Cpanel PHP Accounting functions

andyf

Well-Known Member
Jan 7, 2002
249
0
316
UK
Try writing something which uses CURL SSL just to check it's actually working.

cPanel.net Support Ticket Number:
 

CoolMike

Well-Known Member
Sep 6, 2001
313
0
316
I did this test already with the example script on php.net. It's not working at all, the example_homepage.txt file is empty and I get a timeout.

PHP:
<?php

$ch = curl_init ("http://www.example.com/");
$fp = fopen ("example_homepage.txt", "w");

curl_setopt ($ch, CURLOPT_FILE, $fp);
curl_setopt ($ch, CURLOPT_HEADER, 0);

curl_exec ($ch);
curl_close ($ch);
fclose ($fp);
?>
Mike

cPanel.net Support Ticket Number:
 

andyf

Well-Known Member
Jan 7, 2002
249
0
316
UK
Try a new /scripts/easyapache ?

Do you have something like grsec kernel patched that might prevent sockets being used?

cPanel.net Support Ticket Number:
 

CoolMike

Well-Known Member
Sep 6, 2001
313
0
316
So, curl is reinstalled and the example curl script works now. But with the createacct function I still have a problem. I'm using the following code and the answer is just blank and the account is not created:

Code:
<?

require '/usr/local/cpanel/Cpanel/Accounting.php.inc';
$host = "servername.mydomain.ch";
$user = "root";
$accesshash ="578000b5df90234237972f5a3d3197ac
1d0abcac2bddff103ef4f8e370932e46
b8e7810359823464563c5001ebd1d26
ac432ec5683cbfa906e6f8993543814f
eef2be05ab1234421802c4d68eeef31
- cuted - 
d5458fe6d4e0dffec77fbcebc5d7b584
27abfa35c73463fe6af1379e43db6a6e
717649c65ddb62e45a45671f8d7613d5";

$usessl = "1";

$acctdomain = "domain.com";
$acctuser = "username";
$acctpass = "pass";
$acctplan = "NovaLight";
$do = createacct ($host,$user,$accesshash,$usessl,$acctdomain,$acctuser,$acctpass,$acctplan);


print_r($do); 


?>

I let a part of the accesshash in the code, just to be sure I entered it in the right way.

When I use "usessl=0", then it works sometimes, but with "usessl=1", it doesn't work at all.

I hope someone can find a mistake in my code, or has any other idea.

thanks
Michael

cPanel.net Support Ticket Number:
 

CoolMike

Well-Known Member
Sep 6, 2001
313
0
316
I just found out, that since curl works in other script, my account creation script don't timeout anymore. But the account is not created and I don't get a message back.

I hope someone can help me.

Thanks
Michael

cPanel.net Support Ticket Number:
 

CoolMike

Well-Known Member
Sep 6, 2001
313
0
316
Is someone using the usessl=1 option?

I really would like to use it, because since PHP 4.3.2, fsocket is very instable.

Thanks
Michael

cPanel.net Support Ticket Number:
 

CoolMike

Well-Known Member
Sep 6, 2001
313
0
316
Please someone answer my question, I don't want to create my accounts manually. I was looking into the nixt script, this would work on my server, but I did not understand how this works...

Michael

cPanel.net Support Ticket Number:
 

heavypredator

Well-Known Member
May 2, 2003
93
1
158
Originally posted by CoolMike

Code:
<?

require '/usr/local/cpanel/Cpanel/Accounting.php.inc';
$host = "servername.mydomain.ch";
$user = "root";
$accesshash ="[/b]578000b5df90234237972f5a3d3197ac
1d0abcac2bddff103ef4f8e370932e46
b8e7810359823464563c5001ebd1d26
ac432ec5683cbfa906e6f8993543814f
eef2be05ab1234421802c4d68eeef31
- cuted - 
d5458fe6d4e0dffec77fbcebc5d7b584
27abfa35c73463fe6af1379e43db6a6e
717649c65ddb62e45a45671f8d7613d5[b]";

$usessl = "1";

$acctdomain = "domain.com";
$acctuser = "username";
$acctpass = "pass";
$acctplan = "NovaLight";
$do = createacct ($host,$user,$accesshash,$usessl,$acctdomain,$acctuser,$acctpass,$acctplan);


print_r($do); 


?>
cPanel.net Support Ticket Number:
You must put your remote key in one line without spaces.



cPanel.net Support Ticket Number:
 

CoolMike

Well-Known Member
Sep 6, 2001
313
0
316
Hi

Thanks a lot for your reply. I removed the spaces and have now the whole accesshash in one line. Unfortunately it's still not working. I did a test and used a wrong accesshash and did not even get an error message. It looks like, the function get's ignored.

Any other ideas?

Thanks
Michael

cPanel.net Support Ticket Number:
 

CoolMike

Well-Known Member
Sep 6, 2001
313
0
316
I'm just wondering, is someone using this function with the usessl option?

If yes, could someone send me the script?

Thanks
Michael

cPanel.net Support Ticket Number:
 

beashnet

Member
Feb 21, 2003
13
0
151
Here's a question for you experts :)

I'd like to, preferrably via PHP, count the accounts on each server with each package.

So if I have two packages (Silver & Gold), I want to print out the number of Silver and Gold accounts on each server.

First one to answer with a working codesnip will get a cookie (you choose flavor!) :D

cPanel.net Support Ticket Number:
 

rusko

Member
Nov 20, 2002
11
0
151
grep -c "Gold" /var/cpanel/*accts*

may not be precise, should work.

paul

cPanel.net Support Ticket Number:
 

birkoss

Member
Jun 13, 2004
11
0
151
Changing password

I was using the script to change the password I saw on this post, and it was working, now I move on another server, and it "works", but its very long to do, and it said :

The page cannot be displayed .... 2-3 minutes after, but it changed my password, what can do that ? Maybe the curl isn't configured correctly, or something else.

The script is :

function changer_password ($host,$user,$accesshash,$usessl,$acctpass,$acctuser)
{
$result = whmreq("/scripts/passwd?remote=1&nohtml=1&password=${acctpass}&domain=${acctuser}&user=${acctuser}&submit-domain=Change%0D%0A++++++Password",$host,$user,$accesshash,$usessl);
if ($cpanelaccterr != "") { return false; }
return $result;
}

Thanks

birkoss
 

ES-207261

Member
Jan 1, 2005
10
0
151
rvskin said:
One thing I would like to warning you about this code. You are explosing security issue to your server. The essencial part is $accesshash now on php code which world readable. Any clients on your server could easily find them(if they know about how Cpanel works) and workaround to do with all your accounts.

cPanel.net Support Ticket Number:


Thats why SMART Coders do this

Code:
<?php
if (eregi("cpconf.inc.php", $_SERVER['PHP_SELF'])) {
    die("Nice try bub but you are not authorized to view this file!!");
}
$host = "localhost";
$user = "username";
$usessl = "1";
$accesshash = 'ACCESS HASH HERE
';

?>
And use an include in the file that uses the info

However you are SORELY INCORRECT PHP IS NOT World readable it will always be executed AS PHP which means that all that happens is they will execute it if you have jail enabled they wont be able to even GET the code via SSH OR FTP because they are restricted to their respective directory
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
31
473
Go on, have a guess
However you are SORELY INCORRECT PHP IS NOT World readable it will always be executed AS PHP which means that all that happens is they will execute it if you have jail enabled they wont be able to even GET the code via SSH OR FTP because they are restricted to their respective directory
Rubbish (you're on a roll today).

Jailshell has nothing whatsoever to do with PHP scripts.

If you don't have phpsuexec/open_basedir enabled any one car look at other sites php scripts as they all require access by the same user (nobody).

Regardless of that, you can use a simple perl script of just a few lines long to view them too :rolleyes:

So, rvskin is completely correct in giving their warning.
 

rvskin

Well-Known Member
PartnerNOC
Feb 19, 2003
399
1
168
It is a great addition and worth to add to the file. However someone still is able to open it.

<?php

$filecontent = implode ('', file ('/pathTOTheFile/cpconf.inc.php'));
print $filecontent;
?>
 

MarkReaktor7

Member
Jan 6, 2005
12
0
151
birkoss said:
I was using the script to change the password I saw on this post, and it was working, now I move on another server, and it "works", but its very long to do, and it said :

The page cannot be displayed .... 2-3 minutes after, but it changed my password, what can do that ? Maybe the curl isn't configured correctly, or something else.

The script is :

function changer_password ($host,$user,$accesshash,$usessl,$acctpass,$acctuser)
{
$result = whmreq("/scripts/passwd?remote=1&nohtml=1&password=${acctpass}&domain=${acctuser}&user=${acctuser}&submit-domain=Change%0D%0A++++++Password",$host,$user,$accesshash,$usessl);
if ($cpanelaccterr != "") { return false; }
return $result;
}

Thanks

birkoss
Are you using fedora core 2 by any chance? i had a lot of problems with these sort of proceedures until i updated (well downgraded) my shadow-utils.
If you find you have a lot of trouble (or it takes forever) to terminate an account via whm, i beleive this will be your problem.

If ya drop me a line i will be quite happy to help out if nec. im not an expert, but i get this stuff o.k. and it works well on my server (and im free :P)
 
R

remik

Guest
Changing users email

Hi,

I tried to write a function to change users email adress. I wrote the following:

whmreq("/scripts2/changeemail?remote=1&nohtml=1&&domain=${domain}&user=${login}&email=${email}&submit=Save Email",$host,$user,$hash,0)

But it unfortunetly doesn't work. I get a response from whm that there is no such account. Infact whm doesn't seem to get the data from GET query. I reckon that the script treats only POST querys as it's input. Is there anyway to make it work?

Best regards,
Remigiusz Samborski
 
Last edited by a moderator: