Can anyone tell me why this doesn't work?

M

MrLeN

Active Member
Dec 12, 2010
38
0
56
I used to use this script a year ago, but it no longer works:

Code: 
<?php

###############################################################
# cPanel WHM Account Creator 1.1
###############################################################
# Visit http://www.zubrag.com/scripts/ for updates
###############################################################
# Required parameters:
# - domain - new account domain
# - user - new account username
# - password - new account password
# - package - new account hosting package (plan)
# - email - contact email
#
# Sample run: create-whm-account.php?domain=reseller.com&user=hosting&password=manager&package=unix_500
#
# If no parameters passed then input form will be shown to enter data.
#
# This script can also be run from another PHP script. This may
# be helpful if you have some user interface already in place and 
# want to automatically create WHM accounts from there.
# In this case you have to setup following variables instead of
# passing them as parameters:
# - $user_domain - new account domain
# - $user_name - new account username
# - $user_pass - new account password
# - $user_plan - new account hosting package (plan)
# - $user_email - contact email
#
###############################################################

///////  YOUR WHM LOGIN DATA
$whm_user   = "root";      // reseller username
$whm_pass   = "password";  // the password you use to login to WHM

#####################################################################################
##############          END OF SETTINGS. DO NOT EDIT BELOW    #######################
#####################################################################################

$whm_host   = $_SERVER['HTTP_HOST'];

function getVar($name, $def = '') {
  if (isset($_REQUEST[$name]))
    return $_REQUEST[$name];
  else
    return $def;
}

// Domain name of new hosting account
// To create subdomain just pass full subdomain name
// Example: newuser.zubrag.com
if (!isset($user_domain)) {
  $user_domain = getVar('domain');
}

// Username of the new hosting account
if (!isset($user_name)) {
  $user_name = getVar('user');
}

// Password for the new hosting account
if (!isset($user_pass)) {
  $user_pass = getVar('password');
}

// New hosting account Package
if (!isset($user_plan)) {
  $user_plan = getVar('package');
}

// Contact email
if (!isset($user_email)) {
  $user_email = getVar('email');
}

// if parameters passed then create account
if (!empty($user_name)) {

  // create account on the cPanel server
  $script = "http://{$whm_user}:{$whm_pass}@{$whm_host}:2086/scripts/wwwacct";
  $params = "?plan={$user_plan}&domain={$user_domain}&username={$user_name}&password={$user_pass}&contactemail={$user_email}";
  $result = file_get_contents($script.$params);

  // output result
  echo "RESULT: " . $result;
}
// otherwise show input form
else {
$frm = <<<EOD
<html>
<head>
  <title>cPanel/WHM Account Creator</title>
  <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
  <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
</head>
<body>
  <style>
    input { border: 1px solid black; }
  </style>
<form method="post">
<h3>cPanel/WHM Account Creator</h3>
<table border="0">
<tr><td>Domain:</td><td><input name="domain" size="30"></td><td>Subdomain or domain, without www</td></tr>
<tr><td>Username:</td><td><input name="user" size="30"></td><td>Username to be created</td></tr>
<tr><td>Password:</td><td><input name="password" size="30"></td><td></td></tr>
<tr><td>Package:</td><td><input name="package" size="30"></td><td>Package (hosting plan) name. Make sure you cpecify existing package</td></tr>
<tr><td>Contact Email:</td><td><input name="email" size="30"></td><td></td></tr>
<tr><td colspan="3"><br /><input type="submit" value="Create Account"></td></tr>
</table>
</form>
</body>
</html>
EOD;
echo $frm;
}
Can anyone tell me why?

Here is the error I get:

Warning: file_get_contents() [function.file-get-contents]: Couldn't resolve host name in /home/banana/public_html/acc.php on line 82

Warning: file_get_contents(http://[email protected]@www.fwp.cc:2086/scripts...ssword=password&[email protected]) [function.file-get-contents]: failed to open stream: operation failed in /home/banana/public_html/acc.php on line 82
RESULT:
 
cPanelDavidG

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
Looking at the output provided, it seems like you have to @ symbols in the URL that is ultimately generated. If you have an @ symbol in your root or reseller password, that could be causing the issue here as PHP doesn't know what to do with http:// [email protected]@[email protected]

Just a warning though, this script does not use the APIs, therefore any number of factors can cause this to malfunction even after you get that resolved. For example, the deployment of security functionality such as CSRF protection and Cookie-based authentication (instead of HTTP-based authentication) could trigger this script to never work.

Be mindful that many write scripts for cPanel&WHM without being very much aware of our best practices, let alone common security protections contemporary servers have. As a result, I advise against trusting any script that does not use the APIs. For example, this particular script makes it very easy for people to steal your root or reseller password since you are broadcasting it over the internet in plain text :(.

I see you have another thread where you're looking to create an account as part of a specific hosting package (plan), let me see what I can do to help make things easier on you in that thread.
 
K

KostonConsulting

Well-Known Member
Verifed Vendor
Jun 17, 2010
255
1
68
San Francisco, CA
cPanel Access Level
Root Administrator
You should really upgrade to using a SSL connection for that script as you're passing the root password in plain text over the net. Here's a good document about API Authentication: ApiAuthentication < SoftwareDevelopmentKit < TWiki

As David mentioned, creating the URL from a string means that if your password contains an @ or other chars that need to be parsed :)), the call will fail. By using Curl instead, the password will be encoded and will not break authentication.

Also as mentioned about, you should be using https://hostname:2087/xml-api/createacct or https://hostname:2087/json-api/createacct as the API methods will remain the same while the inputs to the script may change over time. CreateAccount < SoftwareDevelopmentKit < TWiki

Hope that helps.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
M Is anyone else developing chatGPT Plugins? Developer Experience 1
S Anyone tested this Antimalware plugin Developer Experience 2
WebHostPro anyone have a tool where you can search several cpanel servers at once? Developer Experience 4
V is anyone try roundcube before ? Developer Experience 10
B xCache For PHP 5.1.6, Anyone? Developer Experience 11
Similar threads
Is anyone else developing chatGPT Plugins?
Anyone tested this Antimalware plugin
anyone have a tool where you can search several cpanel servers at once?
is anyone try roundcube before ?
xCache For PHP 5.1.6, Anyone?
Top Bottom