Reseller remote access

[fonty]

I'm a reseller, and I tried to access to the whm API by the script:

<?php

require '/usr/local/cpanel/Cpanel/Accounting.php.inc';
$host = "localhost";
$user = "";
$accesshash = '';

$accts = listaccts($host,$user,$accesshash,0);
print_r($accts);
$pkgs = listpkgs($host,$user,$accesshash,0);
print_r($pkgs);
?>

The problem is that I don't have access to this directory. Anyway I know there is a way to access because whmautopilot do.

Can anyone tell me how to do it?

Tanks.

 

[fonty]

Curl Access

I had founded this script that may solve some of the actions, but I still have expects that someone help me with my issue (this script doesn't give me the showversion, listaccts, listpkgs functions).

<?
# Filename: class.cpanel.php
# The Engine
class cpanel {
var $set_username;
var $set_password;
var $set_theme;
var $set_domain;
var $set_port;

function cpanel($user,$pass,$domain,$theme="x",$port="2082") {
$this->set_username = $user;
$this->set_password = $pass;
$this->set_domain = $domain;
$this->set_theme = $theme;
$this->set_port = $port;
}

function CreateSubDomain($subdomain,$domain) {
@file("http://".$this->set_username.":".$this->set_password."@".$this->set_domain.":".$this->set_port."/frontend/".$this->set_theme.
"/subdomain/doadddomain.html?domain=".$subdomain."&rootdomain=".$domain);
}

function DeleteSubDomain($subdomain,$domain) {
@file("http://".$this->set_username.":".$this->set_password."@".$this->set_domain.":".$this->set_port."/frontend/".$this->set_theme.
"/subdomain/dodeldomain.html?domain=".$subdomain."_".$domain);
}

function CreateEmail($user,$password,$domain,$quota="8") {
@file("http://".$this->set_username.":".$this->set_password."@".$this->set_domain.":".$this->set_port."/frontend/".$this->set_theme.
"/mail/doaddpop.html?email=".$user."&domain=".$domain."&password=".$password."&quota=".$quota);
}

function DeleteEmail($user,$domain) {
@file("http://".$this->set_username.":".$this->set_password."@".$this->set_domain.":".$this->set_port."/frontend/".$this->set_theme.
"/mail/realdelpop.html?email=".$user."&domain=".$domain);
}

function CreateFTP($user,$password,$directory) {
@file("http://".$this->set_username.":".$this->set_password."@".$this->set_domain.":".$this->set_port."/frontend/".$this->set_theme.
"/ftp/doaddftp.html?login=".$user."&password=".$password."&homedir=".$directory);
}

function DeleteFTP($user) {
@file("http://".$this->set_username.":".$this->set_password."@".$this->set_domain.":".$this->set_port."/frontend/".$this->set_theme.
"/ftp/dodelftp.html?login=".$user);
}

function CreateDB($db) {
@file("http://".$this->set_username.":".$this->set_password."@".$this->set_domain.":".$this->set_port."/frontend/".$this->set_theme.
"/sql/adddb.html?db=".$db);
}

function DeleteDB($db) {
@file("http://".$this->set_username.":".$this->set_password."@".$this->set_domain.":".$this->set_port."/frontend/".$this->set_theme.
"/ftp/deldb.html?db=".$this->set_username."_".$db);
}

function FullBackup($mode="passiveftp",$email,$remote_ftp=NULL,$remote_user=NULL,$remote_pass=NULL) {
@file("http://".$this->set_username.":".$this->set_password."@".$this->set_domain.":".$this->set_port."/frontend/".$this->set_theme.
"/backup/dofullbackup.html?dest=".$mode."&email=".$email."&server=".$remote_ftp."&user=".$remote_user."&pass=".$remote_pass);
}

function CreateParked($domain) {
@file("http://".$this->set_username.":".$this->set_password."@".$this->set_domain.":".$this->set_port."/frontend/".$this->set_theme.
"/park/doaddparked.html?domain=".$domain);
}

function RemoveParked($domain) {
@file("http://".$this->set_username.":".$this->set_password."@".$this->set_domain.":".$this->set_port."/frontend/".$this->set_theme.
"/park/dodelparked.html?domain=".$domain);
}

function CreateDomain($domain,$user,$password) {
@file("http://".$this->set_username.":".$this->set_password."@".$this->set_domain.":".$this->set_port."/frontend/".$this->set_theme.
"/addon/doadddomain.html?domain=".$domain."&user=".$user."&pass=".$password);
}

function DeleteDomain($domain) {
@file("http://".$this->set_username.":".$this->set_password."@".$this->set_domain.":".$this->set_port."/frontend/".$this->set_theme.
"/addon/dodeldomain.html?domain=".$domain);
}
}
?>


and this is how to call/use these functions


<?
# Filename: signup.php // you can change the name of course
# The Client
include("class.cpanel.php");
$cpanel = new cpanel("username","password","domain.com");
$cpanel->CreateSubDomain("sub","domain.com");
?>

Original post: http://www.webhostgear.com/forums/archive/index.php/t-358.html

 

[webignition]

Regarding /usr/local/cpanel/Cpanel/Accounting.php.inc, you could ask your hosting provider to either pop a copy into your home directory, or into a shared directory and then modify the global include path.

 

[fonty]

Tank you webignition, I will try this

 

[fonty]

Tanks again webignition for your help, but I don't thisg this will be the solution, becouse the "/usr/local/cpanel/Cpanel/Accounting.php.inc" script is alling to a function (I don't kwon where this function is) that seems to be calling other scripts like:
/scripts/remote_suspend
/scripts/remote_unsuspend
/scripts/killacct
...

Can you know other way or how to continue to solve this problem?

This is the "/usr/local/cpanel/Cpanel/Accounting.php.inc" script code:

<?php
# cpanel4 - Accounting.php.inc Copyright(c) 1999-2002 John N. Koston
# All rights Reserved.
# [email protected] http://cpanel.net
#
# This file is governed by the cPanel license


global $cpanelaccterr;


function suspend ($host,$user,$accesshash,$usessl,$suspenduser) {
$result = whmreq("/scripts/remote_suspend?user=${suspenduser}",$host,$user,$accesshash,$usessl);
if ($cpanelaccterr != "") { return; }
return $result;
}
function unsuspend ($host,$user,$accesshash,$usessl,$suspenduser) {
$result = whmreq("/scripts/remote_unsuspend?user=${suspenduser}",$host,$user,$accesshash,$usessl);
if ($cpanelaccterr != "") { return; }
return $result;
}
function killacct ($host,$user,$accesshash,$usessl,$killuser) {
$result = whmreq("/scripts/killacct?user=${killuser}&nohtml=1",$host,$user,$accesshash,$usessl);
if ($cpanelaccterr != "") { return; }
return $result;
}
function showversion ($host,$user,$accesshash,$usessl) {
$result = whmreq("/scripts2/showversion",$host,$user,$accesshash,$usessl);
if ($cpanelaccterr != "") { return; }
return $result;
}
function createacct ($host,$user,$accesshash,$usessl,$acctdomain,$acctuser,$acctpass,$acctplan) {
$result = whmreq("/scripts/wwwacct?remote=1&nohtml=1&username=${acctuser}&password=${acctpass}&domain=${acctdomain}&plan=${acctplan}",$host,$user,$accesshash,$usessl);
if ($cpanelaccterr != "") { return; }
return $result;
}

function listaccts ($host,$user,$accesshash,$usessl) {
$result = whmreq("/scripts2/listaccts?nohtml=1&viewall=1",$host,$user,$accesshash,$usessl);
if ($cpanelaccterr != "") { return; }

$page = split("\n",$result);
foreach ($page as $line) {
list($acct,$contents) = split("=", $line);
if ($acct != "") {
$allc = split(",", $contents);
$accts[$acct] = $allc;
}
}
return($accts);
}
function listpkgs ($host,$user,$accesshash,$usessl) {
$result = whmreq("/scripts/remote_listpkg",$host,$user,$accesshash,$usessl);
if ($cpanelaccterr != "") { return; }


$page = split("\n",$result);
foreach ($page as $line) {
list($pkg,$contents) = split("=", $line);
if ($pkg != "") {
$allc = split(",", $contents);
$pkgs[$pkg] = $allc;
}
}
return($pkgs);
}
function whmreq ($request,$host,$user,$accesshash,$usessl) {


$cleanaccesshash = preg_replace("'(\r|\n)'","",$accesshash);
$authstr = $user . ":" . $cleanaccesshash;
$cpanelaccterr = "";


if (function_exists("curl_init")) {
$ch = curl_init();
if ($usessl) {
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($ch, CURLOPT_URL, "https://${host}:2087" . $request);
} else {
curl_setopt($ch, CURLOPT_URL, "http://${host}:2086" . $request);
}
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
$curlheaders[0] = "Authorization: WHM $authstr";
curl_setopt($ch,CURLOPT_HTTPHEADER,$curlheaders);
$data=curl_exec ($ch);
curl_close ($ch);
} elseif (function_exists("socket_create")) {
if ($usessl) {
$cpanelaccterr = "SSL Support requires curl";
return;
}
$service_port = 2086;
$address = gethostbyname($host);
$socket = socket_create (AF_INET, SOCK_STREAM, 0);
if ($socket < 0) {
$cpanelaccterr = "socket_create() failed";
return;
}
$result = socket_connect ($socket, $address, $service_port);
if ($result < 0) {
$cpanelaccterr = "socket_connect() failed";
return;
}
$in = "GET $request HTTP/1.0\n";
socket_write($socket,$in,strlen($in));
$in = "Connection: close\n";
socket_write($socket,$in,strlen($in));
$in = "Authorization: WHM $authstr\n\n\n";
socket_write($socket,$in,strlen($in));

$inheader = 1;
while(($buf = socket_read($socket, 512)) != false) {
if (!$inheader) {
$data .= $buf;
}
if(preg_match("'\r\n\r\n$'s", $buf)) {
$inheader = 0;
}
if(preg_match("'\n\n$'s", $buf)) {
$inheader = 0;
}
if(preg_match("'\r\n$'s", $buf)) {
$inheader = 0;
}
}

} else {
$cpanelaccterr = "php not compiled with --enable-sockets OR curl";
return;
}

return $data;
}

?>

 

[fonty]

I'm a litle bit blind, the function is declared at the bottom, but anyway is coling some script where I don't have access:

http://${host}:2086" . $request

Where $request may be:
/scripts/remote_suspend
/scripts/remote_unsuspend
/scripts/killacct
...

 

[webignition]

You'll notice that all but whmreq() call scripts in /scripts or /scripts2.

You won't have access to these two directories, however through the use of whmreq(), with your username and access hash, the relevant PHP functions will have access to these directories - that's the whole point of the remote access functions.

Trust me, if you have access to /usr/local/cpanel/Cpanel/Accounting.php.inc, and you have set up your remote access key (the access hash) through WHM, you will be able to use all the functions.

Give it a shot and let me know how it goes.

 

[fonty]

You were right, you save me.

Tanks a lot. :D