Adding a cPanel/WHM/WebMail login box to your site.

[Marty]

anand,

Nice work. I just set up your script. I changed the drop down to a radio button list.

https://tlcwe.com/cplogin/

 

[anand]

OK...I am no php coder so I would love to have a little helpm on this. I copied both files into an html file and get this (with a submit button and empty form fields):

"; if (($_GET['failed'] == "1") or ($error == 1)) { ?> Your login attempt failed!
Domain:
Username:
Password: "; ?>
Options:

How do I fix this?

Thanks!

did you get it working or not ? The include file should be included inside an existing page with .php extension only. I thought you would know .htm can't include php code and still run it unless your apache is specially configured to do so :D

Just include the file in your existing design, rename the page to .php and see it working on your browser.

 

[anand]

anand,

Nice work. I just set up your script. I changed the drop down to a radio button list.

https://tlcwe.com/cplogin/

Good to know its usefull.

Personally i like the drop down better, but its then its all about choice :D

 

[checksoft]

did you get it working or not ? The include file should be included inside an existing page with .php extension only. I thought you would know .htm can't include php code and still run it unless your apache is specially configured to do so :D

Just include the file in your existing design, rename the page to .php and see it working on your browser.

This post:
http://developers.evrsoft.com/forum/showthread.php?t=3007
says including php into an html file is kosher. I am guessing that the subject code is only designed for insertion into a php file.

I've put this one on my back-burner.

Thanks for your reply.

 

[Marty]

This post:
http://developers.evrsoft.com/forum/showthread.php?t=3007
says including php into an html file is kosher. I am guessing that the subject code is only designed for insertion into a php file.

I've put this one on my back-burner.

Thanks for your reply.

Yea, it is kosher as long as you not the last line in the instructions from the site you just linked to. Note what it says:

You just put the php code on the page where you want whatever it is to show up.

The same as if it were html. Just make sure the php code is between <?php and ?>

Also you would ave to name your page with a .php extension. just in case you didn't know

You can do it as long as you rename that .html file to a .php file. That is what the poeple on this board said as well.

 

[rs-freddo]

Let's do it in Javascript...

Place between <head></head>

<SCRIPT LANGUAGE="JavaScript">
<!-- ;
function go(){
if ((document.login.port.options[document.login.port.selectedIndex].value != '') && (document.login.username.value != '') && (document.login.password.value != '')){
if(document.login.domain.value == ''){var my_domain = "server.name.com"; }
else{var my_domain = document.login.domain.value; }
var new_url="https://";
new_url+=my_domain;
new_url+=":";
new_url+=document.login.port.options[document.login.port.selectedIndex].value;
new_url+="/login/?user=";
new_url+=document.login.username.value;
new_url+="&pass=";
new_url+=document.login.password.value;
new_url+="&failurl=http://error_page_url/";
window.location=new_url;
}else
alert("Some required fields are missing");
return false;
}
//-->
</SCRIPT>

place this code between <body></body>

<form name=login style="margin:0px;" onSubmit="return go()"><select name="port" size="1">
<option value="2083">Login to Control Panel</option>
<option value="2096">Login to WebMail</option>
</select>&nbsp;<input type="text" name="domain" size="20" maxlength="200" value="Domain:" onClick="login.domain.value=''">&nbsp;<input type="text" name="username" size="20" maxlength="200" value="Username:" onClick="login.username.value=''">&nbsp;<input type="text" name="password" size="10" maxlength="20" value="Password:" onClick="login.password.value=''">&nbsp;<input type="submit" value="Login" style="background: #A9634E; font-weight:bold;">
</form>

 

[gorilla]

Nice one , just tryed it out and it works like magic ! :D

 

[anand]

Place between <head></head>

<SCRIPT LANGUAGE="JavaScript">
<!-- ;
function go(){
if ((document.login.port.options[document.login.port.selectedIndex].value != '') && (document.login.username.value != '') && (document.login.password.value != '')){
if(document.login.domain.value == ''){var my_domain = "server.name.com"; }
else{var my_domain = document.login.domain.value; }
var new_url="https://";
new_url+=my_domain;
new_url+=":";
new_url+=document.login.port.options[document.login.port.selectedIndex].value;
new_url+="/login/?user=";
new_url+=document.login.username.value;
new_url+="&pass=";
new_url+=document.login.password.value;
new_url+="&failurl=http://error_page_url/";
window.location=new_url;
}else
alert("Some required fields are missing");
return false;
}
//-->
</SCRIPT>

place this code between <body></body>

<form name=login style="margin:0px;" onSubmit="return go()"><select name="port" size="1">
<option value="2083">Login to Control Panel</option>
<option value="2096">Login to WebMail</option>
</select>&nbsp;<input type="text" name="domain" size="20" maxlength="200" value="Domain:" onClick="login.domain.value=''">&nbsp;<input type="text" name="username" size="20" maxlength="200" value="Username:" onClick="login.username.value=''">&nbsp;<input type="text" name="password" size="10" maxlength="20" value="Password:" onClick="login.password.value=''">&nbsp;<input type="submit" value="Login" style="background: #A9634E; font-weight:bold;">
</form>

nice work micheal.

 

[rs-freddo]

nice work micheal.

Hey, it's based on your PHP script...:D

 

[checksoft]

The js doesn't work using either Firefox or IE. It goes nowhere. There is a security problem as well since the password is passed in clear text.

Overall though, nice effort!

 

[anand]

Hey, it's based on your PHP script...:D

hehehe

 

[anand]

The js doesn't work using either Firefox or IE. It goes nowhere. There is a security problem as well since the password is passed in clear text.

Overall though, nice effort!

These kinds of probs are known with js. This presentation is yet another way a user can add the login onto their website. It basically a matter of choice.

 

[gorilla]

The js doesn't work using either Firefox or IE. It goes nowhere. There is a security problem as well since the password is passed in clear text.

Overall though, nice effort!

Seems to be working for me though !
have you changed the url "server.name.com" to your url in the js ?

Edit: Just tryed it in mozilla as well and u r right , its asking me for the login details again

 

[rs-freddo]

I only use firefox and it works fine. Maybe you forgot to turn javascript on...

password is not sent in clear it's sent via SSL (if you use https). If you don't limit logins to webmail and cpanel to the secure ports then it goes in clear anyway (whether you use post or get).

Check your javascript console for any errors.

 

[checksoft]

I only use firefox and it works fine. Maybe you forgot to turn javascript on...

password is not sent in clear it's sent via SSL (if you use https). If you don't limit logins to webmail and cpanel to the secure ports then it goes in clear anyway (whether you use post or get).

Check your javascript console for any errors.

Thanks. Looked at that and still no go. Problem is clients won't undertand why their password is not encrypted as they type it in, and you can't tell a client to make sure his js is on.

 

[rs-freddo]

Thanks. Looked at that and still no go. Problem is clients won't undertand why their password is not encrypted as they type it in, and you can't tell a client to make sure his js is on.

Your not talking about encryption - if you want little asterisks in the password box just change the input from text to password. That has nothing to do with encryption (it's called obfuscation).

 

[rs-freddo]

Actually, talking of sending the password in the clear... Anands script does that (unless you put it all under SSL first) - but he allows login via http so it doesn't really matter anyway...

 

[anand]

Actually, talking of sending the password in the clear... Anands script does that (unless you put it all under SSL first) - but he allows login via http so it doesn't really matter anyway...

Checksoft : As Micheal mentioned, unless you use SSL your passwords are send in clear text format. It doesn't matter if its cpanel/whm/webmail interface, unless you use the ssl ports all information travels in clear text. Use the SSL ports to take care of the security.

You can edit the login script i made to totally remove the non ssl logins even.

 

[steventay]

Here's the piece of php code for that part of my page.

<table align="center" border="0" cellpadding="25" cellspacing="0">
<tr><td align="left">
<p align="left">
<font size="+1" color="#0000a0">cPanel Login</font></p>
<?php

this script does not seem to work with cpanelproxy...

how to do it?

using the login form to

http://webmail.domain.com
http://cpanel.domain.com

 

[rs-freddo]

You can edit the login script i made to totally remove the non ssl logins even.

Just a word of caution here Anand... Your script does send the password in the clear from the first to the second. Removing the non-ssl ports is not enough, both scripts need to be under SSL to secure your version.