2 files changed, 24 insertions, 6 deletions

diff --git a/imap.php b/imap.php
index 01d8dae..5478a93 100644
--- a/imap.php
+++ b/imap.php
@@ -18,7 +18,7 @@ function getMail($user, $pass, $inbox, $max_items){
 			}
 		} catch( Exception $e ) {
 			header( $_SERVER["SERVER_PROTOCOL"] . " 403 Forbidden" );
-			error_log($e->getMessage());
+			echo $e->getMessage();
 			exit(1);
 		}
 
diff --git a/index.php b/index.php
index 3daeb7e..e6213f3 100644
--- a/index.php
+++ b/index.php
@@ -1,13 +1,31 @@
 <?php
 require_once __DIR__ . '/bootstrap.php';
 
-$user = "feed@maxmail.xyz";
-$pass = "1234abc";
-#$inbox = array("INBOX", "Trash");
-$inbox = array("INBOX");
-$max_items = 10;
+$user = $_REQUEST['user'];
+$pass = $_REQUEST['token'];
+$inbox = strtoupper($_REQUEST['mailbox']);
+$max_items = intval($_REQUEST['max_items']);
 $ttl = 60*60;
 
+if ( "" === $_REQUEST['user'] || "" === $_REQUEST['token'] ) {
+	header( $_SERVER['SERVER_PROTOCOL'] . ' 400 Invalid Request.');
+	echo "Invalid user or token supplied.";
+	exit;
+}
+
+if ( "" === $_REQUEST['mailbox'] ) {
+	$inbox = "INBOX";
+}
+$inbox = explode(",", $inbox);
+
+if ( 0 <= $_REQUEST['max_items'] ) {
+	$max_items = 10;
+}
+if ( $max_items > 100 ) {
+	$max_items = 100;
+}
+
+#var_dump($user, $pass, $inbox, $max_items); exit;
 $mail = getMail($user, $pass, $inbox, $max_items);
 
 $inbox_string = implode(",", $inbox);