Creating subdomains

[dan_c]

below is a script origionally known as "cpanel subdomains Creator 1.0" which I have edited to fit into the php script I am writing. The purpose is to create a subdomain in cPanel for new users.

<?php
###############################################################
#Defining cPanel login info
$cpaneluser="xxxxxx";
$cpanelpass="xxxxxx";
###############################################################
#Sets subdomain to create
$domain = "yourname.com";
$subd = "john5.yourname.com";
###############################################################
#Tells where to go
$request = "/frontend/x/subdomain/doadddomain.html?rootdomain=$domain&domain=$subd";
###############################################################
#open socket
$sock = fsockopen('localhost',2082);
###############################################################
 
 $authstr = "$cpaneluser:$cpanelpass";
  $pass = base64_encode($authstr);
  $in = "GET $request\r\n";
  $in .= "HTTP/1.0\r\n";
  $in .= "Host:localhost\r\n";
  $in .= "Authorization: Basic $pass\r\n";
  $in .= "\r\n";

fputs($sock, $in);
  while (!feof($sock)) {
    $result .= fgets ($sock,128);
  }

fclose( $sock );
$show = strip_tags($result);
echo $show;

?>

I don't really understand the last 10 lines or so, and exactly how it works to log in to cPanel, I just know it works.

The problem with this script is that it seems to have security holes because it will be repeatedly sending the username and password for the cpanel account over the unencrypted port (2082) and is just asking to be hacked. I tried changing the port which it opens to 2083, but for whatever reason the script just wont run when I do that. Does anyone know what I can do to the script to make it work on port 2083? Thanks.

 

[dan_c]

For future reference, you can create a secure socket connection by enabling openSSL when you compile apache, and changing

$sock = fsockopen('localhost',2082);

to

$sock = fsockopen('ssl://localhost',2083);