Hello, and congratulations on RC. It really is great, especially for a guy coming from squirrel mail.
I have clients that prefer that their employees not be able to log in via webmail (or any other protocol outside of the local network), but do need to allow certain individuals to login while on trips, etc.
To accomplish this I have modified the rcube_users class to check a table called "allowed_users", which, as you might suspect, contains a list of users that are allowed to log in. I also added an entry in the /config/main.inc.php file to turn this feature on and off.
My nasty hack has no place in the repository, but I was wondering if this might be something worth adding to the core project, or if you think it's best left alone or maybe implemented as an add-on.
Thanks so much,
Jason Quick
PS..Here's my code:
In rcube_user.php
function check_allowed($User) {
$sql_result = $this->db->query("SELECT `id` FROM `allowed_users` WHERE `username` = '$User'");
$n_results = $this->db->num_rows($sql_result);
if ($n_results == 1) {
return true;
} else {
return false;
}
}
my addition to the login method in rcmail.php
//check if we need to check against allowed users
if ($config['restrict_users']) {
//We do need to check them against the db
$allowed_user = rcube_user::check_allowed($username);
if (!$allowed_user) {
return false;
}
}