modules/imap_auth/imap_auth.module

<?php
/* $Id: imap_auth.module,v 1.5.2.1 2007/09/03 06:44:48 yecarrillo Exp $ */ 

/**
 * @file
 * This module allows to your Drupal users to authenticate against one or various 
 * IMAP/POP3/NNTP servers. They must supply a valid IMAP/POP3/NNTP email/news 
 * account in the form "user@server" style as username to login.
 */

/**
 * Implementation of hook_help().
 */
function imap_auth_help($section) {
  
  $domains = split("/\r\n|\n|\r/", variable_get('imap_auth_services', array()));
  
  $servers = '<ul>';
  foreach ($domains as $d) {
    $domain_settings = split(",", $d, 2);
    
    if (trim($domain_settings[0]) == '*') {
      $servers .= '<li>' . t('Any IMAP/POP3/NNTP server is valid') . '</li>';
    }
    else {
      $servers .= '<li>@' . $domain_settings[0] . '</li>';
    }
  }
  $servers .= '</ul>';
  
  switch ($section) {
    case 'admin/help#imap_auth':
      return t("<p>The \"imap_auth\" module lets users log in using any IMAP/POP3/NNTP email/news Account.</p>");
    case 'admin/settings/imap_auth':
      return t("<p>Users can log into %this-site using their username and password of any IMAP/POP3/NNTP email/news account.</p>",
                array('%this-site' => variable_get('site_name', 'this web site')));
    case 'user/help#imap_auth':
      return t("<p>!IMAP stands for Internet Message Access Protocol. It is a method of accessing electronic mail or bulletin board messages that are kept on a (possibly shared) mail server. In other words, it permits a \"client\" email program to access remote message stores as if they were local. For example, email stored on an IMAP server can be manipulated from a desktop computer at home, a workstation at the office, and a notebook computer while traveling, without the need to transfer messages or files back and forth between these computers.</p> <p>!POP3 stands for Post Office Protocol version 3 (POP3), an application-layer Internet standard protocol, to retrieve e-mail from a remote server over a TCP/IP connection.</p> <p>!NNTP is an Internet application protocol used primarily for reading and posting Usenet articles, as well as transferring news among news servers.</p> <p>You can log into !this-site using your username and password of any allowed IMAP/POP3/NNTP server. Simply enter <strong>username@example.com</strong> as your username and the password of your IMAP/POP3/NNTP account.</p><p>Valid domains list: !servers</p>",
                array('!IMAP' => l('IMAP', 'http://en.wikipedia.org/wiki/Internet_Message_Access_Protocol', array('target' => '_blank')),
                      '!POP3' => l('POP3', 'http://en.wikipedia.org/wiki/Post_Office_Protocol', array('target' => '_blank')),
                      '!NNTP' => l('NNTP', 'http://en.wikipedia.org/wiki/Network_News_Transfer_Protocol', array('target' => '_blank')),
                      '!this-site' => variable_get('site_name', 'this web site'),
                      '!servers' => $servers
                      )
              );
  }
}

/**
 * Implementation of hook_menu().
 */
function imap_auth_menu($may_cache) {
$items['admin/settings/imap_auth'] = array(
    'title' => t('IMAP auth'),
    'description' => t('Choose IMAP/POP3/NNTP services to authenticate users.'),
    'page callback' => 'drupal_get_form',
    'page arguments' => array('imap_auth_admin_settings'),
    'access arguments' => array('administer site configuration'),
   );
   return $items;
}

/**
 * Implementation of hook_form_alter().
 */
function imap_auth_form_alter(&$form, $form_state, $form_id) {
  if ($form_id == 'user_login_block' || $form_id == 'user_login') {
    // Splice in our validate handler for authentication if user is performing a distributed login.
    // Remove the local authentication handler added by user.module
    if (!empty($form_state['post']['name']) && imap_auth_is_distributed_login($form_state['post']['name'])) {
      $key = array_search('user_login_authenticate_validate', $form['#validate']);
      $form['#validate']['key'] = 'imap_auth_distributed_validate';
    }
  }
}

/**
 * When login form is shown on full page, let users know that Drupal IDs are accepted.
 *
 * @return void
 **/
function imap_auth_form_user_login_alter(&$form, $form_state) {
  if (variable_get('imap_auth_enabled', FALSE)) {
    $form['name']['#description'] = t('Enter your @s username, or a username and password of any IMAP/POP3/NNTP email/news account.', array('@s' => variable_get('site_name', 'Drupal')));
  }
}

/**
 * Attempt to authenticate using the presented credentials
 *
 * @return boolean
 */
function imap_auth($username, $password, $server) {
  
  //IMAP extension not loaded
  if (!function_exists('imap_open')) {
    watchdog('php', t('IMAP extension not loaded. IMAP module couldn\'t be used to authenticate users.'), WATCHDOG_WARNING);
    return FALSE;
  }
  
  //IMAP Auth not enabled
  if (variable_get('imap_auth_enabled', 0) == 0) {
    return FALSE;
  }
  
  $domains = split("/\r\n|\n|\r/", variable_get('imap_auth_services', array()));
 
  $valid = FALSE;
  foreach ($domains as $d) {
    $domain_settings = split(",", $d, 2);
    
    if ((trim($domain_settings[0]) == $server) or trim($domain_settings[0]) == '*') {
      $valid = TRUE;
      
      if (array_key_exists(1, $domain_settings)) {
        $mailbox = trim($domain_settings[1]);
      }
      else {
        $mailbox = "{" . $server . ":143}INBOX";
      }
    }
  }
  //This domain is not valid for IMAP authentication
  if (!$valid) {
      watchdog('user', t('Invalid IMAP service for imap_auth (%domain).', array('%domain' => $domain_settings[0])), WATCHDOG_WARNING);
      return FALSE;
  }
  
  $mbox = @imap_open($mailbox, $username, $password);
  if ($mbox) {
    $minfo = @imap_status($mbox,$mailbox, SA_MESSAGES);
    if ($minfo) {
      $login = TRUE;
    }
    else {
      $login = FALSE;
    }
    @imap_close($mbox);

  } else {
    $mbox = @imap_open($mailbox, $username . '@' . $server, $password);
    if ($mbox) {
      $minfo = @imap_status($mbox,$mailbox, SA_MESSAGES);
      if ($minfo) {
        $login = TRUE;
      }
      else {
        $login = FALSE;
      }
      @imap_close($mbox);
    } 
    else {
      $login = FALSE;
    }
  }
  return $login;
}

/**
 * Given a username, determine if user is attempting a distributed login.
 *
 * @return boolean
 **/
function imap_auth_is_distributed_login($name) {
  return variable_get('imap_auth_enabled', FALSE) && (strpos($name, '@') || variable_get('imap_auth_services', ''));
}

/**
 * A custom validate handler on the login form. Checks supplied username/password against a remote IMAP/POP3/NNTP service.
 *
 * @return boolean
 **/
function imap_auth_distributed_validate($form, &$form_state) {
  global $user;

  if ($user->uid) {
    return;
  }

  $name = $form_state['values']['name'];
  $pass = trim($form_state['values']['pass']);
  // Strip name and server from ID:
  if ($server = strrchr($name, '@')) {
    $name = substr($name, 0, strlen($name) - strlen($server));
    $server = substr($server, 1);
  }

  if (imap_auth($name, $pass, $server)) {
    // We have a successful authentication. Login or register the user.
    if ($server) {
      $name .= '@'. $server;
    }
    user_external_login_register($name, 'imap_auth');
  }
}

/**
 * 
 */
function imap_auth_admin_settings() {
  // Check if PHP IMAP module is loaded
  if (!_imap_auth_install_check()) {
    return;
  }
  $form['imap_auth_enabled'] = array(
    '#type' => 'radios',
    '#title' => t("IMAP authentication"),
    '#default_value' => variable_get('imap_auth_enabled', 0), 
    '#options' => array(t('Disabled'), t('Enabled')),
    '#description' => t('If enabled, your Drupal site will able to authenticate users with remote IMAP/POP3/NNTP email/news accounts. Don\'t forget to set <strong>Visitors can create accounts and no administrator approval is required</strong> in !link page.', 
                        array('!link' => l(t('User registration settings'), 'admin/user/settings'))),  
  );
  $form['imap_auth_services'] = array(
    '#type' => 'textarea',
    '#title' => t('IMAP/POP3/NNTP Services'),
    '#default_value' => variable_get('imap_auth_services', '*'),
    '#description' =>  t('Valid servers to authenticate from. Use asterisk(*) as wildcard for any server, or restrict to some servers adding one service per row in the form <em>server_alias,string_mailbox</em>. See !readme for detailed instructions.<br />Example: <em>mycompany.com,{mail.mycompany.com:143/imap/notls}INBOX</em>',
                         array('!readme' => l('README.txt', 'http://cvs.drupal.org/viewvc.py/drupal/contributions/modules/imap_auth/README.txt?view=markup', array('target' => '_blank')))),
  );

  return system_settings_form($form);
}

/**
 * Check to make sure that the IMAP functions are installed in PHP,
 * and if not, display an error
 */
function _imap_auth_install_check() {
  if (!function_exists('imap_open')) {
    drupal_set_message(t('You must compile PHP with !php_imap enable the IMAP extension in !php_ini file.',
                                           array('!php_imap' => l('IMAP', 'http://www.php.net/ref.imap'),
                                                 '!php_ini' => l('php.ini', 'http://www.php.net/configuration#configuration.file')
                                                 )), 'error');
    return FALSE;
  }
  return TRUE;
}
1	<?php
2	/* $Id: imap_auth.module,v 1.5.2.1 2007/09/03 06:44:48 yecarrillo Exp $ */
3
4	/**
5	* @file
6	* This module allows to your Drupal users to authenticate against one or various
7	* IMAP/POP3/NNTP servers. They must supply a valid IMAP/POP3/NNTP email/news
8	* account in the form "user@server" style as username to login.
9	*/
10
11	/**
12	* Implementation of hook_help().
13	*/
14	function imap_auth_help($section) {
15
16	$domains = split("/\r\n\|\n\|\r/", variable_get('imap_auth_services', array()));
17
18	$servers = '<ul>';
19	foreach ($domains as $d) {
20	$domain_settings = split(",", $d, 2);
21
22	if (trim($domain_settings[0]) == '*') {
23	$servers .= '<li>' . t('Any IMAP/POP3/NNTP server is valid') . '</li>';
24	}
25	else {
26	$servers .= '<li>@' . $domain_settings[0] . '</li>';
27	}
28	}
29	$servers .= '</ul>';
30
31	switch ($section) {
32	case 'admin/help#imap_auth':
33	return t("<p>The \"imap_auth\" module lets users log in using any IMAP/POP3/NNTP email/news Account.</p>");
34	case 'admin/settings/imap_auth':
35	return t("<p>Users can log into %this-site using their username and password of any IMAP/POP3/NNTP email/news account.</p>",
36	array('%this-site' => variable_get('site_name', 'this web site')));
37	case 'user/help#imap_auth':
38	return t("<p>!IMAP stands for Internet Message Access Protocol. It is a method of accessing electronic mail or bulletin board messages that are kept on a (possibly shared) mail server. In other words, it permits a \"client\" email program to access remote message stores as if they were local. For example, email stored on an IMAP server can be manipulated from a desktop computer at home, a workstation at the office, and a notebook computer while traveling, without the need to transfer messages or files back and forth between these computers.</p> <p>!POP3 stands for Post Office Protocol version 3 (POP3), an application-layer Internet standard protocol, to retrieve e-mail from a remote server over a TCP/IP connection.</p> <p>!NNTP is an Internet application protocol used primarily for reading and posting Usenet articles, as well as transferring news among news servers.</p> <p>You can log into !this-site using your username and password of any allowed IMAP/POP3/NNTP server. Simply enter <strong>username@example.com</strong> as your username and the password of your IMAP/POP3/NNTP account.</p><p>Valid domains list: !servers</p>",
39	array('!IMAP' => l('IMAP', 'http://en.wikipedia.org/wiki/Internet_Message_Access_Protocol', array('target' => '_blank')),
40	'!POP3' => l('POP3', 'http://en.wikipedia.org/wiki/Post_Office_Protocol', array('target' => '_blank')),
41	'!NNTP' => l('NNTP', 'http://en.wikipedia.org/wiki/Network_News_Transfer_Protocol', array('target' => '_blank')),
42	'!this-site' => variable_get('site_name', 'this web site'),
43	'!servers' => $servers
44	)
45	);
46	}
47	}
48
49	/**
50	* Implementation of hook_menu().
51	*/
52	function imap_auth_menu($may_cache) {
53	$items['admin/settings/imap_auth'] = array(
54	'title' => t('IMAP auth'),
55	'description' => t('Choose IMAP/POP3/NNTP services to authenticate users.'),
56	'page callback' => 'drupal_get_form',
57	'page arguments' => array('imap_auth_admin_settings'),
58	'access arguments' => array('administer site configuration'),
59	);
60	return $items;
61	}
62
63	/**
64	* Implementation of hook_form_alter().
65	*/
66	function imap_auth_form_alter(&$form, $form_state, $form_id) {
67	if ($form_id == 'user_login_block' \|\| $form_id == 'user_login') {
68	// Splice in our validate handler for authentication if user is performing a distributed login.
69	// Remove the local authentication handler added by user.module
70	if (!empty($form_state['post']['name']) && imap_auth_is_distributed_login($form_state['post']['name'])) {
71	$key = array_search('user_login_authenticate_validate', $form['#validate']);
72	$form['#validate']['key'] = 'imap_auth_distributed_validate';
73	}
74	}
75	}
76
77	/**
78	* When login form is shown on full page, let users know that Drupal IDs are accepted.
79	*
80	* @return void
81	**/
82	function imap_auth_form_user_login_alter(&$form, $form_state) {
83	if (variable_get('imap_auth_enabled', FALSE)) {
84	$form['name']['#description'] = t('Enter your @s username, or a username and password of any IMAP/POP3/NNTP email/news account.', array('@s' => variable_get('site_name', 'Drupal')));
85	}
86	}
87
88	/**
89	* Attempt to authenticate using the presented credentials
90	*
91	* @return boolean
92	*/
93	function imap_auth($username, $password, $server) {
94
95	//IMAP extension not loaded
96	if (!function_exists('imap_open')) {
97	watchdog('php', t('IMAP extension not loaded. IMAP module couldn\'t be used to authenticate users.'), WATCHDOG_WARNING);
98	return FALSE;
99	}
100
101	//IMAP Auth not enabled
102	if (variable_get('imap_auth_enabled', 0) == 0) {
103	return FALSE;
104	}
105
106	$domains = split("/\r\n\|\n\|\r/", variable_get('imap_auth_services', array()));
107
108	$valid = FALSE;
109	foreach ($domains as $d) {
110	$domain_settings = split(",", $d, 2);
111
112	if ((trim($domain_settings[0]) == $server) or trim($domain_settings[0]) == '*') {
113	$valid = TRUE;
114
115	if (array_key_exists(1, $domain_settings)) {
116	$mailbox = trim($domain_settings[1]);
117	}
118	else {
119	$mailbox = "{" . $server . ":143}INBOX";
120	}
121	}
122	}
123	//This domain is not valid for IMAP authentication
124	if (!$valid) {
125	watchdog('user', t('Invalid IMAP service for imap_auth (%domain).', array('%domain' => $domain_settings[0])), WATCHDOG_WARNING);
126	return FALSE;
127	}
128
129	$mbox = @imap_open($mailbox, $username, $password);
130	if ($mbox) {
131	$minfo = @imap_status($mbox,$mailbox, SA_MESSAGES);
132	if ($minfo) {
133	$login = TRUE;
134	}
135	else {
136	$login = FALSE;
137	}
138	@imap_close($mbox);
139
140	} else {
141	$mbox = @imap_open($mailbox, $username . '@' . $server, $password);
142	if ($mbox) {
143	$minfo = @imap_status($mbox,$mailbox, SA_MESSAGES);
144	if ($minfo) {
145	$login = TRUE;
146	}
147	else {
148	$login = FALSE;
149	}
150	@imap_close($mbox);
151	}
152	else {
153	$login = FALSE;
154	}
155	}
156	return $login;
157	}
158
159	/**
160	* Given a username, determine if user is attempting a distributed login.
161	*
162	* @return boolean
163	**/
164	function imap_auth_is_distributed_login($name) {
165	return variable_get('imap_auth_enabled', FALSE) && (strpos($name, '@') \|\| variable_get('imap_auth_services', ''));
166	}
167
168	/**
169	* A custom validate handler on the login form. Checks supplied username/password against a remote IMAP/POP3/NNTP service.
170	*
171	* @return boolean
172	**/
173	function imap_auth_distributed_validate($form, &$form_state) {
174	global $user;
175
176	if ($user->uid) {
177	return;
178	}
179
180	$name = $form_state['values']['name'];
181	$pass = trim($form_state['values']['pass']);
182	// Strip name and server from ID:
183	if ($server = strrchr($name, '@')) {
184	$name = substr($name, 0, strlen($name) - strlen($server));
185	$server = substr($server, 1);
186	}
187
188	if (imap_auth($name, $pass, $server)) {
189	// We have a successful authentication. Login or register the user.
190	if ($server) {
191	$name .= '@'. $server;
192	}
193	user_external_login_register($name, 'imap_auth');
194	}
195	}
196
197	/**
198	*
199	*/
200	function imap_auth_admin_settings() {
201	// Check if PHP IMAP module is loaded
202	if (!_imap_auth_install_check()) {
203	return;
204	}
205	$form['imap_auth_enabled'] = array(
206	'#type' => 'radios',
207	'#title' => t("IMAP authentication"),
208	'#default_value' => variable_get('imap_auth_enabled', 0),
209	'#options' => array(t('Disabled'), t('Enabled')),
210	'#description' => t('If enabled, your Drupal site will able to authenticate users with remote IMAP/POP3/NNTP email/news accounts. Don\'t forget to set <strong>Visitors can create accounts and no administrator approval is required</strong> in !link page.',
211	array('!link' => l(t('User registration settings'), 'admin/user/settings'))),
212	);
213	$form['imap_auth_services'] = array(
214	'#type' => 'textarea',
215	'#title' => t('IMAP/POP3/NNTP Services'),
216	'#default_value' => variable_get('imap_auth_services', '*'),
217	'#description' => t('Valid servers to authenticate from. Use asterisk(*) as wildcard for any server, or restrict to some servers adding one service per row in the form <em>server_alias,string_mailbox</em>. See !readme for detailed instructions.<br />Example: <em>mycompany.com,{mail.mycompany.com:143/imap/notls}INBOX</em>',
218	array('!readme' => l('README.txt', 'http://cvs.drupal.org/viewvc.py/drupal/contributions/modules/imap_auth/README.txt?view=markup', array('target' => '_blank')))),
219	);
220
221	return system_settings_form($form);
222	}
223
224	/**
225	* Check to make sure that the IMAP functions are installed in PHP,
226	* and if not, display an error
227	*/
228	function _imap_auth_install_check() {
229	if (!function_exists('imap_open')) {
230	drupal_set_message(t('You must compile PHP with !php_imap enable the IMAP extension in !php_ini file.',
231	array('!php_imap' => l('IMAP', 'http://www.php.net/ref.imap'),
232	'!php_ini' => l('php.ini', 'http://www.php.net/configuration#configuration.file')
233	)), 'error');
234	return FALSE;
235	}
236	return TRUE;
237	}