/**
* Perfom login to the IMAP server and to the webmail service.
* This will also create a new user entry if auto_create_user is configured.
*
* @param string IMAP user name
* @param string IMAP password
* @param string IMAP host
* @return boolean True on success, False on failure
*/
function login($username, $pass, $host = NULL)
{
$user = NULL;
$config = $this->config->all();
if (!$host) {
$host = $config['default_host'];
}
// Validate that selected host is in the list of configured hosts
if (is_array($config['default_host'])) {
$allowed = false;
foreach ($config['default_host'] as $key => $host_allowed) {
if (!is_numeric($key)) {
$host_allowed = $key;
}
if ($host == $host_allowed) {
$allowed = true;
break;
}
}
if (!$allowed) {
return false;
}
} else {
if (!empty($config['default_host']) && $host != rcube_parse_host($config['default_host'])) {
return false;
}
}
// parse $host URL
$a_host = parse_url($host);
if ($a_host['host']) {
$host = $a_host['host'];
$imap_ssl = isset($a_host['scheme']) && in_array($a_host['scheme'], array('ssl', 'imaps', 'tls')) ? $a_host['scheme'] : null;
if (!empty($a_host['port'])) {
$imap_port = $a_host['port'];
} else {
if ($imap_ssl && $imap_ssl != 'tls' && (!$config['default_port'] || $config['default_port'] == 143)) {
$imap_port = 993;
}
}
}
$imap_port = $imap_port ? $imap_port : $config['default_port'];
/* Modify username with domain if required
Inspired by Marco <P0L0_notspam_binware.org>
*/
// Check if we need to add domain
if (!empty($config['username_domain']) && strpos($username, '@') === false) {
if (is_array($config['username_domain']) && isset($config['username_domain'][$host])) {
$username .= '@' . rcube_parse_host($config['username_domain'][$host], $host);
} else {
if (is_string($config['username_domain'])) {
$username .= '@' . rcube_parse_host($config['username_domain'], $host);
}
}
}
// Convert username to lowercase. If IMAP backend
// is case-insensitive we need to store always the same username (#1487113)
if ($config['login_lc']) {
$username = mb_strtolower($username);
}
// try to resolve email address from virtuser table
if (strpos($username, '@') && ($virtuser = rcube_user::email2user($username))) {
$username = $virtuser;
}
// Here we need IDNA ASCII
// Only rcube_contacts class is using domain names in Unicode
$host = rcube_idn_to_ascii($host);
if (strpos($username, '@')) {
// lowercase domain name
list($local, $domain) = explode('@', $username);
$username = $local . '@' . mb_strtolower($domain);
$username = rcube_idn_to_ascii($username);
}
// user already registered -> overwrite username
if ($user = rcube_user::query($username, $host)) {
$username = $user->data['username'];
}
if (!$this->imap) {
$this->imap_init();
}
// try IMAP login
if (!($imap_login = $this->imap->connect($host, $username, $pass, $imap_port, $imap_ssl))) {
// try with lowercase
$username_lc = mb_strtolower($username);
if ($username_lc != $username) {
// try to find user record again -> overwrite username
if (!$user && ($user = rcube_user::query($username_lc, $host))) {
$username_lc = $user->data['username'];
}
if ($imap_login = $this->imap->connect($host, $username_lc, $pass, $imap_port, $imap_ssl)) {
$username = $username_lc;
}
}
}
// exit if IMAP login failed
if (!$imap_login) {
return false;
}
$this->set_imap_prop();
// user already registered -> update user's record
if (is_object($user)) {
// create default folders on first login
if (!$user->data['last_login'] && $config['create_default_folders']) {
$this->imap->create_default_folders();
}
$user->touch();
} else {
if ($config['auto_create_user']) {
if ($created = rcube_user::create($username, $host)) {
$user = $created;
// create default folders on first login
if ($config['create_default_folders']) {
$this->imap->create_default_folders();
}
} else {
raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Failed to create a user record. Maybe aborted by a plugin?"), true, false);
}
} else {
raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Acces denied for new user {$username}. 'auto_create_user' is disabled"), true, false);
}
}
// login succeeded
if (is_object($user) && $user->ID) {
$this->set_user($user);
// set session vars
$_SESSION['user_id'] = $user->ID;
$_SESSION['username'] = $user->data['username'];
$_SESSION['imap_host'] = $host;
$_SESSION['imap_port'] = $imap_port;
$_SESSION['imap_ssl'] = $imap_ssl;
$_SESSION['password'] = $this->encrypt($pass);
$_SESSION['login_time'] = mktime();
if (isset($_REQUEST['_timezone']) && $_REQUEST['_timezone'] != '_default_') {
$_SESSION['timezone'] = floatval($_REQUEST['_timezone']);
}
// force reloading complete list of subscribed mailboxes
$this->imap->clear_cache('mailboxes');
return true;
}
return false;
}