addusertodb.html missing from x3 theme in 11.44

[N1ghteyes]

Hi guys,

Im making used of PHP to add a user to a database via the cpanel account url. Unfortunatly, using the API isnt an option in this case, but it was working fine up until cpanel on the server was updated to 11.44. Now when calling addusertodb.html i get a 404.

part of the script:

function addUserToDb($cPanelUser,$cPanelPass,$userName,$dbName,$privileges) {

    $host= gethostname(); //get the ip, so we force local only. Also good for negating dns issues
    $ip = gethostbyname($host);
    
    $domain = variable_get('system_area_set', '');
    $theme = variable_get('system_style_set', '');

    $buildRequest = "/frontend/".$theme."/sql/addusertodb.html?user=".$userName."&db=".$dbName.$privileges;

    $ssl = variable_get('cp_sub_ssl_setting', 0);
    if($ssl == 1){
        $domain = "ssl://".$domain;
    }

    $openSocket = fsockopen($domain,variable_get('cPanel_sub_port', 2082));
    if(!$openSocket) {
        return "Socket error";
        exit();
    }

    $authString = $cPanelUser . ":" . $cPanelPass;
    $authPass = base64_encode($authString);
    $buildHeaders  = "GET " . $buildRequest ."\r\n";
    $buildHeaders .= "HTTP/1.1\r\n";
    $buildHeaders .= "Host:".$domain."\r\n";
    $buildHeaders .= "Authorization: Basic " . $authPass . "\r\n";
    $buildHeaders .= "\r\n";

    fputs($openSocket, $buildHeaders);
    while(!feof($openSocket)) {
        fgets($openSocket,128);
    }
    $socketstatus = socket_strerror(socket_last_error());
    fclose($openSocket);

    if($socketstatus == 'Success'){
        return FALSE; // successfull so return false. (no error)
    } else {
        return $socketstatus;
    }
}

looking in the x3/sql directory i see its not there:

[email protected] [/usr/local/cpanel/base/frontend/x3/sql]# ls -l
total 140
drwxr-xr-x  2 root root  4096 Jun 23 00:15 ./
drwxr-xr-x 76 root root  4096 Jul  2 00:12 ../
-rw-r--r--  1 root root   348 Oct 20  2013 PhpMyAdmin.html
-rw-r--r--  1 root root  1235 Jun 23 00:09 addb.html
-rw-r--r--  1 root root   628 Oct 20  2013 addhost.html
-rw-r--r--  1 root root  1112 Jun 23 00:09 adduser.html
-rw-r--r--  1 root root   640 Jun 23 00:09 changepasswd.auto.tmpl
lrwxrwxrwx  1 root root    22 Jun 23 00:15 changepasswd.html -> changepasswd.auto.tmpl
-rw-r--r--  1 root root   716 Oct 20  2013 checkdb.html
-rw-r--r--  1 root root   862 Mar  6 00:08 deldb.html
-rw-r--r--  1 root root   810 Oct 20  2013 deldbconfirm.html
-rw-r--r--  1 root root   610 Oct 20  2013 delhost.html
-rw-r--r--  1 root root   871 Oct 20  2013 delhostconfirm.html
-rw-r--r--  1 root root   565 Oct 20  2013 deluser.html
-rw-r--r--  1 root root   848 Oct 20  2013 deluserconfirm.html
-rw-r--r--  1 root root   212 Jun 23 00:09 deluserfromdbconfirm.html
-rw-r--r--  1 root root  1051 Jun 23 00:09 deluserfromdbconfirm.tmpl
-rw-r--r--  1 root root   771 Apr  9 00:09 dochangepassword.html
-rw-r--r--  1 root root  1049 Feb 12 09:13 index.html
-rw-r--r--  1 root root   783 Oct 20  2013 index_head.html
-rw-r--r--  1 root root 14772 Jun 23 00:09 index_include.html
-rw-r--r--  1 root root  2707 Mar  6 00:08 managehost.html
-rw-r--r--  1 root root   708 Oct 20  2013 repairdb.html
-rw-r--r--  1 root root   977 Oct 20  2013 repairdbconfirm.html
-rw-r--r--  1 root root  1099 Oct 20  2013 user.html
-rw-r--r--  1 root root   901 Jun 23 00:09 userrights.html
-rw-r--r--  1 root root  1055 Jun 23 00:09 userrights.tmpl
-rw-r--r--  1 root root  1635 Jun 23 00:09 userrights_include.tmpl
-rw-r--r--  1 root root  2740 Jun 23 00:09 wizard1.html
-rw-r--r--  1 root root  4304 Jun 23 00:09 wizard2.html
-rw-r--r--  1 root root  1673 Jun 23 00:09 wizard3.html
-rw-r--r--  1 root root  1986 Jun 23 00:09 wizard4.auto.tmpl
lrwxrwxrwx  1 root root    17 Jun 23 00:15 wizard4.html -> wizard4.auto.tmpl

so.. any idea where this has gone? I really dont like the paper lantern theme... so would like to avoid having to use it

 

[JaredR.]

Friendly Moderator Note

Your first post of this was moderated, which is why you did not see it. I actually approved it, so it was visible, just before you posted again. I deleted the second post as a duplicate, but I wanted to explain what happened to prevent any confusion.

 

[N1ghteyes]

Thanks Jared, i actually saw the note about modification the second time i posted, i wasnt paying attention the first time :x

 

[N1ghteyes]

moderation # Sorry, one of those days

 

[JacobPerkins]

Hello,

I believe the page you're looking for has been updated to 'x3/sql/userrights.html'. You can verify this by visiting the page in your browser, and verifying the URL you're needing.

 

[N1ghteyes]

no joy im afraid, i can navigate to the page fine in the browser, however adding &ALL=ALL to the URL for privileges no longer auto submits the form, so the script no longer works.

the url called is now this:
/frontend/x3/sql/userrights.html?user=user&db=database&ALL=ALL

but no user is added to the database, both when calling this in the script, or when navigating to it directly.

EDIT NOTE::

I can't find referance to that change anywhere in the change logs. can i ask why its been made?

EDIT 2::

I believe the issue here is that the permissions functionality has been changed, so that rather than &ALL=ALL being used for the final submission, it now just selects all check boxes without submitting the form.

 

[JacobPerkins]

Hello,

Instead of using a LWP / Browser variant, is there any reason why you're not using our APIs for doing this?

http://documentation.cpanel.net/display/SDK/Mysql#Mysql-set_privileges_on_database

This can be easily done with a variant like:
https://hostname:2083/cpsess#######...ser=username&database=database&privileges=ALL

The above should return a JSON object like such:
{"messages":null,"errors":null,"status":1,"metadata":{},"data":null}

If status:1, you're good to go. If there's another message, then it most likely encountered an error, of which the message will advise.

 

[N1ghteyes]

so far as i know, most shared hosts dont allow access to the API. Certainly the few i've used don't. While i have access to use the API on my servers, a lot of people who use the system dont, so being able to call the various URLs required to setup a database, and asign a user with permissions to is pretty much integral to the entire thing.

EDIT::

I didnt get much of a chance to review those docs, can you confirm if i can call url's directly without API access with the methods you linked?

Essentually i need to know this will work on shared hosts before i really invest time into it.

Thanks

 

[JacobPerkins]

Hello,

I'm unsure if this will work on shared hosts, or if they have this blocked, however I'd recommend testing it out to see. This is the preferred way of doing things, as it won't change as much as the pages.

 

[N1ghteyes]

if this doesnt work on shared hosts, will there be any way around this? a brief test of using parper_lantern throws the same problem

Edit::

Aside from specifying pre 11.44 only...

 

[JacobPerkins]

Hi,

If you're able to test this on cPanel pages, you can test these API calls as well. Also, I don't believe hosts *CAN* disable UAPI. cPanel is built upon API calls, so if they disabled the API, they would effectively disable cPanel.

 

[N1ghteyes]

ah ok, so UAPI is not quite the same as Api v1 and 2?

I will review it, UAPI does sound much more promising though

 

[N1ghteyes]

ok, so as a direct result of this, i have written a PHP class to handle UAPI connections. It could do with some feedback / testing and improvements, not to mention better commenting, but, see the thread i posted in the development forum for it.

tl;dr - UAPI works.

UAPI PHP Class thread

 

[luisandrade]

Thank you N1ghteyes!

I had the same issue like yours. Your UAPI PHP Class save me and works fine.
But i didn't can set privileges as well, because i don't know exactly the sintax. I really didn't find in cPanel Docs examples, like this link:
https://documentation.cpanel.net/display/SDK/Mysql

I use this way and works very well:
$uapi->set_privileges_on_database(array('user' => 'myuser', 'database' => 'mydatabase, 'privileges' => 'ALTER,CREATE,INDEX,SELECT,INSERT,UPDATE'));

But... don't work with privileges with more one word like this:
$uapi->set_privileges_on_database(array('user' => 'myuser', 'database' => 'mydatabase, 'privileges' => 'ALTER,CREATE,CREATETEMPORARYTABLES,INDEX,LOCKTABLES,SELECT,INSERT,UPDATE'));

I tried use CREATE TEPORARY TABLES, LOCK TABLES and same thing. Not works.

Please, anybody know how a correct sintax? Using cPanel 11.44
Sorry for my bad english

 

[shripadd]

hi

I am also facing same issue, My site is hosted on shared thosting (hostgator)
Previously my script was working fine but due to theme changes I am unable to add user with ALL privileges to data base
Can any one please help