For some time now, when i would be signing up for a web service, download, weblog subscription or some other online gadget where an email address is required for sending information, i would create a temporary mail forwarder specifically for that sender.
I decided that logging into my server to create the forewarder in my database was a bit much work for something i was doing increasingly commonly, so i did what any self respecting hacker would do, i rolled my own script that can insert, remove and track forwarders, it’s reasonably secure for your average php hackjob.
index-header.php contains an email validator class from google code (project page), its clean and its fairly fast.
Adding forwarder
This software is licensed under the CC-GNU GPL version 2.0 or later.
<?php /* Copyright 2008 Aaron Tate This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ session_start(); include_once('index-header.php'); $validator = new EmailAddressValidator; if(!$validator->check_email_address($_SESSION['fe-sessdata'])) { session_regenerate_id(); } $fe_conf_imapauth_servername = "localhost"; $fe_conf_imapauth_serverport = "143"; $fe_conf_imapauth_validate_cert = "/novalidate-cert"; // can be 'novalidate-cert', 'validate-cert or '' (in which case it defaults to cert validation) -at $fe_conf_pdo_engine = "mysql"; //see http://au.php.net/manual/en/pdo.getavailabledrivers.php $fe_conf_pdo_host = "localhost"; $fe_conf_pdo_db = "dbname"; $fe_conf_pdo_user = "dbuser"; $fe_conf_pdo_pass = "dbpass"; try{ $fe_db_connection = new PDO($fe_conf_pdo_engine.':host='.$fe_conf_pdo_host.';dbname='.$fe_conf_pdo_db, $fe_conf_pdo_user, $fe_conf_pdo_pass); }catch (PDOException $fe_db_exception){ echo 'Error Connecting to database ('.$fe_db_exception->getMessage().')'; die; } ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head lang="en-au"> <title></title> <meta http-equiv="content-type" content="application/xhtml+xml; charset=UTF-8"/> <meta http-equiv="pragma" content="no-cache"/> <meta http-equiv="cache-control" content="no-cache"/> <style type="text/css"> /* body styles */ body { font-family: arial, helvetica, sans-serif; font-size: 9pt; } h1,h2 { font-style: normal; font-weight: normal;} h1{ font-size: 14pt;} h2 {font-size: 11pt; font-style: italic;} /* Forms Style */ input { border: 1px solid #fff; background-color: #69f; color: white; } textarea{ border: 1px solid #fff; background-color: #69f; color: white; } .formrow{ color: white; font-weight:bold; background: #36f;} #loginform{ position: absolute; left: 50%; width: 500px; margin-left:-250px; } .inputtable input { width: 300px; color: white; } .inputtable label { padding: 20px; } </style> <script type="text/javascript"> function loadfocus() { document.getElementById("fe_email").focus(); } </script> </head> <body onload="loadfocus()"> <?php if(!$validator->check_email_address($_SESSION['fe-sessdata'])) { if(!strlen($_POST['fe_email']) >0 && !strlen($_POST['fe_pass'] >0)) { ?> <form method="POST" action="index.php"> <table id="loginform" class="inputtable"><tr class="formrow"><td> <label for="fe_email"/>Email Address: </label></td><td><input tabindex=10 name="fe_email" id="fe-email"/> </td></tr><tr class="formrow"><td> <label for="fe_pass"/>Password: </label></td><td><input type="password" tabindex=11 name="fe_pass" id="fe-pass"/> </td></tr><tr><td></td><td> <input type="submit" value="Login"/> </td></td></table> </form> <?php } else { //Attempt to authenticate with IMAP server, set session and reload page. $authtest = imap_open('{'.$fe_conf_imapauth_servername.':'.$fe_conf_imapauth_serverport.'/imap'.$fe_conf_imapauth_validate_cert.'}INBOX', $_POST['fe_email'], $_POST['fe_pass'],OP_READONLY,1) or die("Error connecting to imap server: " . imap_last_error()); imap_close($authtest); $_SESSION['fe-sessdata'] = $_POST['fe_email']; echo '<a href="' . htmlspecialchars($_SERVER['REQUEST_URI']) . '">Redirect</a><script type="text/javascript">location.href = \'' . htmlspecialchars($_SERVER['REQUEST_URI']) . '\';</script>'; } } else { ?> <h1>Email forwarders for <?php echo $_SESSION['fe-sessdata']?></h1> <?php if($validator->check_email_address($_POST['fe_source'])) { if(empty($_POST['fe_comment'])){ //insert forwarder sans comment $fe_db_connection->exec('INSERT into forwardings(source,destination) VALUES(\''.$_POST['fe_source'].'\',\''.$_SESSION['fe-sessdata'].'\');'); echo '<p>'.$_POST['fe_source'].'->'.$_SESSION['fe-sessdata'].' Added.</p>'; } else { //insert commented forwarder $fe_db_connection->exec('INSERT into forwardings(source,destination,comment) VALUES(\''.$_POST['fe_source'].'\',\''.$_SESSION['fe-sessdata'].'\',\''. mysql_escape_string($_POST['fe_comment']).'\');'); echo '<p>'.$_POST['fe_source'].'->'.$_SESSION['fe-sessdata'].' Added w/ comment.</p>'; } } if($validator->check_email_address($_GET['delete'])) //remove forwader providing its destination matches the users email address. { $fe_db_connection->exec('DELETE FROM forwardings WHERE source = \''.$_GET['delete'].'\' AND destination = \''.$_SESSION['fe-sessdata'].'\' LIMIT 1;'); echo '<p>' .$_GET['delete'].'->'.$_SESSION['fe-sessdata'].' deleted.</p>'; } if($_GET['logout']) { echo '<a href="' . htmlspecialchars($_SERVER['REQUEST_URI']) . '">Redirect</a><script type="text/javascript">location.href = \'' . htmlspecialchars($_SERVER['REQUEST_URI']) . '\';</script>'; $_SESSION['fe-sessdata']= null; } ?> <h2>Add/Edit Forwarder</h2> <form method="POST" action="index.php"> <table class="inputtable"><tr class="formrow"> <td><label for="fe_source">Source Email Address</label></td><td><input type="text" tabindex=10 name="fe_source" id="fe_source" size=30 /></td> </tr><tr class="formrow"> <td><label for="fe_comment">Comment</label></td><td><textarea tabindex=10 name="fe_comment" id="fe_comment" cols=40 rows=5></textarea></td> </tr> <tr class="formrow"><td colspan=2 align="right"><input type="Submit" value="Add"/><td></tr> </table> </form> <h2>Current Forwarders</h2> <?php // List current forwarders echo '<dl>'; foreach($fe_db_connection->query('SELECT * from forwardings WHERE destination = \''.mysql_escape_string($_SESSION['fe-sessdata']).'\' ORDER by source ASC') as $row) { echo '<dt>'.$row['source'].'->'.$row['destination'].'<a href="?delete='.$row['source'].'">(delete)</a></dt><dd>'.nl2br($row['comment']).'</dd>'; } echo '</dl>'; $fe_db_connection = null; echo '<a href="index.php?logout=1">Logout</a>'; } ?> </body> </html>