blue44

Registered
Nov 22, 2003
2
0
151
Hi,
I have been looking on the net for a few days now for a working 'doaddpop' script so i can automate the setup of accounts on my server!
After trying them all i found one!

Here it is!

PHP:
$u = "cpanelUsername"; //your cpanel username
$p = "cpanelPassword"; //your cpanel password
$domain = "domain.com"; // Your Domain without the http or www.

// Variables from signup form.
$username = $_POST['username'];
$password = $_POST['password'];

// QUOTA IS SET TO 100 IN THIS SCRIPT, change it to whatever you like.

// Register POP Account on cPanel.
$file = fopen("http://$u:[email protected]$domain:2082/frontend/x/mail/doaddpop.html?email=$username&domain=$domain&password=$password&quota=100", "r");
if (!$file) 
{
    echo "<p>Unable to open remote file.\n";
    exit;
} // Unable to connect.
		
while (!feof ($file))
{
    $line = fgets ($file, 1024);
    if(eregi("already exists!", $line, $out)) 
    {
        echo "That name is in use. Please Try Another name.";
        exit;
    } // If name exists.
} // While.

fclose($file);

echo "Email account created!";

I hope this helps anyone who wants it.
I thought it would be bad not to post it up for people.

Jamie.
 

blue44

Registered
Nov 22, 2003
2
0
151
Hi,
The above code still works for me.
because the script is processed in PHP on the server and the output is only sent to the webbrowser, im sure the passwords cannot be hacked.
although if there does happen to be a major flaw in your code, then its possible.

jamie
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,465
30
473
Go on, have a guess
It is a risk you take for the convenience, especially if you d not enable phpsuexec or php_openbasedir protection. If you don't, then it would be trivial for someone who successfully exploits any PHP script on your server to read the account and password details - just something to be aware of.