The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security Tokens

Discussion in 'cPanel Developers' started by caniac22, Aug 4, 2014.

  1. caniac22

    caniac22 Registered

    Joined:
    Dec 6, 2013
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Reseller Owner
    Hello I know this is my first post so here's a short introduction. My name is Zach been a developer for a little while but it's a hobby of mine. I read this forum a lot because most of the time the solution is on here, but after hours of looking this up I have come up with little to nothing. I'm sure it's an easy fix but I'm clueless. Hang on for the ride I tend to lose people :)

    Okay so I'm trying to bring back this plugin last updated in 2010. It's a plugin that places an ad in the header of free accounts but you get to choose who has it who doesn't. So after updating several codes to account for changes cPanel has made over the years I think I'm close.

    The way the code works is you have a screen like this
    3ade13e35f42cfd33b9a546bbd11a357.png

    You choose the account you wish to place ads on and click "show ads" no biggy. Then it takes you to a page
    Code:
    /cgi/addon_forcedAds.php
    the page says
    then it has a back button and it takes you back to the image above.

    Alright hope you're still able to keep up. Alright so I've never actually reached that point because when I click "shows ads" it would tell me I was missing a security token and that I needed to enter a password. This is because for security measures cPanel has added the tokens and in 2010 this wan't a thing. Alright so I would enter my password and it would lose the data I was trying to send so that "bill" would have ads.

    I looked this up and found that it wasn't that hard to implement tokens it was just a matter of caching the session and applying it to the url. So I found this link Making your script work with security tokens in cPanel & WHM | cPanel Blog I understood what it meant but the examples it gave where in languages I don't use. I strictly use PHP, HTML, and CSS.

    So I continued to search the web and an hour later I stumbled across this http://forums.cpanel.net/f42/mailman-api-cpanel-security-tokens-cpsess-361622.html. Alright so from what I picked off from this article is that if I call this
    Code:
    $token = getenv('cp_security_token');
    It SHOULD give me the token session information. So I added to all my links
    Code:
    {$token}/cgi/addon_forcedAds.php
    Theoretically based on those 2 articles I figured that would work but now instead of the token missing pages, I get 404 pages. So then I tried to
    Code:
    echo $token;
    to no avail it's not echoing anything. So the question is in php what is the proper call to get the session. Then all I need to do is place that data in front of the links and then it will work?

    Thanks so much for trying to help me.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Please let us know if the following document is helpful:

    Authenticating API Function Calls

    In addition, could you post a full example of the authentication part of your script that is failing?

    Thank you.
     
Loading...

Share This Page