I've been pulling my hair out on this all day, and I'm wondering if there's any chance there's a bug in the API.
We're on build 5 of WHM 11.36.1, and we're building our own management utility to handle back-end account creation, support, etc. We're using curl throughout our utility to surface account details and information from WHM and cPanel, with no issues at all, but we're seeing some very strange behavior when using the API to create accounts.
We automatically generate random 8 character usernames, and random secure passwords, which are pushed to the curl url during execution. We're doing this all behind https, using the WHM accesshash for authentication (just like all of our other curl calls).
Every single time we execute this, it tells us the username is already being used (and errors), but creates the account anyway. As an example...
The script generated a username of "ofme7bwe" and attempted to create an account for the domain "build.host.com". Neither the domain or user exists in the system. The script did create the account, but the output of the API shows it failed because of the user.
We're relying on the WHM API output to either halt or continue the configuration of the account, so this "false positive" is holding up the entire script even though it seems to successfully build the account.
Any thoughts?
We're on build 5 of WHM 11.36.1, and we're building our own management utility to handle back-end account creation, support, etc. We're using curl throughout our utility to surface account details and information from WHM and cPanel, with no issues at all, but we're seeing some very strange behavior when using the API to create accounts.
We automatically generate random 8 character usernames, and random secure passwords, which are pushed to the curl url during execution. We're doing this all behind https, using the WHM accesshash for authentication (just like all of our other curl calls).
PHP:
$newAcct = curl_init();
curl_setopt($newAcct, CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($newAcct, CURLOPT_SSL_VERIFYPEER,0);
curl_setopt($newAcct, CURLOPT_RETURNTRANSFER,1);
curl_setopt($newAcct, CURLOPT_HEADER, 0);
$newAcctHeader[0] = "Authorization: WHM root:".preg_replace("'(\r|\n)'","",$accesshash);
curl_setopt($newAcct, CURLOPT_HTTPHEADER,$newAcctHeader);
curl_setopt($newAcct, CURLOPT_URL,"https://".$host.":2087/json-api/createacct?username=".$username."&plan=".$package."&password=".$password."&domain=".$domain);
$result = curl_exec($newAcct);
curl_close($newAcct);
if (strpos($result, "...Done") === false) {
echo alert_bar('Error creating hosting account ('.$username.'). ('.$result.')','red');
}The script generated a username of "ofme7bwe" and attempted to create an account for the domain "build.host.com". Neither the domain or user exists in the system. The script did create the account, but the output of the API shows it failed because of the user.
Code:
{"result":[{"options":null,"statusmsg":"Sorry, a group for that username already exists.","status":0,"rawout":null}]}Any thoughts?
Last edited:
