PHP: Passing details to :2086/scripts/wwwacct

larttaus

Registered
Jun 3, 2007
2
0
151
Hi,

I have a script that creates an account and hosting package on my WHM/cPanel server via a web based PHP script which passes various parameters, via web link (file_get_contents function). The web link:

http://username:[email protected]:2086/scripts/wwwacct?

The parameters (known):

sign,plan,domain,username,password,quota,cgi,frontpage,maxftp,maxpop,maxlst,maxsql,
maxsub,maxpark,maxaddon,bwlimit,cpmod,customip,msel,contactemail

Are there any other parameters available? I have tried looking but unable to find a definite list of what is accepted. I am mainly interested in setting the nameservers at account creation if possible, as I would prefer to use my own nameservers and not those of my host and set them via the script and not have to login to WHM and alter them manually...or if anyone knows how to alter them after creation using another script and passing variables?

I have found information regarding /scripts/postwwwacct which runs after this script but not this script.

Any help would be much appreciated.

Kind Regards

Matthew
 

larttaus

Registered
Jun 3, 2007
2
0
151
Thanks for your reply, unfortunately I don't have access via command line to the scripts, though my host has just upgraded to the following versions:

1. Upgrade cPanel to version 11 (release build)
2. Upgrade WHM Reseller to version 2.6

Can I get access to the scripts via ssh? if so I can ask my host for access to this...at least now I have access to some of the newer xmlapi...

Kind Regards
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
Thanks for your reply, unfortunately I don't have access via command line to the scripts, though my host has just upgraded to the following versions:

1. Upgrade cPanel to version 11 (release build)
2. Upgrade WHM Reseller to version 2.6

Can I get access to the scripts via ssh? if so I can ask my host for access to this...at least now I have access to some of the newer xmlapi...

Kind Regards
Unfortunately, you still need root access via SSH to execute items in the /scripts directory. Requesting SSH access likely will not do you much good in that regard.

However, do enjoy the new XML API - it offers far more functionality than the old WHM API.
 

mstuebner

Well-Known Member
May 13, 2007
50
0
156
Hello,

However, do enjoy the new XML API - it offers far more functionality than the old WHM API.
Thats what I try. I try to write an Extension for my TYPO3 Backend to i.e. read accounts and packages from WHM using the sample code in the Dev-Section:
Code:
<?php
require '/usr/local/cpanel/Cpanel/Accounting.php.inc';
$host = "localhost";
$user = "";
$accesshash = 'just deleted here';

$accts = listpkgs($host,$user,$accesshash,0);
print_r($accts);
?>
When I fill in the hash and use it with localhost or the FQDN (on the same host) it returns an "xml-ed" login page. If I also set the port number 2087 it returns absolutely nothing anymore.

Could you give me a push into the right direction please?

br Matthias
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
Hello,



Thats what I try. I try to write an Extension for my TYPO3 Backend to i.e. read accounts and packages from WHM using the sample code in the Dev-Section:
Code:
<?php
require '/usr/local/cpanel/Cpanel/Accounting.php.inc';
$host = "localhost";
$user = "";
$accesshash = 'just deleted here';

$accts = listpkgs($host,$user,$accesshash,0);
print_r($accts);
?>
When I fill in the hash and use it with localhost or the FQDN (on the same host) it returns an "xml-ed" login page. If I also set the port number 2087 it returns absolutely nothing anymore.

Could you give me a push into the right direction please?

br Matthias
So when you attempt that, it basically throws a login page? In that case, you may not be entering the access hash correctly. I remember there be a thread recently on doing that, IIRC one has to include the line breaks in the access hash.
 

mstuebner

Well-Known Member
May 13, 2007
50
0
156
So when you attempt that, it basically throws a login page? In that case, you may not be entering the access hash correctly. I remember there be a thread recently on doing that, IIRC one has to include the line breaks in the access hash.
I tried both, a long line and as I copied it from WHM, same result.

Is the host to be entered with port number or without?
Am I right that the hash "replaces" the normal https-login?
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
I tried both, a long line and as I copied it from WHM, same result.

Is the host to be entered with port number or without?
Am I right that the hash "replaces" the normal https-login?
It's been a long time since I used the old accounting module (I love the XML stuff). However, IIRC, you don't need to use https:// or http:// or a port number. Just the hostname (more than likely localhost anyway).

You are correct, you do not need the login (user/pass) credentials when you are using user/hash credentials in its place.
 

mstuebner

Well-Known Member
May 13, 2007
50
0
156
It's been a long time since I used the old accounting module (I love the XML stuff).
When you call it "old", what is the better way of accessing the information, even from different servers? I have to live with what the dev-doc gives me.
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
When you call it "old", what is the better way of accessing the information, even from different servers? I have to live with what the dev-doc gives me.
I would use the XML API. It has all the functionality of the cPanel Accounting module, plus many new useful features (like being able to easily access bandwidth usage for your users and such). You can find documentation on the API at:

http://www.cpanel.net/plugins/xmlapi/

Most of it is essentially a reference guide, I'd recommend looking at how to use the API first:

http://www.cpanel.net/plugins/xmlapi/XMLAPI.html

I also cover the general use of the API in a more programmer-friendly manner in my "Customizing cPanel" presentation I performed at this past Training Seminar. You can view it at:

http://trainingseminar.cpanel.net/slides/trackb/Customizing cPanel.pdf

XML API coverage begins at slide/page 32.
 

mstuebner

Well-Known Member
May 13, 2007
50
0
156
Most of it is essentially a reference guide, I'd recommend looking at how to use the API first:

http://www.cpanel.net/plugins/xmlapi/XMLAPI.html
That is what I successfully used/tried, but I saw that working only when I add the parameters to the URL of my active https login to WHM. I didn't see any information how to do so from outside the actual WHM session, what is what I need to do.

Or did I miss something?

br Matthias
 

mstuebner

Well-Known Member
May 13, 2007
50
0
156
I guess I got it. I just didn't expect that it could work to add the username and password as parameters to the URL, but it does. By that the rest is simple.

Thanx for your documentation.

Br Matthias
 
Last edited:

mstuebner

Well-Known Member
May 13, 2007
50
0
156
To avoid having user/pass in the URL I used cUrl. Some source now:

Code:
<?php
$_url_p = "user=USER"."&pass=PASS";
$_url1 = 'https://domain.com:2087/xml-api/listaccts?searchtype=user';


$curl = curl_init();
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS,$_url_p);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_COOKIEFILE, "cookiefile");
curl_setopt($curl, CURLOPT_COOKIEJAR, "cookiefile"); # SAME cookiefile
curl_setopt($curl, CURLOPT_URL, $_url1); # this is where you first time connect - GET method authorization in my case, if you have POST - need to edit code a bit

$u2 = curl_exec($curl);

curl_close ($curl);

print('Content1:'.$u2);
?>
What I wonder is, the code on command (non-root) line works finest, but called from a website it is showing a login form. What can be the reson?
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
This definately works. But doesn't that mean that you find username/passwd in each and any logfile?
There's very many reasons I don't like using the user/pass capability. Granted a user/hash is somewhat similar, but at least the hash can be easily changed. And with a hash, you still need to have a working script to do anything. You can't login to the WHM or cPanel interface for instance with a user/hash combination.

As for logging, just remember since this is cpsrvd, not Apache, you're interacting with - the logs would be in /usr/local/cpanel/logs/ rather than in the Apache logs.
 

mstuebner

Well-Known Member
May 13, 2007
50
0
156
There's very many reasons I don't like using the user/pass capability. Granted a user/hash is somewhat similar, but at least the hash can be easily changed. And with a hash, you still need to have a working script to do anything. You can't login to the WHM or cPanel interface for instance with a user/hash combination.
So when I get you right I may just replace th pwd with the hash, but can keep everything else? That would be a compromize.
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
So when I get you right I may just replace th pwd with the hash, but can keep everything else? That would be a compromize.
Actually the authentication method is different with a hash. Instead of using Authentication Basic and encoding the user/pass, you would use Authentication WHM followed by the hash (Remote Access Key). Here's a link to a relevant code sample on the forums.