login for joomla

[johncarlson21]

I know that there is a joomla component for roundcube already but as of now it doesn't allow you to login to joomla with a username and then set the session for roundcube.. does anyone know how this could be accomplished..?

basically could a function be written to include into the joomla login so that when the user logs in it registers the user session variables for rc and logs them in..?

[.Diver]

check this out:


http://extensions.joomla.org/component/option,com_mtree/task,viewlink/link_id,2428/Itemid,35/

[tpintsch]

no no no no no no no

sheesh, it often seems as though as soon as anyone types joomla and roundcube in the same post the first reflex is to post that link... Because its obviously not something we might have considered trying. If you read the content of the first post, you would read that the person is saying... "I have used the component (There has been only one release of it, and a patch) and it is a good component that works well out of the box, but can you help me with this issue?" All the component actually does is streamline roundcube into a joomla sites php.

The auth-schemes however remain separate. For those of us who actually use both great softwares I can tell you this has been a source of great frustration. The developers of this component mean well, however they point out, rightly, that joomla stores its passwords as md5. Therefore, roundcube cannot use those passwords and so has to maintain its auth-process seperately. So the real question is... is there a way to get roundcube to play nice with joomla anyways and use the same username and password, applying them to known defaults for domains, ports etc? Then, to further have it dynamically follow joomlas keepalive rules for login timing?

Thanks,

tim.

[bpat1434]

I don't use Joomla, so I can't say this will work, but wouldn't including the login functions from Joomla on RC login work? I mean, let Joomla do the Joomla thing (without the redirect) and let Roundcube do its thing.

Otherwise, you could write a wrapper to log you. You'd have to write your own mirrored functions to connect to the Joomla DB, query the table, and do the login process.

[dloendorf]

No, this will not work as Joomla keeps passwords with MD5 encryption, which is one way. RC requires the original cleartext password for use in logging into the imap server.

What I have done is to grab the users password when they log in to Joomla and encrypt it with the encryption routine used in RC. I store this as a second encrypted password in the joomla user table. Then in wrapper.php I grab the username and the encrypted password, place them in some $_SESSION variables which are passed over to RC. The first thing I do in RC, before anything else, is to grab the $_SESSION variables for use by RC. I replaced the "show login screen" with an automatic login into RC. Usinf the decrypt function in RC, I pass the decrypted password into the imap login function. So, when the user clicks on a WebMail menu item I have setup in Joomla, the next thing they see is there inbox in RC. I have also included the password patch listed in these forums so the user can modify their imap password using the CPanel 11 functions.

All of this works great in IE7, however in both FireFox and Safari the $_SESSION variables are not making it into RC. I am looking into why this is happening.

David

[dloendorf]

As mentioned earlier in this thread, the Joomla/RoundCube component is not really an integration of Joomla with RoundCube. The approach I have taken is to use the wrapper functionality of Joomla to integrae RoundCube. Then. in the wrapper.php routine, I append the userID to the RC url. When RoundCube starts, I grab the userID and use it to log the user into the associated IMAP server. This requires keeping an encrypted password that can be decrypted for use in logging into the IMAP server. I use the RoundCube encrypt and decrypt functions for this. This approach requires a new attribute (column) be added to the Joomla user table as described in the following code. Also, you must add the users email account to IMAP using your isp's interface, such as CPanel.

Code: [Select]

#
# Support integration with Joomla
#
# You will need to integrate RC into Joomla using the wrapper content functionality.
# The following mods will add an attribute (column) to the Joomla User table to hold the RC password.
# This is required since Joomla encrypts using a one-way encryption and RC needs to have a decrypted
# password to pass to the IMAP login if we are doing automatic logins using the Joomla userID. The first
# time a user logs in to their IMAP account, the password is encrypted and stored in the Joomla user table.
# On subsequent logins, the encrypted IMAP password is read from the Joomla User table, decrypted and
# used to login to the IMAP server. If the userid/password pair do not match in the IMAP server, a RC login
# page will be shown.
#
# -------------------------------------------------------------------------------------------------------------
#
# In file index.php
# Insert after Line 92
$josuid = $_GET['uid']; //Set in Joomla wrapper.php

# Insert after Line 150

if(isset($_POST['_pass'])){
$pass = get_input_value('_pass', RCUBE_INPUT_POST, true, 'ISO-8859-1');
if($pass != ''){
$lfaencrypt = encrypt_passwd($pass);
$query = "UPDATE jos_users SET rcpassword = " . $DB->Quote($lfaencrypt) . " WHERE id = " . (int) $_SESSION['JOSUID'];
$DB->query($query);
}
}

# Replace lines that read: $OUTPUT->task = 'login';
#              $OUTPUT->send('login'); (about Line 233,234 old - 239,240 new)
# with:

  $result = $DB->query("SELECT username,rcpassword FROM jos_users WHERE id=?",$josuid);
  $userid = '';
  $dpassword = '';
  if($DB->num_rows()==1){
$row = $DB->fetch_array( $result );
 $username = $row[0];
 $epassword = $row[1];
 $dpassword = decrypt_passwd($epassword);
  }
  //If $DB->num_rows() != 1 then normal login screen will be displayed.
  $_SESSION['JOSUID'] = $josuid;

 $host = rcmail_autoselect_host();
 // check if client supports cookies
 if (empty($_COOKIE))
 {
  $OUTPUT->show_message("cookiesdisabled", 'warning');
 }
 else if (rcmail_login($username, $dpassword, $host))
 {
  // create new session ID
  unset($_SESSION['temp']);
  sess_regenerate_id();

  // send auth cookie if necessary
  rcmail_authenticate_session();

  // send redirect
  header("Location: $COMM_PATH");

# -------------------------------------------------------------------------------------------------------------
#
# In file joomla/components/com_wrapper/wrapper.php
# Insert after Line 17
session_start();

# Replace line that reads: global $database, $Itemid, $mainframe (about line 25)
# with

global $database, $Itemid, $mainframe, $my;
# Insert after line that reads: $url = $params->def( 'url', '' ); the following (about line 49)
if(strstr($url, 'roundcube'))
$url .= '?uid=' . $my->id;

# -------------------------------------------------------------------------------------------------------------
#
# Database Additions for Joomla integration. Run in the joomla database. Change jos_users to whatever your joomla users table is called
#
# Run in PhpMyAdmin:
#
 ALTER TABLE `jos_users` ADD `rcpassword` VARCHAR(100);

David

[palladian]

David,

Thanks for the trick.

I gave it a try. Twice actually, just in case I had done anything wrong.


I keep getting the following in the wrapper:

Parse error: syntax error, unexpected T_ELSE in /home/.nipto/palladian/otelho.com/roundcube/index.php on line 190

My roundcube/index.php file is attached.

Would it be possible to post the modified files along with the joomla and roundcube version numbers ?

[smad]

Hi,

I trying your trick to connect Joomla with Roundcube with only one login

But it doesn't seems to work.
I think The problem I have is link with the DB.
I m not a PHP expert, but still, have to try :-)

You have a line who update the Joomla database with rcpassword.

Code: [Select]


 $query = "UPDATE jos_users SET rcpassword = " . $DB->Quote($lfaencrypt) . " WHERE id = " . (int) $_SESSION['JOSUID'];

But how to you connect to the Joomla database?

Is in your case, joomla and roundcube connect in the same sql server ? with the same User ?

You could please, give some more details.
Thanks  :-)