Start Me Up - PHP

With the requirements clearly defined, it's time to actually start writing some code. Since I'm a big fan of PHP, I plan to use that as my weapon of choice during this exercise. My natural inclination towards PHP is further influenced by the fact that PHP comes with a full-featured set of commands for working with IMAP and POP3 mailboxes - something I'm going to be needing over the course of this project.

This is a good time for you to download the source code, so that you can refer to it throughout this article (you will need a Web server capable of running PHP 4.0.6, with its IMAP extension enabled).

mail.zip

First up, the user login process, and the scripts which verify the user's password and grant access to the mail server.

Here's the initial login form, "index.php":

<form name="login" method="POST" action="<? echo $PHP_SELF; ?>">
<table border="0" cellspacing="5" cellpadding="5" align="center"
valign="middle">
<tr>
<td align="right"><font face="Verdana" size="-1">Email address</font></td>
<td align="left"><input type=text name=email size=30></td>
</tr>
<tr>
<td align="right"><font face="Verdana" size="-1">Password</font></td>
<td align="left"><input type=password name=pass size=10></td>
</tr>
<td colspan="2" align="middle"><input name="submit" type="submit"
value="Read Mail"></td>
</tr>
</table>
</form>

Extremely simple, this - two fields, one for the user's email address, in the form <user@pop.server.name> and one for his password.

Here's what it looks like:



Now, this script is actually split into two parts: the first part displays the login form above, while the second part processes the data entered into it. An "if" loop, keyed against the presence of the $submit variable, is used to decide which part of the script to execute.

Here's what happens once the form is submitted:

<?
// index.php - display login form
if (!$submit)
{
// form not yet submitted
// display login box
}
else
{
?>
// form submitted
include("functions.php");
if (!$email || !$pass || !validate_email($email))
{
header("Location: error.php?ec=1");
exit;
}
// separate email address into username and hostname
// by splitting on @ symbol
$arr = explode('@', $email);
$user = trim(stripslashes($arr[0]));
$host = trim(stripslashes($arr[1]));
$pass = trim(stripslashes($pass));
// store the details in session variables
session_start();
session_register("SESSION");
session_register("SESSION_USER_NAME");
session_register("SESSION_USER_PASS");
session_register("SESSION_MAIL_HOST");
// assign values to the session variables
$SESSION_USER_NAME = $user;
$SESSION_USER_PASS = $pass;
$SESSION_MAIL_HOST = $host;
// redirect user to the list page
header("Location: list.php");
}
?>

The first order of business is to verify that all the information required to connect to the mail server has been entered by the user; this information includes a valid email address and password. Assuming that both are present, the explode() function is used to split the email address into user and host components.

Next, a PHP session is initiated, and the username, password and host name are registered as session variables with the session_register() command; these values can then be used by other scripts within the application.

Finally, the browser is redirected to another script, "list.php", which uses the information supplied to attempt a POP3 connection and retrieve a list of messages in the user's mailbox. This redirection is accomplished by sending an HTTP header containing the new URL to the browser via PHP's very powerful header() command.

It's important to note that calls to header() and session_start() must take place before *any* output is sent to the browser. Even something as minor as whitespace or a carriage return outside the PHP tags can cause these calls to barf all over your script.

>>> More PHP Articles          >>> More By icarus, (c) Melonfire

blog comments powered by Disqus