On Wed, May 14, 2008 at 10:15 AM, Iacopo Benesperi <iacchi86@xxxxxxxxx> wrote:
> Paul Lesniewski ha scritto:
>
> > Why are you starting with an outdated release?
>
> Basically because it's the version installed on the server, until the
> sysadmin updates it.
>
>
> > Also, you should search the mailing list archives (both this list and
> > the squirrelmail-devel list) for recent conversations about this where
> > the chosen solution was not to create the cookies ahead of time, but
> > instead to pass along the username and password to src/redirect.php
> > when the user clicked to go to their email. I'm not a fan of this
> > method, especially if done with GET arguments (in the URI), but it
> > seems like a few people have chosen this method.
>
> Ok, I've searched a little bit and the best thing I've found is to
> install login:auto in SM and then to set a cookie in my CMS that
> login:auto can understand and use to log in to SM.
I guess that'd work. But no, there was a discussion in the past
couple months where someone asked this question and a couple people
said they send the username and password in the page request to
redirect.php. Just look at what gets sent from login.php when logging
in as usual and you'll see what you need to send to redirect.php if
that's how you want to do it.
> Now, let's see if I've understood somethig! If I'm right, I should copy
> to my CMS the MD5Encrypt and MD5Keycrypt functions of login:auto and
> then in the login function I should add these two line:
>
> setcookie('user', base64_encode(MD5Encrypt($user_name, '[string =
> $auto_key]')), 0, $base_uri);
> setcookie('pass', base64_encode(MD5Encrypt($user_pass, '[string =
> $auto_key]')), 0, $base_uri);
>
> taken from the function login_auto_set_cookies_do(). I've modified the
> cookie expiration, so it expires when the user close the browser, and I
> want to write "/" instead of $base_uri (even if maybe SM will not be on
> / directory). Am I right or should I do something more?
Why not just try it? Changing the directory that the cookie applies
to might be the hard part. You just have to make sure the cookie will
be picked up again by SquirrelMail.
> Unfortunately, I can't try this on my computer (where I'm working), and
> I'll be able to test in only when I'll install the whole thing on the
> server, so it would be nice to know if it should work or not, I'm asking
> because of this.
You should *always* have a test environment. The sysadmin should
understand this - why would they want to have you install untested
software on a live server?
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
