I am trying to access gmail via php running under wampserver 2.4. For simplicity, this is from a localhost (the actual application is much more complex).
Following some standard examples, I am able to both receive (via pop or imap) and send (via smtp) emails through gmail -- but ONLY if the "Less secure apps" feature of gmail is enabled (https://www.google.com/settings/security/lesssecureapps). Of course, one must first enable pop and/or imap on the gmail settings page (https://mail.google.com/mail/u/0/#settings/fwdandpop)
While this works, I would like php to work with a "more secure technology" -- i.e. SSL and TLS. Any ideas?
The following code is used:
for retrieving email.
$ato="{pop.gmail.com:995/pop3/ssl/novalidate-cert}INBOX";
$auser="myaddress@gmail.com";
$apwd="mypwd";
$mbox = imap_open($ato,$auser,$apwd,NULL,1) or die("can't connect: " . print_r(imap_errors())); // just do one login
$stuff=imap_check($mbox); // get and print basic information (such as # of emails)
var_dump($stuff);
and for sending email (using the PEAR package) Note that for the following to work, I had to first enable the php_openssl php setting (using the php - phpSettings option under the wampserver popup menu).
require_once "Mail.php";
$from = 'myemail@gmail.com';
$to = 'someone@foo.org ';
$subject = 'Hi!';
$body = "Hi,
How are you?";
$headers = array(
'From' => $from,
'To' => $to,
'Subject' => $subject
);
$smtp = Mail::factory('smtp', array(
'host' => 'ssl://smtp.gmail.com',
'port' => '465',
'auth' => true,
'username' => 'myemail@gmail.com',
'password' => 'mypwd'
));
$mail = $smtp->send($to, $headers, $body);
if (PEAR::isError($mail)) {
echo('<p>' . $mail->getMessage() . '</p>');
} else {
echo('<p>Message successfully sent!</p>');
}
Based on various postings, I have tried enabling ssl_module and imagemap_module under apache extensions; and the php_sockets under php settings. They made no difference. I have read that configuring php with imap-ssl can matter, but I have no idea how to do that.
Here is the proper response I get when using the pop example above (using my username and password) -- when gmail's "access for less secure apps" is enabled:
object(stdClass)[1]
public 'Date' => string 'Thu, 22 Jan 2015 01:06:37 -0500 (Eastern Standard Time)' (length=55)
public 'Driver' => string 'pop3' (length=4)
public 'Mailbox' => string '{gmail-pop.l.google.com:995/pop3/notls/ssl/novalidate-cert/user="myemial@gmail.com"}INBOX' (length=99)
public 'Nmsgs' => int 153
public 'Recent' => int 1
and when I Disable "less secure apps"
Array ( [0] => [AUTH] Web login required: https://support.google.com/mail/bin/answer.py?answer=78754 [1] => Too many login failures ) can't connect: 1
BTW: using IMAP $ato="{imap.gmail.com:993/imap/imap/ssl}INBOX"; yields:
Array ( [0] => Can't open mailbox {imap.gmail.com:993/imap/imap/ssl}INBOX: invalid remote specification ) can't connect: 1
Gmail considers only the OAUTH2 login method to be secure. See the following article for details: https://developers.google.com/gmail/xoauth2_protocol