Building A PHP-Based Mail Client (part 1) - Start Me Up (
Page 3 of 7 )
With the requirements clearly defined,
it's time to actually start writing some code. Since I'm a big fan of PHP, I
plan to use that as my weapon of choice during this exercise. My natural
inclination towards PHP is further influenced by the fact that PHP comes with a
full-featured set of commands for working with IMAP and POP3 mailboxes -
something I'm going to be needing over the course of this project.
This
is a good time for you to download the source code, so that you can refer to it
throughout this article (you will need a Web server capable of running PHP
4.0.6, with its IMAP extension enabled).
mail.zipFirst up, the user login process, and the
scripts which verify the user's password and grant access to the mail
server.
Here's the initial login form, "index.php":
<form name="login" method="POST" action="<? echo $PHP_SELF; ?>">
<table border="0" cellspacing="5" cellpadding="5" align="center"
valign="middle">
<tr>
<td align="right"><font face="Verdana" size="-1">Email address</font></td>
<td align="left"><input type=text name=email size=30></td>
</tr>
<tr>
<td align="right"><font face="Verdana" size="-1">Password</font></td>
<td align="left"><input type=password name=pass size=10></td>
</tr>
<td colspan="2" align="middle"><input name="submit" type="submit"
value="Read Mail"></td>
</tr>
</table>
</form>
Extremely simple, this - two fields, one for the user's email
address, in the form <user@pop.server.name> and one for his
password.
Here's what it looks like:
Now, this script is actually split into two parts: the
first part displays the login form above, while the second part processes the
data entered into it. An "if" loop, keyed against the presence of the $submit
variable, is used to decide which part of the script to execute.
Here's
what happens once the form is submitted:
<?
// index.php - display login form
if (!$submit)
{
// form not yet submitted
// display login box
}
else
{
?>
// form submitted
include("functions.php");
if (!$email || !$pass || !validate_email($email))
{
header("Location: error.php?ec=1");
exit;
}
// separate email address into username and hostname
// by splitting on @ symbol
$arr = explode('@', $email);
$user = trim(stripslashes($arr[0]));
$host = trim(stripslashes($arr[1]));
$pass = trim(stripslashes($pass));
// store the details in session variables
session_start();
session_register("SESSION");
session_register("SESSION_USER_NAME");
session_register("SESSION_USER_PASS");
session_register("SESSION_MAIL_HOST");
// assign values to the session variables
$SESSION_USER_NAME = $user;
$SESSION_USER_PASS = $pass;
$SESSION_MAIL_HOST = $host;
// redirect user to the list page
header("Location: list.php");
}
?>
The first order of business is to verify that all the
information required to connect to the mail server has been entered by the user;
this information includes a valid email address and password. Assuming that both
are present, the explode() function is used to split the email address into user
and host components.
Next, a PHP session is initiated, and the username,
password and host name are registered as session variables with the
session_register() command; these values can then be used by other scripts
within the application.
Finally, the browser is redirected to another
script, "list.php", which uses the information supplied to attempt a POP3
connection and retrieve a list of messages in the user's mailbox. This
redirection is accomplished by sending an HTTP header containing the new URL to
the browser via PHP's very powerful header() command.
It's important to
note that calls to header() and session_start() must take place before *any*
output is sent to the browser. Even something as minor as whitespace or a
carriage return outside the PHP tags can cause these calls to barf all over your
script.
