gaza165 Posted June 10, 2009 Share Posted June 10, 2009 I have created a login form for users to log into their IMAP email account, I am using sessions to store log in credientials to make connection to IMAP in other instances. <?php session_start(); Function ShowLoginForm() { echo "<form action='$PHP_SELF?what=login' method='POST'>"; echo "Username: <input type='text' name='user'>"; echo "Password: <input type='password' name='pass'>"; echo "<input type='submit' value='Login'>"; echo "</form>"; } Function ProcessLogin() { $user = $_POST['user']; $pass = $_POST['pass']; $_SESSION['username'] = $user; $_SESSION['password'] = $pass; $mailbox = "imap.gmail.com:993/imap/ssl"; $conn = @imap_open("{" . $mailbox . "}INBOX", $user, $pass) or header("Location:./"); if($conn) { header("Location: $PHP_SELF?what=inbox"); } } Function ShowInbox() { $mailbox = "imap.gmail.com:993/imap/ssl"; $conn = @imap_open("{" . $mailbox . "}INBOX", $_SESSION['username'], $_SESSION['password']); $headers = @imap_headers($conn) or die("Couldn't get emails"); $numEmails = sizeof($headers); for($i = 1; $i < $numEmails+1; $i++) { $mailHeader = @imap_headerinfo($conn, $i); $from = $mailHeader->fromaddress; $subject = strip_tags($mailHeader->subject); $date = $mailHeader->date; echo "Email from $from, subject $subject, date $date<br>"; } } ?> My question is... is it safe to store the username and password like this in SESSIONS?? Quote Link to comment Share on other sites More sharing options...
RussellReal Posted June 10, 2009 Share Posted June 10, 2009 sure why not? just make sure you make the session expire in like 25 minutes lol Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.