store_account_settings($auth_user, $HTTP_POST_VARS); break; } case ‘select-account’ : { // if have chosen a valid account, store it as a session variable if($account&&account_exists($auth_user, $account)) { $selected_account = $account; session_register(‘selected_account’); } } } // set the buttons that will be on the tool bar $buttons[0] = ‘view-mailbox’; $buttons[1] = ‘new-message’; $buttons[2] = ‘account-setup’; //only offer a log out button if logged in if(check_auth_user()) { $buttons[4] = ‘log-out’; } //***************************************************************************** // Stage 2: headers // Send the HTML headers and menu bar appropriate to current action //***************************************************************************** if($action) { // display header with application name and description of page or action do_html_header($auth_user, “Warm Mail - “. format_action($action), $selected_account); } else { // display header with just application name do_html_header($auth_user, “Warm Mail”, $selected_account); } display_toolbar($buttons); //***************************************************************************** // Stage 3: body // Depending on action, show appropriate main body content //***************************************************************************** Building a Web-Based Email Service C HAPTER 27 27 BUILDING A WEB-BASED EMAIL SERVICE 625 LISTING 27.2 Continued 33 7842 CH27 3/6/01 3:41 PM Page 625 //display any text generated by functions called before header echo $status; if(!check_auth_user()) { echo “<P>You need to log in”; if($action&&$action!=’log-out’) echo “ to go to “.format_action($action); echo “.<br><br>”; display_login_form($action); } else { switch ( $action ) { // if we have chosen to setup a new account, or have just added or // deleted an account, show account setup page case ‘store-settings’ : case ‘account-setup’ : case ‘delete-account’ : { display_account_setup($auth_user); break; } case ‘send-message’ : { if(send_message($to, $cc, $subject, $message)) echo “<p>Message sent.<br><br><br><br><br><br>”; else echo “<p>Could not send message.<br><br><br><br><br><br>”; break; } case ‘delete’ : { delete_message($auth_user, $selected_account, $messageid); //note deliberately no ‘break’ - we will continue to the next case } case ‘select-account’ : case ‘view-mailbox’ : { // if mailbox just chosen, or view mailbox chosen, show mailbox display_list($auth_user, $selected_account); break; } case ‘show-headers’ : case ‘hide-headers’ : Building Practical PHP and MySQL Projects P ART V 626 LISTING 27.2 Continued 33 7842 CH27 3/6/01 3:41 PM Page 626 case ‘view-message’ : { // if we have just picked a message from the list, or were looking at // a message and chose to hide or view headers, load a message $fullheaders = ($action==’show-headers’); display_message($auth_user, $selected_account, $messageid, $fullheaders) ; break; } case ‘reply-all’ : { //set cc as old cc line if(!$imap) $imap = open_mailbox($auth_user, $selected_account); if($imap) { $header = imap_header($imap, $messageid); if($header->reply_toaddress) $to = $header->reply_toaddress; else $to = $header->fromaddress; $cc = $header->ccaddress; $subject = ‘Re: ‘.$header->subject; $body = add_quoting(stripslashes(imap_body($imap, $messageid))); imap_close($imap); display_new_message_form($auth_user, $to, $cc, $subject, $body); } break; } case ‘reply’ : { //set to address as reply-to or from of the current message if(!$imap) $imap = open_mailbox($auth_user, $selected_account); if($imap) { $header = imap_header($imap, $messageid); if($header->reply_toaddress) $to = $header->reply_toaddress; else $to = $header->fromaddress; $subject = ‘Re: ‘.$header->subject; $body = add_quoting(stripslashes(imap_body($imap, $messageid))); imap_close($imap); Building a Web-Based Email Service C HAPTER 27 27 BUILDING A WEB-BASED EMAIL SERVICE 627 LISTING 27.2 Continued 33 7842 CH27 3/6/01 3:41 PM Page 627 display_new_message_form($auth_user, $to, $cc, $subject, $body); } break; } case ‘forward’ : { //set message as quoted body of current message if(!$imap) $imap = open_mailbox($auth_user, $selected_account); if($imap) { $header = imap_header($imap, $messageid); $body = add_quoting(stripslashes(imap_body($imap, $messageid))); $subject = ‘Fwd: ‘.$header->subject; imap_close($imap); display_new_message_form($auth_user, $to, $cc, $subject, $body); } break; } case ‘new-message’ : { display_new_message_form($auth_user, $to, $cc, $subject, $body); break; } } } //***************************************************************************** // Stage 4: footer do_html_footer(); //***************************************************************************** ?> This script uses an event handling approach. It contains the knowledge or logic about which function needs to be called for each event. The events in this case are triggered by the user clicking the various buttons in the site, each of which selects an action. Most buttons are pro- duced by the display_button() function, but the display_form_button() function is used if it’s a submit button. These functions are both in output_fns.php. These all jump to URLs of the form index.php?action=log-out The value of the $action variable when index.php is called determines which event handler to activate. Building Practical PHP and MySQL Projects P ART V 628 LISTING 27.2 Continued 33 7842 CH27 3/6/01 3:41 PM Page 628 The four main sections to the script are as follows: 1. We do some processing that must take place before we send the page header to the browser, such as starting the session, executing any preprocessing for the action the user has selected, and deciding what the headers will look like. 2. We process and send the appropriate headers and menu bar for the action the user has selected. 3. We choose which body of the script to execute, depending on the selected action. The different actions trigger different function calls. 4. We send the page footers. If you look briefly through the code for the script, you will see that these four sections are marked with comments. To understand this script fully, let’s walk through actually using the site action by action. Logging In and Out When a user loads the page index.php, he will see the output shown in Figure 27.2. Building a Web-Based Email Service C HAPTER 27 27 BUILDING A WEB-BASED EMAIL SERVICE 629 F IGURE 27.2 The login screen for Warm Mail asks for your username and password. 33 7842 CH27 3/6/01 3:41 PM Page 629 This is the default behavior for the application. With no $action chosen yet, and no login details supplied, we will execute the following parts of the code. In the preprocessing stage, we execute the following code: include (‘include_fns.php’); session_start(); These lines start the session that will be used to keep track of the $auth_user and $selected_account session variables, which we’ll come to later on. To save work when customizing the user interface, the buttons that appear on the toolbar are controlled by an array. We declare an empty array, $buttons = array(); and set the buttons that we want on the page: $buttons[0] = ‘view-mailbox’; $buttons[1] = ‘new-message’; $buttons[2] = ‘account-setup’; For the header stage, we print a plain vanilla header: do_html_header($auth_user, “Warm Mail”, $selected_account); display_toolbar($buttons); This code prints the title and header bar, and then the toolbar of buttons you can see in Figure 27.2. These functions can be found in the output_fns.php function library, but as you can eas- ily see their effect in the figure, we won’t go through them here. Now we come to the body of the code: if(!check_auth_user()) { echo “<P>You need to log in”; if($action&&$action!=’log-out’) echo “ to go to “.format_action($action); echo “.<br><br>”; display_login_form($action); } The check_auth_user() function is from the user_auth_fns.php library. We have used very similar code in some of the previous projects—it checks if the user is logged in. If he is not, which is the case here, we will show him a login form, which you can see in Figure 27.2. We draw this form in the display_login_form() function from output_fns.php. If the user fills in the form correctly and presses the Log In button, he will see the output shown in Figure 27.3. Building Practical PHP and MySQL Projects P ART V 630 33 7842 CH27 3/6/01 3:41 PM Page 630 FIGURE 27.3 After successful login, the user can begin using the application. On this execution of the script, we will activate different sections of code. The login form has two fields, $username and $password. If these have been filled in, the following segment of preprocessing code will be activated: if($username||$password) { if(login($username, $passwd)) { $status .= “<p>Logged in successfully.<br><br><br><br><br><br>”; $auth_user = $username; session_register(“auth_user”); } else { $status .= “<p>Sorry, we could not log you in with that username and password.<br><br><br><br><br><br>”; } } As you can see, the code calls the login() function, which is similar to the one used in Chapters 24 and 25. If all goes well, we register the username in the session variable $auth_user. Building a Web-Based Email Service C HAPTER 27 27 BUILDING A WEB-BASED EMAIL SERVICE 631 33 7842 CH27 3/6/01 3:41 PM Page 631 In addition to setting up the buttons we saw while not logged in, we add another button to allow the user to log out again, as follows: if(check_auth_user()) { $buttons[4] = ‘log-out’; } You can see this Log Out button in Figure 27.3. In the header stage, we again display the header and the buttons. In the body, we display the status message we set up earlier: echo $status; After that, it’s just a case of printing the footer and waiting to see what the user will do next. Setting Up Accounts When a user first starts using the Warm Mail system, he will need to set up some email accounts. If the user clicks on the Account Setup button, this will set the $action variable to account-setup and recall the index.php script. The user will then see the output shown in Figure 27.4. Building Practical PHP and MySQL Projects P ART V 632 FIGURE 27.4 A user needs to set up his email account details before he can read his email. 33 7842 CH27 3/6/01 3:41 PM Page 632 Look back at the script in Listing 27.2. This time around because of the value of $action,we get different behavior. We get a slightly different header, as follows: do_html_header($auth_user, “Warm Mail - “. format_action($action), $selected_account); More importantly, we get a different body, as follows: case ‘store-settings’ : case ‘account-setup’ : case ‘delete-account’ : { display_account_setup($auth_user); break; } This is the typical pattern: Each command calls a function. In this case, we call the display_account_setup() function. The code for this function is shown in Listing 27.3. LISTING 27.3 display_account_setup() Function from output_fns.php—Function to Get and Display Account Details function display_account_setup($auth_user) { //display empty ‘new account’ form display_account_form($auth_user); $list = get_accounts($auth_user); // display each stored account foreach($list as $key => $account) { // display form for each accounts details. // note that we are going to send the password for all accounts in the HTML // this is not really a very good idea display_account_form($auth_user, $account[‘accountid’], $account[‘server’], $account[‘remoteuser’], $account[‘remotepassword’], $account[‘type’], $account[‘port’]); } } When we call this function, it displays a blank form to add a new account, followed by editable forms containing each of the user’s current email accounts. The display_account_form() Building a Web-Based Email Service C HAPTER 27 27 BUILDING A WEB-BASED EMAIL SERVICE 633 33 7842 CH27 3/6/01 3:41 PM Page 633 function will display the form that we can see in Figure 27.4. You can see that we use it in two different ways here: We use it with no parameters to display an empty form, and we use it with a full set of parameters to display an existing record. This function is in the output_fns.php library; it simply outputs HTML so we will not go through it here. The function that retrieves any existing accounts is get_accounts(), from the mail_fns.php library. This function is shown in Listing 27.4. LISTING 27.4 get_accounts() Function from mail_fns.php—Function to Retrieve All the Account Details for a Particular User function get_accounts($auth_user) { $list = array(); if(db_connect()) { $query = “select * from accounts where username = ‘$auth_user’”; $result = mysql_query($query); if($result) { while($settings = mysql_fetch_array($result)) array_push( $list, $settings); } else return false; } return $list; } As you can see, this function connects to the database, retrieves all the accounts for a particular user, and returns them as an array. Creating a New Account If a user fills out the account form and clicks the Save Changes button, the store-settings action will be activated. Let’s look at the event handling code for this from index.php. In the preprocessing stage, we execute the following code: case ‘store-settings’ : { store_account_settings($auth_user, $HTTP_POST_VARS); break; } The store_account_settings() function writes the new account details into the database. The code for this function is shown in Listing 27.5. Building Practical PHP and MySQL Projects P ART V 634 33 7842 CH27 3/6/01 3:41 PM Page 634 . to account-setup and recall the index .php script. The user will then see the output shown in Figure 27.4. Building Practical PHP and MySQL Projects P ART V 632 FIGURE 27.4 A user needs to set up his. the form index .php? action=log-out The value of the $action variable when index .php is called determines which event handler to activate. Building Practical PHP and MySQL Projects P ART V 628 LISTING. function from output_fns .php. If the user fills in the form correctly and presses the Log In button, he will see the output shown in Figure 27.3. Building Practical PHP and MySQL Projects P ART V 630 33