DrThomasXLight Posted May 25, 2012 Share Posted May 25, 2012 Hi folks, I've been coding a while a solution in a project I'm working on. The project is an application that let users get inside, check some services provided by the company I'm working and one feature is that they must get in their mailbox automatically (in Google) without writing their credentials. The following code is the one I'm using to let the users get inside their accounts: <?php ini_set('display_errors','1'); require_once('../../resources/classloader.php'); //require_once('../../resources/classes/libgmailer.class.php'); $response = ''; $raw_html = ''; $gacookie = ''; $userdata = unserialize($_SESSION['95ed1eb1c41e29c73464f1ca1da9316a']); //print_r($userdata); $vUserID = $userdata[0][0]; $vPasswd = $userdata[0][1]; $vPasswd = base64_decode($vPasswd); $vPasswd = mcrypto::decrypt($vPasswd); //Abrimos la conexión con Google para poder realizar las acciones con las cuentas respectivas de los Usuarios. $cuentainstitucional = application::buscarCorreoInstitucional($_SESSION['DEFAULT_INSTITUTION'],$vUserID); $domArr = explode('@',$cuentainstitucional); $accountid = $domArr[0]; $domain = $domArr[1]; $USERNAME = $accountid; $PASSWORD = $vPasswd; $churl ="https://www.google.com/accounts/ServiceLoginBoxAuth"; $ch = curl_init(); curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_POST, TRUE); curl_setopt($ch, CURLOPT_HEADER, FALSE); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/3.0.195.25 Safari/532.0"); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_COOKIEJAR, 'c:\\temp\\cookie.txt'); curl_setopt($ch, CURLOPT_URL, $churl); $response=curl_exec ($ch); $pattern = '/name="GALX"\s+value="(.+)"/'; preg_match($pattern, $response, $matches); $GALX=$matches[1]; $churl ="https://www.google.com/accounts/ServiceLoginBoxAuth"; $username=urlencode($cuentainstitucional); //por lo general será usuario@gmail.com $password=$PASSWORD; $postdata="GALX=$GALX&Email=$username&Passwd=$password"; curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata); curl_setopt($ch, CURLOPT_URL, $churl); $result = curl_exec ($ch); echo $result; ?> The code works, but it routes me to a page about some cookies, but in the upper right corner the users is logged. If I made a redirection to for example https://mail.google.com/mail, it prompts me for a user and password. Can someone help me or point me to the right direction so this feature could be implemented in my project??. Thanks for your help. Quote Link to comment https://forums.phpfreaks.com/topic/263145-need-help-with-this/ Share on other sites More sharing options...
requinix Posted May 25, 2012 Share Posted May 25, 2012 Putting aside the fact that it's stupid, it's not even possible. You cannot log someone into a site that isn't yours. The closest you can get is basically proxying the site but that's a very bad idea, and quite possibly against the ToS. Quote Link to comment https://forums.phpfreaks.com/topic/263145-need-help-with-this/#findComment-1348683 Share on other sites More sharing options...
DrThomasXLight Posted May 26, 2012 Author Share Posted May 26, 2012 I was expecting to receive questions like "Hey dude, what are your requirements", "No, that's not the best practice, it's this one" or "Tell us more about your project and what are you trying to do? there are things that we don't understand". But hey , I'm a "stupid" developer trying to help a "stupid" client of mine that is trying to do things his way to please his "stupid" clients (students) because they are bunch of "stupid" morons that doesn't know what they want... I apologize first, because I think there is information that I haven't gave you for the analysis of my case. I'm working on a project for an educational institution (yes, I'm working with google provisioning apps for this institution) and the requirement stated was that for the developed site, I've to do the following actions: 1. The site must allow the users of my site to create their own accounts in google (courtesy of the Zend Framework). This is validated through a connection to the educational institution database to check via its personal id if the person is registered as a "student". If so, the user receives a message to it's personal mail with the user, password, etc.. etc.. on how to log to the developed site. 2. Inside the site there is a service (actually an big (big is as in BIG)) to let the users click that icon and then be redirected to their inbox to read their emails (by the way in google). There are other services as well, like posting complaints to helpdesk, check your grades, etc.., etc.. (yeah, you've got the idea).. 3. The code pasted is my effort to try to let the users log in google with the credentials of the site (By the way, are the same), but I haven't yet reach my goal. In general, I'm working with a student portal. I wrote because I need to know if someone has done a similar project, what are the best practices for doing something like this, what I need to do that and set me in the correct path to get things work. I was trying to translate Visual Basic code used to do this user Login Stuff in Google (and it works by the way) to PHP, but got lost in this and the only thing I've got was the code posted earlier. Since that my post was "stupid" and I think that I won't get any help with this from anyone, Please I make the following request to anyone reading this post: PLEASE, STOP READING THIS AND IGNORE THIS POST AND FORGET MY HELP REQUEST!!!! I'll document myself and try to solve things the best way I could. Thanks in advance to those who already at least read this post. Quote Link to comment https://forums.phpfreaks.com/topic/263145-need-help-with-this/#findComment-1348704 Share on other sites More sharing options...
gizmola Posted May 26, 2012 Share Posted May 26, 2012 Where sites allow it, there are ways to store credentials and then make API calls to that site. This might be a possibility, however, an even better way to do this, if we're talking gmail, is to use gmail's imap api. There are also ways for sites to share authentication (primarily it's through sites implementing authentication trust using openid. There is no way that google will extend trust to your site, but you could implement trust of google (or facebook or twitter) and allow people to login to google first, and then accept that as authentication of your intranet site. What Requinix was pointing out is that most sites maintain session using cookies. You can't share cookies across sites of course. In the case of gmail, the client app is a giant blob of injected javascript, and there is no way even if you proxy the session through an elaborate series of curl calls, that you will ever get anything functional. I may have the facts incorrect, Quote Link to comment https://forums.phpfreaks.com/topic/263145-need-help-with-this/#findComment-1348708 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.