Hi at the moment i am having to get form details entered into a database and also emailed to me, an i have to process every account request myself by putting the information into WHM, and i would rather have a bit on the end of my form processing php script that sets up the account automatically. Anyone know how to do that? Or does it themsekves and can share info?
Cheers,
Mike

I can do that ...... erm, get in touch, my username at hotmail dot com, msngr please ...

Check this out:

http://amfrservices.net

not if ya know what's good for ya, it doesn't even use accesshashes, you have to give it your username and password for whm, that's way too scary for my liking.....accesshashes are there for a reason.....

not if ya know what's good for ya, it doesn't even use accesshashes, you have to give it your username and password for whm, that's way too scary for my liking.....accesshashes are there for a reason.....

How do the big compaines do this when a paying person is in concern? companys like startlogic godaddy ect.

how do they do what ?

the proper ways to connect to cpanel are well documented in perl and php, and it's less than 50 lines of code.

how do they do what ?

the proper ways to connect to cpanel are well documented in perl and php, and it's less than 50 lines of code.


No i meant how do they tie it into the paying of the service?

Like you sign up fill out a form pay money then they send you a cool little welcome letter.

Is that 3 different scripts or one great big one?

That's a whole new world... Called PayPal IPN - It's a interesting thing.

When you hit the 'submit' button that takes you to PayPal, the submit button can also tell PayPal to automaticly visit a specific web page on your website when a payment has been sent.

Then when PayPal's servers automaticly visit this specific web page on your website, the web page can be a .php script - Which then can do all the proccessing stuff like account creation and mail sending.

PayPal will also run the web page when someone cancels the subscription, so then the php script can terminate the account.

FrostHost has a fully automated system, so I know.

And I agree with krak_joe - A script using username and password instead of accesshash to access WHM is a really unhealthy way to do it.

Hello guys,

I agree with you all.
I never really liked the way that AMFR coded his Account Creator Script so I was suppose to recreate one but I never did, because time wasn`t there.
ATM this current script can be a security hole too.

My 2 cents.

Best Regards,
Pat

<?php

class create
{ # Begin class

// Class vars
var $whmhostname;
var $whmuser;
var $accesshash;
var $usessl;
var $error;

/**
* Function - the beef
***
* newaccount(
* [string] username, [string] password, [string] domain, [string] plan, [string] email
* );
***
* Creates a new cpanel account
*/
function newaccount ($newuser, $newpass, $newdomain, $newplan, $newemail)
{
if (ereg('[^A-Za-z0-9]', $newuser))
{
$this->error = "Invalid username";
return false;
}
if (strlen($newuser) > 8)
{
$this->error = "Username is too long";
return false;
}
$action = "/scripts/wwwacct?remote=1".
"&nohtml=1".
"&username=". $newuser . "".
"&password=". $newpass ."".
"&domain=". $newdomain ."".
"&plan=".$newplan."".
"&contactemail=".urlencode($newemail)."";
$result = $this->whm_interface( $action );
if (preg_match("/Ftp vhost passwords synced/", $result))
{
return true;
}
elseif (preg_match("/taken/", $result)) {
$this->error = "Username taken";
return false;
}
elseif (preg_match("/Sorry, a DNS entry/", $result))
{
$this->error = "Domain exists on server";
return false;
}
}

/**
* Internal WHM Interface
**/
function whm_interface ($request)
{
$cleanaccesshash = preg_replace("'(\r|\n)'","",$this->accesshash);
$authstr = $this->whmuser . ":" . $cleanaccesshash;
$ch = curl_init();
if ($this->usessl == "1")
{
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($ch, CURLOPT_URL, "https://" . $this->whmhostname . ":2087" . $request);
}
else
{
curl_setopt($ch, CURLOPT_URL, "http://" . $this->whmhostname . ":2086" . $request);
}
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
$curlheaders[0] = "Authorization: WHM $authstr";
curl_setopt($ch,CURLOPT_HTTPHEADER,$curlheaders);
$data=curl_exec ($ch);
curl_close ($ch);
//echo "<pre>";
//echo $data;
//echo "</pre>";
return $data;
}

} # End class

$whm = &new create;
$whm->whmuser = "youruser";
$whm->accesshash = "5a03c64ffbd2fb2691f385eca8748021
d5f5a76e8c01cd16c852f1470e4f71d3
eea3f37de01976b04137256f18ef8b70
9338f12355bd8e3c584852b4bd898998
48fadf1989d3f5bad0a4101090067573
2609e997bcaf7e3f7c613dfac51141e8
5a03c64ffbd2fb2691f385eca8748021
d5f5a76e8c01cd16c852f1470e4f71d3
eea3f37de01976b04137256f18ef8b70
9338f12355bd8e3c584852b4bd898998
48fadf1989d3f5bad0a4101090067573
2609e997bcaf7e3f7c613dfac51141e8
3ebbb96527e421e24536db34887a38af
9f8963f6c37493c24bc7793b19c6e01b
f15f75ff27eb10259462465a02ccd9aa
f15f75ff27eb10259462465a02ccd9aa
5a03c64ffbd2fb2691f385eca8748021
9f8963f6c37493c24bc7793b19c6e01b
f15f75ff27eb10259462465a02ccd9aa
5634db783fdfd238a12a560fc5f09e1d
eaf2f2f6492ecb66a8348e2a958b4626
125bd62deb204c7d1ac1f7be1f2c040a
25aad84b0430724cc6d670467597f2c8
f398759f28859c53ca9ab121f44e169a
13419ccbd53994790fb6f0d019d0fd51
30ec43218f25340443eba52e0e41919b"; # ENTER IT EXACTLY LIKE THIS
$whm->whmhostname = "hozter.info";
$whm->usessl = 0; # It's recommended that you usessl, so set the script to 1
//$whm->newaccount ($newuser, $newpass, $newdomain, $newplan, $newemail);
if ($whm->newaccount("newusser", "password", "dnmccsasa.com", "krakjoe_Ad100", "KRAK_JOE@Hotmail.com"))
{
echo "Account created<br>";
} else {
echo "Failed<br>";
echo $whm->error;
}
?>

<?php

class create
{ # Begin class

// Class vars
var $whmhostname;
var $whmuser;
var $accesshash;
var $usessl;
var $error;

/**
* Function - the beef
***
* newaccount(
* [string] username, [string] password, [string] domain, [string] plan, [string] email
* );
***
* Creates a new cpanel account
*/
function newaccount ($newuser, $newpass, $newdomain, $newplan, $newemail)
{
if (ereg('[^A-Za-z0-9]', $newuser))
{
$this->error = "Invalid username";
return false;
}
if (strlen($newuser) > 8)
{
$this->error = "Username is too long";
return false;
}
$action = "/scripts/wwwacct?remote=1".
"&nohtml=1".
"&username=". $newuser . "".
"&password=". $newpass ."".
"&domain=". $newdomain ."".
"&plan=".$newplan."".
"&contactemail=".urlencode($newemail)."";
$result = $this->whm_interface( $action );
if (preg_match("/Ftp vhost passwords synced/", $result))
{
return true;
}
elseif (preg_match("/taken/", $result)) {
$this->error = "Username taken";
return false;
}
elseif (preg_match("/Sorry, a DNS entry/", $result))
{
$this->error = "Domain exists on server";
return false;
}
}

/**
* Internal WHM Interface
**/
function whm_interface ($request)
{
$cleanaccesshash = preg_replace("'(\r|\n)'","",$this->accesshash);
$authstr = $this->whmuser . ":" . $cleanaccesshash;
$ch = curl_init();
if ($this->usessl == "1")
{
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($ch, CURLOPT_URL, "https://" . $this->whmhostname . ":2087" . $request);
}
else
{
curl_setopt($ch, CURLOPT_URL, "http://" . $this->whmhostname . ":2086" . $request);
}
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
$curlheaders[0] = "Authorization: WHM $authstr";
curl_setopt($ch,CURLOPT_HTTPHEADER,$curlheaders);
$data=curl_exec ($ch);
curl_close ($ch);
//echo "<pre>";
//echo $data;
//echo "</pre>";
return $data;
}

} # End class

$whm = &new create;
$whm->whmuser = "youruser";
$whm->accesshash = "5a03c64ffbd2fb2691f385eca8748021
d5f5a76e8c01cd16c852f1470e4f71d3
eea3f37de01976b04137256f18ef8b70
9338f12355bd8e3c584852b4bd898998
48fadf1989d3f5bad0a4101090067573
2609e997bcaf7e3f7c613dfac51141e8
5a03c64ffbd2fb2691f385eca8748021
d5f5a76e8c01cd16c852f1470e4f71d3
eea3f37de01976b04137256f18ef8b70
9338f12355bd8e3c584852b4bd898998
48fadf1989d3f5bad0a4101090067573
2609e997bcaf7e3f7c613dfac51141e8
3ebbb96527e421e24536db34887a38af
9f8963f6c37493c24bc7793b19c6e01b
f15f75ff27eb10259462465a02ccd9aa
f15f75ff27eb10259462465a02ccd9aa
5a03c64ffbd2fb2691f385eca8748021
9f8963f6c37493c24bc7793b19c6e01b
f15f75ff27eb10259462465a02ccd9aa
5634db783fdfd238a12a560fc5f09e1d
eaf2f2f6492ecb66a8348e2a958b4626
125bd62deb204c7d1ac1f7be1f2c040a
25aad84b0430724cc6d670467597f2c8
f398759f28859c53ca9ab121f44e169a
13419ccbd53994790fb6f0d019d0fd51
30ec43218f25340443eba52e0e41919b"; # ENTER IT EXACTLY LIKE THIS
$whm->whmhostname = "hozter.info";
$whm->usessl = 0; # It's recommended that you usessl, so set the script to 1
//$whm->newaccount ($newuser, $newpass, $newdomain, $newplan, $newemail);
if ($whm->newaccount("newusser", "password", "dnmccsasa.com", "krakjoe_Ad100", "KRAK_JOE@Hotmail.com"))
{
echo "Account created<br>";
} else {
echo "Failed<br>";
echo $whm->error;
}
?>

Ouuuch! You know you just posted all your WHM details there... Your username is krakjoe and your access hash is there, and the host is hozter.info. Just enough to hack you.

Btw is it worth it spending all that time making that code just to show someone?

the accesshash is fake, I'm just giving the user the idea not to interfere with the way it looks when they copy it from whm, and the code was lying around, I just changed a little bit of it ....

What does that script do?

Logs into the WHM using its accesshash and creates a new account through WWWAcct, checks if it works by preg_matching certain phrases that exist when thing happen.

hehe Joe,
Good one!
Continu you're good work!

Cheers Joe Hopefully i'll stop having to manual enter in 100 accounts every day with your hard work!
Cheers,
MiKe

no problemo .....

Hey i can't thank you enough Joe that script is ace, kept quite simple too!
Thankyou soooo Much!

MiKe