The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

authentication

Discussion in 'General Discussion' started by oboy, Jun 19, 2002.

  1. oboy

    oboy Registered

    Joined:
    Jun 12, 2002
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Ok, I see other companies who have modified their Cpanel to be able to have billing software, I'm writing my own, and I've pretty much figured out how to make it where ONLY the user logged into their cpanel account can see their information, and no one else, but then I found a HORRIFYING discovery,

    There cannot be a rererring URL so that I can MAKE them use the link, which will not allow them to login to anyone elses.

    The HTTP_REFERER is blank, therefore I need a different way to authenticate the user is who they say they are.

    I COULD make the user have to login with there username and password, I know how to have CRYPT check the password, but I do not know where Cpanel stores the site password and username, can someone tell me either where that data is stored, OR a way to do authentication to make sure ONLY the owner of the domain can check their billing status.

    Thank you!
     
  2. awsol

    awsol cPanel Test Bitch

    Joined:
    Feb 8, 2002
    Messages:
    591
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Boston MA
    I'm pretty sure you can have your script just check the /etc/passwd file. This is where lots of personal stuff is stored. Username/password/shell and stuff.
     
Loading...

Share This Page