Jump to content

A few questions regarding IMAP via PHP


ionicle
Go to solution Solved by ionicle,

Recommended Posts

Hey guys!

 

I'm trying to figure out how to customize this piece of PHP code in such a way, so that I can set two specific conditions, based on the PHP error notices that I am receiving.











 
<?php



/* connect to yahoo */

$hostname = '{imap.mail.yahoo.com:993/imap/ssl}INBOX';

$username = 'user@yahoo.com';

$password = 'password';

$alerts = imap_alerts()



/* try to connect */

$inbox = imap_open($hostname,$username,$password) or die('Cannot connect to yahoo: ' . $alerts);



if ( $inbox === false ) {

exit ("Can't connect: " . imap_last_error() ."\n");

}

else

{

echo"Logined:";

//do stuff

}



?>
 

What I wanna accomplish is:

 

1. Connect to the IMAP server.

 

2. Check if the user/password combo is correct, and if so, log me in ( I got that covered ).

 

3. If it isn't, I will just be greeted with an IMAP error stating "Too many login failures".

 

4. If it is, but I am trying to log in from a location that Yahoo doesn't recognize, that is, I have never logged in from there before, I will get the same error.

 

5. Depending on whether the user/pass combo is incorrect, or the location isn't recognized, redirect the user to either "page1" or "page2".

 

 

The imap_last_error returns the same error for both cases. The error alerts ( imap_alerts ), however, are different for both cases, and this is where I can differentiate between them.

 

How can I set it up so that when it attempts to log in, and it receives an error notice, containing a certain text string, it would just read that text string ( not displaying the errors at all ), and redirect to either "1" or "2"?

 

 

IMAP wrong user/pass combo notice: 

 

Notice: Unknown: [AUTHORIZATIONFAILED] Incorrect username or password.

 

 

 

IMAP unknown location notice: 

 

Notice: Unknown: [AUTHORIZATIONFAILED] Please verify your account at https://login.yahoo.com.

Edited by ionicle
Link to comment
Share on other sites

Is it a dedicated or shared server?

 

Something like that is off the top of my head ( using I/O redirect)

<?php

error_reporting(0);

$str = "Incorrect username or password!<br />
Please verify your account at <a href=https://login.yahoo.com>https://login.yahoo.com</a>
";

$mbox = imap_open('{imap.mail.yahoo.com:993/ssl/novalidate-cert}', 'userName@yahoo.com', "userPass");

if($mbox === FALSE){
    
    echo shell_exec("php -f error_log.php ".escapeshellarg($str));
}

error_log.php

<?php

echo $argv[1];

Result:

 

 

Incorrect username or password!
Please verify your account at https://login.yahoo.com

 

Did you try using a php header location function?

Edited by jazzman1
Link to comment
Share on other sites

Yeah, that should work, since I have full control over the web server and the PHP interpreter on it ( it's basically my home machine ). However, that will simply echo out the result of the IMAP notice - I want the display of that suppressed and, depending on whether it's Notice 1 or Notice 2, redirect either to Page 1 or Page 2, automatically.

 

The redirect itself should not be a problem. The differentiation is what's tripping me up here. I would like the IMAP notice received to be dumped into a text file ( or, ideally, read directly ), and, depending on whether it contains "String A" or "String B", the next script action will be a redirect to either Page 1 or Page 2.

Edited by ionicle
Link to comment
Share on other sites

I changed my code:
 



<?php

/* Yahoo connection params */
$hostname = '{imap.mail.yahoo.com:993/imap/ssl}INBOX';
$username = 'user@yahoo.com';
$password = 'password';

/* Initialize connection */
$inbox = @imap_open($hostname,$username,$password);
$filename = "imap.txt";
$errors = imap_errors();
for ($i=0; $i<count($errors); $i++) {
$file = fopen("$filename", "a");
fputs($file, "$errors[$i]\r\n");
fclose($file);

$response = file_get_contents('$filename');
if ($response == '[AUTHORIZATIONFAILED] Incorrect username or password. (#MBR1212)
[AUTHORIZATIONFAILED] Incorrect username or password. (#MBR1212)
[AUTHORIZATIONFAILED] Incorrect username or password. (#MBR1212)
Too many login failures') {

echo 'Done.'; }

}



?>

How do I make sure that, whatever's in "imap.txt", gets overwritten every time the script is run, and not just added to?

Edited by ionicle
Link to comment
Share on other sites

You don't have to do this in that way! Hide the errors from users with error_reporting(0), redirect them and read the log from apache log error directory.

 

 

depending on whether it contains "String A" or "String B", the next script action will be a redirect to either Page 1 or Page 2.

 

I don't understand the logic here.

Edited by jazzman1
Link to comment
Share on other sites

There are 2 separate types of notices - one for Unknown user/pass, and another for Unknown location. I just want to differentiate between them and set up two unique redirects to two different pages, depending on which one of the notices is encountered.

 

What's so complicated about that? I did it by dumping the contents of the "imap_errors" array into a file, then opening and reading it, checking for a certain string, and then doing a redirect based on that ( well, it's an echo in the example above, I will add the header redirect a bit later ).

 

Wouldn't that work?

 

Now the only thing I need is figure out how to configure "fopen" to overwrite the file with the new data every time it's executed, instead of just adding to it.

Edited by ionicle
Link to comment
Share on other sites

By attempting to log in to your Yahoo account from a browser that you've never used before to do so, while having the Secondary Sign-in protection in place. Yahoo seems to set a cookie the first time you sign in to your Yahoo account from a specific browser, and it's a permanent one, even if you're logged out. It doesn't maintain a session, but if it isn't there, Yahoo will request additional verification every time you try to sign in.

 

Using IMAP doesn't bypass the protection - that is when you get the "Notice: Unknown: [AUTHORIZATIONFAILED] Please verify your account at https://login.yahoo.com." message. Both when used in the context of a php script, and by using a regular mail client.

Edited by ionicle
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.