Fairly new at at php but here is what I've done by using your example in a custom login page which I've called index.php
----
?php
function zimbraLogin($username, $password, $client)
{
// Bring the zimbra server value into this function:
global $zimbra_server; // In the format:
https://yourdomain.com/
if($client == "")
$client = "preferred";
// Attempt login to zimbra server:
$ch = curl_init();
$crap = fopen ("/dev/null", "w"); // We don't want to log curl's stderr output - contains passwords...
curl_setopt($ch, CURLOPT_URL, $zimbra_server);
curl_setopt($ch, CURLOPT_VERBOSE, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // Stop Curl from validating SSL cert - needed for self-signed...
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_FAILONERROR, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0); // Allow redirects
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // Return into a variable
curl_setopt($ch, CURLOPT_TIMEOUT, 0); // Time out setting
curl_setopt($ch, CURLOPT_HEADER, 1); // Return the headers along with the output...
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_STDERR, $crap);
curl_setopt($ch, CURLOPT_COOKIE, 'ZM_TEST=true');
curl_setopt($ch, CURLOPT_REFERER, "$zimbra_server");
curl_setopt($ch, CURLOPT_POSTFIELDS, "loginOp=login&username=$username&password=$passwo rd&client=$client");
$result = curl_exec($ch);
curl_close($ch);
fclose($crap);
$values = explode("\n",$result);
// Search through the headers to find the Location value to pass to the browser:
foreach($values as $key => $value)
{
list($start, $good) = split(':', $value);
// Found an anamoly where people with cleared cookies have to log in twice...
// Fix it by taking the auth token out of the cookie and passing it through as a URL
if($start == "Set-Cookie")
{
$newurl = $zimbra_server . "?client=$client&zauthtoken=" . $values[$key];
header("Location: $newurl");
die;
}
if($start == "Location")
{
header($values[$key]);
die;
}
}
// If we get here that means that no location header was found - most likely incorrect password, zimbra is down, etc.
return false;
}
?>
I also have copied the login form into my page which looks like --
<form action="https://mydomain.com/zimbra/" method="post" name="form1" id="form1">
<div align="center"> Email Address
<input name="username" type="text" size="55"/>
<br />
Password
<input name="password" type="password" size="45" />
<input type="hidden" name="loginOp" value="login"/>
<input type="hidden" name="client" value="preferred"/>
<input type="submit" name="Submit" value="Submit"/>
</div>
</form>
If my users clear there cache or have there browser set to remove cookies at when they close there browser they get a cookie error when trying to login. All they need to do is click login again and it works. What have I done wrong in the code?