addusertodb.html missing from x3 theme in 11.44

N1ghteyes

Active Member
Mar 3, 2014
33
2
8
Reading, UK
cPanel Access Level
Root Administrator
Twitter
Hi guys,

Im making used of PHP to add a user to a database via the cpanel account url. Unfortunatly, using the API isnt an option in this case, but it was working fine up until cpanel on the server was updated to 11.44. Now when calling addusertodb.html i get a 404.

part of the script:

PHP:
function addUserToDb($cPanelUser,$cPanelPass,$userName,$dbName,$privileges) {

    $host= gethostname(); //get the ip, so we force local only. Also good for negating dns issues
    $ip = gethostbyname($host);
    
    $domain = variable_get('system_area_set', '');
    $theme = variable_get('system_style_set', '');

    $buildRequest = "/frontend/".$theme."/sql/addusertodb.html?user=".$userName."&db=".$dbName.$privileges;

    $ssl = variable_get('cp_sub_ssl_setting', 0);
    if($ssl == 1){
        $domain = "ssl://".$domain;
    }

    $openSocket = fsockopen($domain,variable_get('cPanel_sub_port', 2082));
    if(!$openSocket) {
        return "Socket error";
        exit();
    }

    $authString = $cPanelUser . ":" . $cPanelPass;
    $authPass = base64_encode($authString);
    $buildHeaders  = "GET " . $buildRequest ."\r\n";
    $buildHeaders .= "HTTP/1.1\r\n";
    $buildHeaders .= "Host:".$domain."\r\n";
    $buildHeaders .= "Authorization: Basic " . $authPass . "\r\n";
    $buildHeaders .= "\r\n";

    fputs($openSocket, $buildHeaders);
    while(!feof($openSocket)) {
        fgets($openSocket,128);
    }
    $socketstatus = socket_strerror(socket_last_error());
    fclose($openSocket);

    if($socketstatus == 'Success'){
        return FALSE; // successfull so return false. (no error)
    } else {
        return $socketstatus;
    }
}
looking in the x3/sql directory i see its not there:

Code:
[email protected] [/usr/local/cpanel/base/frontend/x3/sql]# ls -l
total 140
drwxr-xr-x  2 root root  4096 Jun 23 00:15 ./
drwxr-xr-x 76 root root  4096 Jul  2 00:12 ../
-rw-r--r--  1 root root   348 Oct 20  2013 PhpMyAdmin.html
-rw-r--r--  1 root root  1235 Jun 23 00:09 addb.html
-rw-r--r--  1 root root   628 Oct 20  2013 addhost.html
-rw-r--r--  1 root root  1112 Jun 23 00:09 adduser.html
-rw-r--r--  1 root root   640 Jun 23 00:09 changepasswd.auto.tmpl
lrwxrwxrwx  1 root root    22 Jun 23 00:15 changepasswd.html -> changepasswd.auto.tmpl
-rw-r--r--  1 root root   716 Oct 20  2013 checkdb.html
-rw-r--r--  1 root root   862 Mar  6 00:08 deldb.html
-rw-r--r--  1 root root   810 Oct 20  2013 deldbconfirm.html
-rw-r--r--  1 root root   610 Oct 20  2013 delhost.html
-rw-r--r--  1 root root   871 Oct 20  2013 delhostconfirm.html
-rw-r--r--  1 root root   565 Oct 20  2013 deluser.html
-rw-r--r--  1 root root   848 Oct 20  2013 deluserconfirm.html
-rw-r--r--  1 root root   212 Jun 23 00:09 deluserfromdbconfirm.html
-rw-r--r--  1 root root  1051 Jun 23 00:09 deluserfromdbconfirm.tmpl
-rw-r--r--  1 root root   771 Apr  9 00:09 dochangepassword.html
-rw-r--r--  1 root root  1049 Feb 12 09:13 index.html
-rw-r--r--  1 root root   783 Oct 20  2013 index_head.html
-rw-r--r--  1 root root 14772 Jun 23 00:09 index_include.html
-rw-r--r--  1 root root  2707 Mar  6 00:08 managehost.html
-rw-r--r--  1 root root   708 Oct 20  2013 repairdb.html
-rw-r--r--  1 root root   977 Oct 20  2013 repairdbconfirm.html
-rw-r--r--  1 root root  1099 Oct 20  2013 user.html
-rw-r--r--  1 root root   901 Jun 23 00:09 userrights.html
-rw-r--r--  1 root root  1055 Jun 23 00:09 userrights.tmpl
-rw-r--r--  1 root root  1635 Jun 23 00:09 userrights_include.tmpl
-rw-r--r--  1 root root  2740 Jun 23 00:09 wizard1.html
-rw-r--r--  1 root root  4304 Jun 23 00:09 wizard2.html
-rw-r--r--  1 root root  1673 Jun 23 00:09 wizard3.html
-rw-r--r--  1 root root  1986 Jun 23 00:09 wizard4.auto.tmpl
lrwxrwxrwx  1 root root    17 Jun 23 00:15 wizard4.html -> wizard4.auto.tmpl
so.. any idea where this has gone? I really dont like the paper lantern theme... so would like to avoid having to use it
 

JaredR.

Well-Known Member
Feb 25, 2010
1,834
23
143
Houston, TX
cPanel Access Level
Root Administrator
Friendly Moderator Note

Your first post of this was moderated, which is why you did not see it. I actually approved it, so it was visible, just before you posted again. I deleted the second post as a duplicate, but I wanted to explain what happened to prevent any confusion.
 

N1ghteyes

Active Member
Mar 3, 2014
33
2
8
Reading, UK
cPanel Access Level
Root Administrator
Twitter
Thanks Jared, i actually saw the note about modification the second time i posted, i wasnt paying attention the first time :x
 

N1ghteyes

Active Member
Mar 3, 2014
33
2
8
Reading, UK
cPanel Access Level
Root Administrator
Twitter
no joy im afraid, i can navigate to the page fine in the browser, however adding &ALL=ALL to the URL for privileges no longer auto submits the form, so the script no longer works.

the url called is now this:
/frontend/x3/sql/userrights.html?user=user&db=database&ALL=ALL

but no user is added to the database, both when calling this in the script, or when navigating to it directly.

EDIT NOTE::

I can't find referance to that change anywhere in the change logs. can i ask why its been made?

EDIT 2::

I believe the issue here is that the permissions functionality has been changed, so that rather than &ALL=ALL being used for the final submission, it now just selects all check boxes without submitting the form.
 
Last edited:

JacobPerkins

Well-Known Member
May 2, 2014
617
97
103
cPanel Access Level
DataCenter Provider
Twitter
Hello,

Instead of using a LWP / Browser variant, is there any reason why you're not using our APIs for doing this?

http://documentation.cpanel.net/display/SDK/Mysql#Mysql-set_privileges_on_database

This can be easily done with a variant like:
https://hostname:2083/cpsess#######...ser=username&database=database&privileges=ALL

The above should return a JSON object like such:
{"messages":null,"errors":null,"status":1,"metadata":{},"data":null}

If status:1, you're good to go. If there's another message, then it most likely encountered an error, of which the message will advise.
 

N1ghteyes

Active Member
Mar 3, 2014
33
2
8
Reading, UK
cPanel Access Level
Root Administrator
Twitter
so far as i know, most shared hosts dont allow access to the API. Certainly the few i've used don't. While i have access to use the API on my servers, a lot of people who use the system dont, so being able to call the various URLs required to setup a database, and asign a user with permissions to is pretty much integral to the entire thing.

EDIT::

I didnt get much of a chance to review those docs, can you confirm if i can call url's directly without API access with the methods you linked?

Essentually i need to know this will work on shared hosts before i really invest time into it.

Thanks
 
Last edited:

JacobPerkins

Well-Known Member
May 2, 2014
617
97
103
cPanel Access Level
DataCenter Provider
Twitter
Hello,

I'm unsure if this will work on shared hosts, or if they have this blocked, however I'd recommend testing it out to see. This is the preferred way of doing things, as it won't change as much as the pages.
 

N1ghteyes

Active Member
Mar 3, 2014
33
2
8
Reading, UK
cPanel Access Level
Root Administrator
Twitter
if this doesnt work on shared hosts, will there be any way around this? a brief test of using parper_lantern throws the same problem

Edit::

Aside from specifying pre 11.44 only...
 
Last edited:

JacobPerkins

Well-Known Member
May 2, 2014
617
97
103
cPanel Access Level
DataCenter Provider
Twitter
Hi,

If you're able to test this on cPanel pages, you can test these API calls as well. Also, I don't believe hosts *CAN* disable UAPI. cPanel is built upon API calls, so if they disabled the API, they would effectively disable cPanel.
 

N1ghteyes

Active Member
Mar 3, 2014
33
2
8
Reading, UK
cPanel Access Level
Root Administrator
Twitter
ah ok, so UAPI is not quite the same as Api v1 and 2?

I will review it, UAPI does sound much more promising though :)
 

N1ghteyes

Active Member
Mar 3, 2014
33
2
8
Reading, UK
cPanel Access Level
Root Administrator
Twitter
ok, so as a direct result of this, i have written a PHP class to handle UAPI connections. It could do with some feedback / testing and improvements, not to mention better commenting, but, see the thread i posted in the development forum for it.

tl;dr - UAPI works.

UAPI PHP Class thread
 

luisandrade

Registered
Aug 23, 2014
1
0
1
cPanel Access Level
Root Administrator
Thank you N1ghteyes!

I had the same issue like yours. Your UAPI PHP Class save me and works fine.
But i didn't can set privileges as well, because i don't know exactly the sintax. I really didn't find in cPanel Docs examples, like this link:
https://documentation.cpanel.net/display/SDK/Mysql

I use this way and works very well:
$uapi->set_privileges_on_database(array('user' => 'myuser', 'database' => 'mydatabase, 'privileges' => 'ALTER,CREATE,INDEX,SELECT,INSERT,UPDATE'));

But... don't work with privileges with more one word like this:
$uapi->set_privileges_on_database(array('user' => 'myuser', 'database' => 'mydatabase, 'privileges' => 'ALTER,CREATE,CREATETEMPORARYTABLES,INDEX,LOCKTABLES,SELECT,INSERT,UPDATE'));

I tried use CREATE TEPORARY TABLES, LOCK TABLES and same thing. Not works.

Please, anybody know how a correct sintax? Using cPanel 11.44
Sorry for my bad english