code is run. The only problem right now is the response page has one statement and that is "Connection: close The Document has moved here". "The Document has moved here" is a hpertext link to my domain. Any ideals of how to suppress this message?<br /><br />Byron Thomas<br />7thdistrictfd.org<br />[email protected]<!--content-->