The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XMLAPI Check Authentication

Discussion in 'cPanel Developers' started by rmatakajr, Mar 23, 2012.

  1. rmatakajr

    rmatakajr Member

    Joined:
    Jun 8, 2011
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Hi

    I'm banging my head against the wall here trying to make a simple function
    basically I initialize the class with all the correct variables and I have done multiple
    var dumps to make sure $this was probably loaded with the correct cPanel user info

    So I wrote this 1 line.. that I would check with the array bellow

    function check_logins($user){
    return $this->api1_query($user, 'Mysql','adddb',array());
    }


    if($res['module']!='Mysql' && $res['event']['result']!=1){
    $stop_cpanel=1;
    return 'Cannot Login To Cpanel, Please Check Your Account Password!!';
    }

    Figuring that I would return the module name which means its not "Access Denied"
    Well this is not a fail safe routine.. It works sometimes then it does not.. and its
    driving me nuts.. I have step debugged the classes interactions and it has the valid
    information to process the auth string.. which I even decoded to check that it was
    good

    On some calls it works.. then on others it throws access denied. There has to be a function
    im missing that would simply reply saying the user can login TRUE or FALSE

    Can you please help me here..

    Thanks
    Ricky
     
  2. rmatakajr

    rmatakajr Member

    Joined:
    Jun 8, 2011
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    OK Im bugging out here... Im using codeigntor 1.7.1
    This is the out put from IDENTICAL calls

    This one is calling within a library file ADDED (XXXX) for security

    FAILED!

    Array
    (
    [0] => Array
    (
    [cpanel_xmlapi_user] => cointsite
    [cpanel_xmlapi_module] => Mysql
    [cpanel_xmlapi_func] => adddb
    [cpanel_xmlapi_apiversion] => 1
    )

    [1] => http://xxx.com:2082/xml-api/cpanel
    [2] => Authentication Header: Authorization: Basic Y29pbnRzaXRlOXXXXd2tjTFE3ZUR1

    [3] => RESPONSE:
    <cpanelresult>
    <data>
    <result>0</result>
    <reason>Access denied</reason>
    </data>
    </cpanelresult>

    )
    1

    This one here is called from a controller

    SUCCESS

    Array
    (
    [0] => Array
    (
    [cpanel_xmlapi_user] => coinsite
    [cpanel_xmlapi_module] => Mysql
    [cpanel_xmlapi_func] => adddb
    [cpanel_xmlapi_apiversion] => 1
    )

    [1] => http://xxx.com:2082/xml-api/cpanel
    [2] => Authentication Header: Authorization: Basic Y29pbnNpdGU6YW5XXXXZ3a2NMUTdlRHU=


    [3] => RESPONSE:
    <?xml version="1.0" ?>
    <cpanelresult><module>Mysql</module><func>adddb</func><type>event</type><source>internal</source><apiversion>1</apiversion><data><result></result></data> <event>
    <result>1</result>
    </event>
    </cpanelresult>
    )


    I have double checked BOTH base64_encode with
    Base 64 Decoder

    And they validate.. the only difference infact is the base64_encode string
    The one from the controller WORKS the one from inside the library fails

    I have also looked into Code Ignitor to see if there is a modified behavior and
    I cannot find anything...

    Im really at a loss here hoping someone has a clue

    Thanks
    Ricky
     
  3. charsleysa

    charsleysa Active Member

    Joined:
    Jul 18, 2011
    Messages:
    41
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Palmerston North, New Zealand
    cPanel Access Level:
    Root Administrator
    Hello rmatakajr,

    It seems to me that you are not sending the correct information to the API in the Authentication header.
    If I remember correctly, cPanel does not only send the password but the username as well in that header.

    Try the following:
    $basic_auth_string = base64_encode("$username:$password");
     
  4. rmatakajr

    rmatakajr Member

    Joined:
    Jun 8, 2011
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Hey Guys all of a sudden Working code stopped working im getting access denied issues out of no where.. did somthing change? on the WHM 11.34.1 (build 7) ? No security options are checked .. it just dont work any more. Its failing autherization

    Array ( [0] => URL: http://domain.com:2082/xml-api/cpanel [1] => DATA: cpanel_xmlapi_user=nichesit&cpanel_xmlapi_module=Mysql&cpanel_xmlapi_func=adddb&cpanel_xmlapi_apiversion=1 [2] => Authentication Header: Authorization: Basic xxxxxxxxxxxx [3] => nichesit:XXXXXX [4] => RESPONSE: Access denied 0 Access denied )

    Its sending the right data and correct logins just failing?
     
Loading...

Share This Page