587 Solution Overview n imap_open() n imap_close() n imap_headers() n imap_header() n imap_fetchheader() n imap_body() n imap_delete() n imap_expunge() For a user to read his mail, we will need to get his server and account details. Rather than getting these details from the user every time, we’ll set up a username and password database for a user so that we can store his details. Often people have more than one email account (one for home and another for work, for example), and we should allow them to connect to any of their accounts.We should therefore allow them to have multiple sets of account information in the data- base. We should enable users to read, reply to, forward, and delete existing emails, as well as send new ones.We can do all the reading parts using IMAP or POP3, and all the send- ing parts using SMTP with mail(). Let’s look at how we’ll put it all together. Solution Overview The general flow through this Web-based system won’t be much different from other email clients. A diagram showing the system flow and modules is shown in Figure 27.1. Login View mailbox Select Account Set up account Logout New mail View message Forward Reply all Reply Show/hide headers Delete Figure 27.1 The interface for Warm Mail gives the user mailbox-level functionality and message-level functionality. 33 525x ch27 1/24/03 2:56 PM Page 587 588 Chapter 27 Building a Web-Based Email Service As you can see, we will first require a user to log in, and then give him a choice of options. He will be able to set up a new mail account or select one of his existing accounts for use. He will also be able to view his incoming mail—responding to, for- warding, or deleting it—and send new mail. We will also give him the option of viewing detailed headers for a particular message. Viewing the complete headers can tell you a lot about a message.You can see which machine the mail came from—a useful tool for tracking down spam.You can see which machine forwarded it and at what time it reached each host—useful for assigning blame for delayed messages.You might also be able to see which email client the sender used if the application adds optional information to the headers. We have used a slightly different application architecture for this project. Instead of having a set of scripts, one for each module, we have a slightly longer script, index.php, that works like the event loop of a GUI-driven program. Each action we take on the site by pressing a button will bring us back to index.php,but with a different parameter. Depending on the parameter, different functions will be called to show the appropriate output to the user.The functions are in function libraries, as usual. This architecture is suitable for small applications such as this. It suits applications that are very event driven, where user actions trigger functionality. Using a single event han- dler is not very suitable for larger architectures or projects being worked on by a team. A summary of the files in the Warm Mail project is shown in Table 27.1. Tab le 27.1 Files in the Warm Mail Application Name Type Description index.php Application The main script that runs the entire application include_fns.php Functions Collection of include files for this application data_valid_fns.php Functions Collection of functions for validating input data db_fns.php Functions Collection of functions for connecting to the mail database mail_fns.php Functions Collection of email-related functions for opening mailboxes, reading mail, and so on output_fns.php Functions Collection of functions for outputting HTML user_auth_fns.php Functions Collection of functions for authenticating users create_database.sql SQL SQL to set up the book_sc database and set up a user Let’s go ahead and look at the application. Setting Up the Database The database for Warm Mail is fairly simple because we aren’t actually going to store any of the emails in it. 33 525x ch27 1/24/03 2:56 PM Page 588 589 Setting Up the Database We will need to store users of the system. For each user, we will need to store the following fields: n username—Their preferred username for Warm Mail n password—Their preferred password for Warm Mail n address—Their preferred email address, which will appear in the From field of emails they send from the system n displayname—The “human-readable” name that they would like displayed in emails from them to others. We will also need to store each account that users would like to check with the system. For each account, we will need to store the following information: n username—The Warm Mail user who this account belongs to. n server—The machine on which the account resides, for example, localhost or mail.tangledweb.com.au. n port—The port to connect to when using this account. Usually this will be 110 for POP3 servers and 143 for IMAP servers. n type—The protocol used to connect to this server, either 'POP3' or 'IMAP'. n remoteuser—The username for connecting to the mail server. n remotepassword—The password for connecting to the mail server. n accountid—A unique key for identifying accounts. You can set up the database for this application by running the SQL shown in Listing 27.1. Listing 27.1 create_database.sql—SQL to Create the Mail Database create database mail; use mail; create table users ( username char(16) not null primary key, password char(16) not null, address char(100) not null, displayname char(100) not null ); create table accounts ( username char(16) not null, server char(100) not null, 33 525x ch27 1/24/03 2:56 PM Page 589 590 Chapter 27 Building a Web-Based Email Service port int not null, type char(4) not null, remoteuser char(50) not null, remotepassword char(50) not null, accountid int unsigned not null auto_increment primary key ); grant select, insert, update, delete on mail.* to mail@localhost identified by 'password'; Remember that you can execute this SQL by typing mysql -u root -p < create_database.sql You will need to supply your root password.You should change the password for the mail user in create_database.sql and in db_fns.php before running it. On the CD-ROM, we have also provided an SQL file called populate.sql.In this application, we are not going to create a user registration or administration process.You can add one yourself if you want to use this software on a larger scale, but if you want it for personal use, you will just need to insert yourself into the database.The populate.sql script provides a proforma for doing this, so insert your details into it and run it to set yourself up as a user. Script Architecture As we mentioned before, this application uses one script to control everything.This script is called index.php. It is shown in Listing 27.2.This script is quite long, but we will go through it section by section. Listing 27.2 index.php—The Backbone of the Warm Mail System <?php // This file is the main body of the Warm Mail application. // It works basically as a state machine and shows users the // output for the action they have chosen. //***************************************************************************** // Stage 1: pre-processing // Do any required processing before page header is sent // and decide what details to show on page headers //***************************************************************************** include ('include_fns.php'); session_start(); Listing 27.1 Continued 33 525x ch27 1/24/03 2:56 PM Page 590 591 Script Architecture //create short variable names $username = $HTTP_POST_VARS['username']; $passwd = $HTTP_POST_VARS['passwd']; if(isset($HTTP_POST_VARS['action'])) $action = $HTTP_POST_VARS['action']; else $action = $HTTP_GET_VARS['action']; if(isset($HTTP_POST_VARS['account'])) $account = $HTTP_POST_VARS['account']; else $account = $HTTP_GET_VARS['account']; $messageid = $HTTP_GET_VARS['messageid']; $to = $HTTP_POST_VARS['to']; $cc = $HTTP_POST_VARS['cc']; $subject = $HTTP_POST_VARS['subject']; $message = $HTTP_POST_VARS['message']; $buttons = array(); //append to this string if anything processed before header has output $status = ''; // need to process log in or out requests before anything else if($username||$password) { if(login($username, $passwd)) { $status .= '<p>Logged in successfully.</p><br /><br /><br /><br /> <br /><br />'; $HTTP_SESSION_VARS['auth_user'] = $username; if(number_of_accounts($HTTP_SESSION_VARS['auth_user'])==1) { $accounts = get_account_list($HTTP_SESSION_VARS['auth_user']); $HTTP_SESSION_VARS['selected_account'] = $accounts[0]; } } else { $status .= '<p>Sorry, we could not log you in with that username and password.</p><br /><br /><br /><br /> <br /><br />'; } } Listing 27.2 Continued 33 525x ch27 1/24/03 2:56 PM Page 591 . for Warm Mail gives the user mailbox-level functionality and message-level functionality. 33 525x ch27 1/24/03 2:56 PM Page 587 588 Chapter 27 Building a Web- Based Email Service As you can see,. by typing mysql -u root -p < create_database.sql You will need to supply your root password.You should change the password for the mail user in create_database.sql and in db_fns .php before. data db_fns .php Functions Collection of functions for connecting to the mail database mail_fns .php Functions Collection of email-related functions for opening mailboxes, reading mail, and so on output_fns.php