The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Login Script for Cpanel Webmail

Discussion in 'E-mail Discussions' started by SatuPortal.com, Nov 6, 2002.

  1. SatuPortal.com

    SatuPortal.com Registered

    Joined:
    Nov 6, 2002
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Hi....

    Anyone knows where i can find login script for Cpanel webmail that i can put on my index page on my website ? Or anybody have it ?
     
  2. Maximiliam

    Maximiliam Well-Known Member

    Joined:
    Feb 24, 2002
    Messages:
    57
    Likes Received:
    0
    Trophy Points:
    6
    just make a url to point to port 2095 that should do it..

    like http://yourdomain.com:2095/

    you can also directly link to horde or neomail.
     
  3. wooster

    wooster Member

    Joined:
    Sep 23, 2002
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Direct Link

    Is it possible to directly link to horde/imp.


    I get a pop up window asking me to enter the name and address everytime I access webmail. Is it possible to have a static page where you can enter the name and address and login into Horde/Imp

    I have tried qute a few things to no avail.

    Could anyone help help me regarding this, how to avoid a popup screen login into webmail
     
  4. Website Rob

    Website Rob Well-Known Member

    Joined:
    Mar 23, 2002
    Messages:
    1,506
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Alberta, Canada
    cPanel Access Level:
    Root Administrator
    Doesnt' work that way.

    If you think of an Apt. building with security access, many people can live there and anyone can walk in the front door. To visit someone and gain access to the main building, one must push one of those buzzer buttons and have someone buzz them in.

    Same with the Email setup. Although anyone can use the &webmail& or &port :2095& URL, that is the front door. As multiple Email accounts can be setup, the Control Panel needs to know &which& account is being accessed before access is granted.

    Although I'm not sure why, you would find this convenient, it is much easier for anyone who has an Email account to Bookmark the link themselves. And a URL of http://domian.com/webmail/ is usually easy for people to remember, if they are not using their own computer.
     
  5. dave12345

    dave12345 Registered

    Joined:
    May 28, 2002
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    try these

    This seems to work ok for me :)

    http://yourdomain.com:2095/neomail/neomail.pl
    http://yourdomain.com:2095/horde/index.php

    sorry, ignore me, just read more above :p
     
  6. wooster

    wooster Member

    Joined:
    Sep 23, 2002
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Let me clarify, the login and the access control is not the problem at all, Its just the pop up window which looks a bit out of place, my request was has anyone managed to get a login from a static page, some what like a regular page where people can enter their name and password and be directed to thier mail boxes.

    Thanks for your replies ...
     
  7. kempes

    kempes Active Member

    Joined:
    Aug 20, 2002
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    Try this.
    [quote:8f591dc14b]#put this bit between the head tags

    &script language=&javascript&&
    &!-- This version: Hostroute.com --&
    &!-- Based on FTP log in by: Reinout Verkerk --&
    &!-- Although to be fair there is not much of his code left here --&
    &!-- Web Site: http://www.hostroute.com/script_neomail.html --&

    &!-- Begin
    function Login(form) {
    var username = form.username.value;
    var password = form.password.value;
    var server = form.server.value;
    if (username && password && server) {
    var neomail = &http://& + username + &:& + password + &@& + server + &:2095/& + username + &+& + server + &/neomail.pl&;
    window.location = neomail;
    }
    else {
    alert(&Please enter your username and password.\nYour username is the bit before the @ sign in your e-mail address.&);
    }
    }
    // End --&
    &/script&

    #this is what you need to put in the body of the page.

    &form name=login&
    &table border=1 cellpadding=3&
    &tr&
    &td colspan=2 align=center&
    &h2&&b&Logon to webmail! &/b&&/h2&
    &/td&
    &/tr&
    &tr&
    &td&Username:&/td&
    &td&
    &input type=text name=username size=15 maxlength=&26&&
    @
    &input type=&text& name=&server& maxlength=&65& size=&15&&
    &/td&
    &/tr&
    &tr&
    &td&Password:&/td&
    &td&
    &input type=password name=password size=20&
    &/td&
    &/tr&
    &tr&
    &td colspan=2 align=center&
    &input type=button value=&Login!& onClick=&Login(this.form)& name=&button&&
    &/td&
    &/tr&
    &/table&
    &/form&[/quote:8f591dc14b]
     
  8. wooster

    wooster Member

    Joined:
    Sep 23, 2002
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Thanks for the help.

    Both the short cuts work...
     
  9. Website Rob

    Website Rob Well-Known Member

    Joined:
    Mar 23, 2002
    Messages:
    1,506
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Alberta, Canada
    cPanel Access Level:
    Root Administrator
    Is that the script posted at WebHostingTalk? Seems similar and the discussion over there also pointed out the [b:a25a17fd26]big security hole[/b:a25a17fd26] with those type scripts.

    As the URL, including ID & PW, are retained in Browser History, it allows the next person to also use the Web mail account. Can be fine for a home computer, but if that script is used at a public location, it leaves one &wide open& to abuse of their Email account.

    There is a very good reason why an Authentication Challenge is setup for access to certain parts of a Hosting account. To mis-use or abuse it, is something that should be mentioned to the people using it. Otherwise, the person providing the &script& can legally be held accountable for any repercussions.

    Something to think about, eh. :)
     
  10. wooster

    wooster Member

    Joined:
    Sep 23, 2002
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    PHP Help !

    This is taken from

    http://cvs.horde.org/co.php/imp/scripts/custom_login.php?login=2&r=1.5

    This is the script,

    &?php
    // $Horde: imp/scripts/custom_login.php,v 1.4 2002/04/23 04:48:38 chuck Exp $

    // CUSTOMIZE THIS
    define('IMP_BASE', '..');

    require_once IMP_BASE . '/lib/base.php';
    require_once IMP_BASE . '/config/servers.php';

    /* Set up the password encryption token. */
    Secret::setKey('imp');

    /* Use the first server defined in servers.php. */
    // CUSTOMIZE THIS

    $server_key = 'localhost';

    $server_value = $servers[$server_key]['server'];
    $protocol_value = $servers[$server_key]['protocol'];
    $port_value = $servers[$server_key]['port'];
    $folders_value = $servers[$server_key]['folders'];
    $namespace_value = $servers[$server_key]['namespace'];
    $maildomain_value = $servers[$server_key]['maildomain'];
    $realm_value = $servers[$server_key]['realm'];
    $url = '/' . $registry-&getParam('initial_page','horde');

    ?&

    &!-- CUSTOMIZE THIS --&
    &form action=&&?php echo Horde::applicationUrl('redirect.php') ?&& method=&post&&
    User: &input name=&imapuser& type=&text& size=&20& /&&br /&
    Pass: &input name=&pass& type=&password& size=&20& /&&br /&
    &input type=&hidden& name=&server& value=&&?php echo $server_value ?&& /&
    &input type=&hidden& name=&protocol& value=&&?php echo $protocol_value ?&& /&
    &input type=&hidden& name=&port& value=&&?php echo $port_value ?&& /&
    &input type=&hidden& name=&folders& value=&&?php echo $folders_value ?&& /&
    &input type=&hidden& name=&namespace& value=&&?php echo $namespace_value ?&& /&
    &input type=&hidden& name=&maildomain& value=&&?php echo $maildomain_value ?&& /&
    &input type=&hidden& name=&realm& value=&&?php echo $realm_value ?&& /&
    &input type=&hidden& name=&url& value=&&?php echo $url ?&& /&
    &input type=&submit& value=&Log in& /&
    &/form&
    **************************

    I am a total noob at getting this to work with imp, could some one please help me with what values to enter where the customization is supposed to happen, I tried about a dozen combinations till now....this is supposed to be a custom login page for IMP that I was directed to..
     
  11. wooster

    wooster Member

    Joined:
    Sep 23, 2002
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Its giving me a fatal error when I try to access the page:

    Fatal error: Failed opening required 'PEAR.php' (include_path='') in /usr/local/cpanel/base/horde/lib/Registry.php on line 4


    Could anyone help shed more light on the error
     
  12. Tim@OCZ

    Tim@OCZ Member

    Joined:
    Jan 13, 2003
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    This is a pain in the ass...horde should be able to parse the @domain.com and know which mailbox it is sort of like qmail does...I haven't read up on exim but there has to be an easier solution...I don't want my clients to have to enter htaccess info but rather just login directly to horde...

    CPANEL staff please address this issue because looking through the forum it would appear this is a great appeal in getting this worked out.
     
  13. ccrobin

    ccrobin Member

    Joined:
    Dec 23, 2003
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    I agree. While true, it should not be a big deal to have to enter info twice (and I agree, security is important), I am slowly migrating 25 hosting accounts to cPanel and almost every single user is asking "why do I have to...?". Again, not a huge deal in the grand scheme of things, but it does seem to be leaving a negative impression on the customers who have been confronted with it.

    Perhaps it could be incorporated into the users control panel (like an option for them to logon easier - but with a caveat that if they enable the feature, it will make them more vulnerable to security risks). This way it is their decision if they want to allow it to happen or not.

    I dunno, just a thought. Overall though, I must say I am very impressed with the options and configuration possibilities of cPanel. It is a big step up from what I was using.
     
  14. Planet_Master

    Planet_Master Well-Known Member

    Joined:
    Apr 18, 2002
    Messages:
    233
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    New Yorker
    Heres what I use:

    Firstly, put this between the HEAD tags of your page

    PHP:
    <script LANGUAGE="JavaScript"

    <!-- 
    Begin 
    function Login(form) { 
    var 
    username form.username.value
    var 
    password form.password.value
    var 
    server form.server.value
    letters "abcdefghijklmnopqrstuvwxyz/.1234567890~_:"
       
      
    encrypt = new Array( 
      
    "%61","%62","%63","%64","%65","%66"
      
    "%67","%68","%69","%6a","%6b","%6c"
      
    "%6d","%6e","%6f","%70","%71","%72"
      
    "%73","%74","%75","%76","%77","%78"
      
    "%79","%7a","/","." 
      
    ,"%31","%32","%33","%34","%35","%36","%37","%38"
      
    "%39","%30","~","_","!",":"); 
    var 
    input password
      
    encpass ""
      for(var 
    count 0count input.lengthcount++) { 
        
    daChar input.charAt(count); 
        for (
    0letters.lengthi++) { 
          if (
    daChar == letters.charAt(i)) { 
            
    encpass += encrypt[i]; 
            break; 
          } 
        } 
      } 
    if (
    username == "" && password == "") { 
    alert("Enter your Username and Password!"); 
    login.username.focus(); 
    return 
    false;   

    if (
    username == "") { 
    alert("Enter your Username!"); 
    login.username.focus(); 
    return 
    false;   

    if (
    password == "") { 
    alert("Enter your Password!"); 
    login.password.focus(); 
    return 
    false;   

    else { 
    var 
    htsite "http://" username ":" encpass "@" server
    window.location.href htsite
       } 

    //  End --> 
    </script>
    Next, the actual login form code:

    PHP:
    <form name="login"

    Username: <input type=text name="username" value="E-mail Address" size=20><br
    Password: <input type=password name="password" value="Password" size=20><br

    <
    input type="hidden" name="server" value="http://www.domain.com:2095/"
    <
    input type=button value="Login" onClick="Login(this.form)" name="button"

    </
    form
    That's it

    This is a form that should work for Neomail as that works on port 2095.

    Naturally the domain.com in form name needs changing to your domain

    MODIFY:

    I made a few modifications to suit my purpose, but it seems to be working. If anyone else thinks of using this script a couple of observations:

    1) Use the following url in the form: yourdomain.com/webmail this will redirect to the :2095 port so the username and encoded password will not be visible in the url. The problem with having it visible in the path is you can look through your browser history and simply click the link containing both the username & password !!!! That is a BIG security issue especially if your user was to login from a public machine

    2) In my application i only wanted users to enter their username not the complete email address username@domain.com, i updated the script to read:

    PHP:
    var htsite "http://" username "+domain.com:" encpass "@" server;
    By using the above the user only needs to enter username not username@domain.com

    Using this and the script above you can enable the server to automatically setup an email account.

    AND SQUIRRELMAIL:

    Found this at the Squirrelmail site:

    How to embed a SquirrelMail login within your web page.

    It is easy to put username and password input fields in any web page and let the user log into their SquirrelMail without going to the default SquirrelMail login page. Here is a sample of the required HTML code (obviously, you need to add your own layout code):

    In head section add:

    PHP:
    <script language="JavaScript" type="text/javascript">
    <!--
    function 
    squirrelmail_loginpage_onload() {
    document.forms[0].js_autodetect_results.value '1';
    }
    // -->
    </script>
    And the input box:

    PHP:
    <form method="post" action="http://your.host.com/mail/src/redirect.php">

    <
    input type="hidden" name="js_autodetect_results" value="0">

    User: <input type="text" name="login_username" size="10">

    Password: <input type="password" name="secretkey" size="10">

    <
    input type="submit" value="Login">

    </
    form>

    Good luck with it, please post your results.
     
  15. splashscreen

    splashscreen Member

    Joined:
    Apr 15, 2002
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Thanks for posting this... but I'm lost as to what exactly to put in the form action URL:

    PHP:
    <form method="post" action="http://your.host.com/mail/src/redirect.php">
    Where is this located?
     
Loading...

Share This Page