<?php
/**
* This plugin performs an automatic login if accessed
* with post Data from other Site an Portal or CMS
* Based on sample autologon PlugIn
*
* @version 0.2
* @author Eric Appelt (lacri)
*
* show into README to install and config
*
* changes
* 0.2 make a little bit secure with base64_encode strrev
* and a key thats replace after submitting encoded pass data
*
*/
class autologin extends rcube_plugin
{
function init()
{
$this->add_hook('startup', array($this, 'startup'));
$this->add_hook('authenticate', array($this, 'authenticate'));
}
function startup($args)
{
$rcmail = rcmail::get_instance();
$autologin = get_input_value('_autologin', RCUBE_INPUT_POST);
// change action to login
if ($args['task'] == 'mail' && empty($args['action']) && empty($_SESSION['user_id']) && !empty($autologin)) {
$args['action'] = 'login';
// decode pass, revert and replace key
$_POST['_pass'] = str_replace('1800','',base64_decode(strrev(get_input_value('_pass', RCUBE_INPUT_POST, true, 'ISO-8859-1'))));
// set initial cookie without this cookie login is not possible
$_COOKIE['roundcube_sessid'] = session_id();
}
return $args;
}
function authenticate($args)
{
$autologin = get_input_value('_autologin', RCUBE_INPUT_POST);
if (!empty($autologin)) {
$args['user'] = get_input_value('_user', RCUBE_INPUT_POST);
$args['pass'] = get_input_value('_pass', RCUBE_INPUT_POST);
$args['host'] = get_input_value('_host', RCUBE_INPUT_POST);
$args['cookiecheck'] = false;
$args['valid'] = true;
}
return $args;
}
}