The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Help with WHM Login script (PHP)

Discussion in 'cPanel Developers' started by FrankLaszlo, Jul 27, 2010.

  1. FrankLaszlo

    FrankLaszlo Active Member

    Joined:
    Dec 19, 2008
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    I'm creating a login script for WHM that would allow techs to login without having to enter a root password everytime they access it. I am having a bit of trouble on how I should perform the authentication. I am using the curl method in another script for executing queries against the cPanel API (using the access hash) but that just doesnt seem right for this since its the users computer I want to authenticate, not the script itself.

    Is there a better method for doing this that I am overlooking?

    Heres the code I have so far:

    Code:
    <?php
    
    include('config.php');
    
    if (!isset($_REQUEST['server'])) {
        print "You didn't specify a server.";
        exit(1);
    } else {
        $server = $_REQUEST['server'];
    }
    
    $db = mysql_connect("$dbHost", "$dbUser", "$dbPass") or die ("Error connecting to database.");
    mysql_select_db("$dbName", $db) or die ("Couldn't select the database.");
    $sql = "SELECT * FROM servers WHERE srv_name = '$server'";
    $data = mysql_query($sql);
    if (!mysql_num_rows($data)) {
        print "Invalid server name.";
        exit(1);
    } else {
        $r = mysql_fetch_array($data);
        $serverip = $r['srv_ip'];
        $serverhash = $r['srv_hash'];
        // Do Auth stuff here
        $head = "Location: https://$serverip:2087";
        header($head);
    }
    
    ?>
    
     
    #1 FrankLaszlo, Jul 27, 2010
    Last edited: Jul 27, 2010
  2. FrankLaszlo

    FrankLaszlo Active Member

    Joined:
    Dec 19, 2008
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Update:

    I was able to get logged in using the root credentials by passing the information in the headers, but I would like to use the access key if possible.

    Code:
    $username="root";
    $password="password";
    $uphash = base64_encode($username.":".$password);
    header('Authorization: Basic " . $uphash . "\n\r");
    header('Location: https://$servername:2087');
    
     
  3. cPanelDavidN

    cPanelDavidN Integration Developer
    Staff Member

    Joined:
    Dec 17, 2009
    Messages:
    571
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Hi Frank,

    You should be able to just use 'WHM' instead of 'Basic' in your Authorization header

    This is a snippet from the xml-api PHP Client Class (which I HIGHLY recommend you take a look at):

    Code:
    // $this->auth may contain a remote access hash OR a password,
    //  depending on $this->auth_type;
    // $this->user should contain 'root' for 'hash', or any valid user for 'pass'
    // 'hash' will use 'WHM' auth and 'pass' will use 'Basic' auth in headers
    
    if ( $this->auth_type == 'hash' ) {
        $authstr = 'Authorization: WHM ' . $this->user . ':' . $this->auth . "\r\n";
    } elseif ($this->auth_type == 'pass' ) {
        $authstr = 'Authorization: Basic ' . base64_encode($this->user .':'. $this->auth) . "\r\n";
    } else {
        throw new Exception('invalid auth_type set');
    }
    
    Best Regards,
    -DavidN
     
    #3 cPanelDavidN, Jul 28, 2010
    Last edited: Jul 28, 2010
  4. FrankLaszlo

    FrankLaszlo Active Member

    Joined:
    Dec 19, 2008
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Thanks David, I got it working. I was forgetting to pass the username along with the access hash in the header.

    Cheers.
     
Loading...

Share This Page