Zimbra to PHP: Difference between revisions

No edit summary
No edit summary
 
(One intermediate revision by one other user not shown)
Line 1: Line 1:
{{Archive}}{{Unsupported}}
If you need to move information from Zimbra into an external application there are several different ways of doing it.  Please read the blog below and then pick back up on this article.
If you need to move information from Zimbra into an external application there are several different ways of doing it.  Please read the blog below and then pick back up on this article.


Line 73: Line 75:


This could be written into a class or a function.  There should be some security written into this, like pass the username of the zimbra user through obj.user to compare against the obj.to field, pass both items from zimbra and have the php compare them.  This should prevent someone hacking the script and incrementing id numbers and downloading all your email to your php server.  This would not do a hacker any good, but people do crazy things people do for fun.  This way the user would have to match a username to the obj.to for each download.  This would be very difficult to hack unless you had a list of employees email addresses.
This could be written into a class or a function.  There should be some security written into this, like pass the username of the zimbra user through obj.user to compare against the obj.to field, pass both items from zimbra and have the php compare them.  This should prevent someone hacking the script and incrementing id numbers and downloading all your email to your php server.  This would not do a hacker any good, but people do crazy things people do for fun.  This way the user would have to match a username to the obj.to for each download.  This would be very difficult to hack unless you had a list of employees email addresses.
{{Article Footer|Unknown|2/14/2007}}
[[Category:Customizing ZCS]]
[[Category:Zimlets]]

Latest revision as of 12:42, 24 March 2015


If you need to move information from Zimbra into an external application there are several different ways of doing it. Please read the blog below and then pick back up on this article.

http://www.zimbra.com/blog/archives/roland_schemers/

This example starts with a Zimlet and ends with an external application.

Zimlet Behavior: Drag an email message on the zimlet, a popup box asks for additional information, then passes the all of the information via post to the external application, this may be a Wiki, SugarCRM, dotProject or other document management archiving program.

The information passed to the PHP application includes the message id and the number of parts (attachments or other). The external application can use curl to get other.

This example will should pull up an email message with embedded attachments. But we don't want the attachments this way. Lets let Zimbra do the work.



Trick Getting the Message ID for testing. Send your self a message with a few attachments, maybe a .pdf, .jgp, and .doc. Right click on the message (after in comes in your in box), and choose Show Original Message. At this point you will not be able to see the url of the page, so bookmark it. Go to your book mark and open it that way. Now you can see the url. Mine look like this, but with obvious modifications.



http://ZimbraMailServer.example.com/service/home/~/?auth=co&id=15260


This is how we can get the attachments, notice the url Get's. Add a new one &part=. My new url looks like.


http://ZimbraMailServer.example.com/service/home/~/?auth=co&id=15260&part=2


When &part=3, my browser tries to download something. Note: &part=, gets the message. Play around and see how it works.


This is why we need to extract the number of parts or attachments from our Zimlet, before we pass the information to php.


What if we want to get all attachments in a zip file. Wow, this is soo cool! Just add &fmt=zip and drop the part. This will give us the whole email as an attachment.


Now, I'm lazy and I don't want to have to parse this email message. I'm not going to use this method to extract from, to, cc, body. I'm going to let Zimbra do that for me in my zimlet. But I'm going to pass the message id and the number of parts.

MyPHPCode.php

    //Assume you've created a zimlet with a form with an input like < input type="text" name="zimbra_obj_id" value=\"+obj.id+\"  />
   // We are going to post this code to our php page on another server
    $zimbra_email_id = $_POST['zimbra_obj_id'];
    //you need to think about which user account will do this.  If you use an admin account and the password changes you must change it here.  Also, know your auth scheme.  When I used non active directory accounts with auth set to ad, the non ad accounts did not work.
    $user_pass = "admin@example.com:SomePassword"; // format is user:password
    //we want to extract the entire email and zip it up, below is the url
    // I have a url, then I'm going to build my save location, I like to break things up into variables so I can tweak changes, hence save_as_name, save_as_folder, and save_as. They just build a string for where to save the file and it's name.
    $_url = "http://zimbraserver.example.com/service/home/~/?id=".$zimbra_email_id."&fmt=zip"."&part=";
    $save_as_folder = "email_zip";//temp place to put the file
    $save_as_name =  $zimbra_email_id . '.zip' ;//you can make up a better name, maybe include the date and time or a guid, but better be unique
    $save_as = $save_as_folder.'/'.$save_as_name; // just concatinate folder and name 
    // I'm using curl version  libcurl/7.11.0 complied within PHP Version 4.3.4. (I'm behind a firewall so I don't mind sharing)
    $crl = curl_init(); // the fun begins here
    $fp = fopen($save_as, "w"); 
    curl_setopt($crl, CURLOPT_URL, $_url);
    curl_setopt($crl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($crl, CURLOPT_USERPWD, $user_pass);
    curl_setopt($crl, CURLOPT_FILE, $fp);
    curl_exec($crl);
    //This is for debugging
    $info = curl_getinfo($crl);
    foreach ($info as $key=>$value) {print "$key -> $value <br/> ";}
    //cleanup curl and close the file
    curl_close($crl);
    fclose($fp);


This could be written into a class or a function. There should be some security written into this, like pass the username of the zimbra user through obj.user to compare against the obj.to field, pass both items from zimbra and have the php compare them. This should prevent someone hacking the script and incrementing id numbers and downloading all your email to your php server. This would not do a hacker any good, but people do crazy things people do for fun. This way the user would have to match a username to the obj.to for each download. This would be very difficult to hack unless you had a list of employees email addresses.


Verified Against: Unknown Date Created: 2/14/2007
Article ID: https://wiki.zimbra.com/index.php?title=Zimbra_to_PHP Date Modified: 2015-03-24



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Jump to: navigation, search