We Keep Coding

php header with curl always got UNAUTHORIZED

I want to develop a bridging application to web service. I Tried using the encrypted TIMESTAMP, SIGNATURE, AND AUTHORIZATION code with ARC (google add on for web service) to test if my encryption codes are correct and it worked. In my php script All requirements (parameters) are already provided but I always get Unauthorized access even though the password and username are correct. Please help. i'm using php curl. Thank for your help.
this is my php script :
<?php
$data = "xxx";
$secretKey = "xxx";
$url = "http://someurl";
$nik = "xxx";
date_default_timezone_set('UTC');
$tStamp = strval(time()-strtotime('1970-01-01 00:00:00'));
$signature = hash_hmac('sha256', $data."&".$tStamp, $secretKey, true);
$encodedSignature = base64_encode($signature);
$urlencodedSignature = urlencode($encodedSignature);
$pcareUname = "zzz";
$pcarePWD = "zzz";
$kdAplikasi = "zzz";
$encodedAuthorization = base64_encode($pcareUname.":".$pcarePWD.":".$kdAplikasi);
//showing result from encode
echo "X-cons-id: " .$data;
echo "X-timestamp:" .$tStamp;
echo "X-signature: " .$encodedSignature;
echo "X-authorization: " .$encodedAuthorization";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url.$nik);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
"X-cons-id: $data",
"X-timestamp: $tStamp",
"X-signature: $signature",
"X-authorization: Basic $encodedAuthorization"
));
$result = curl_exec($ch);
curl_close($ch);
echo($result);
?>

PHP cPanel Create Subdomain

So I am trying to automatically create subdomains for my website using PHP. I tried the following code but it gives me a 301 error and redirects me to my cPanel login
function createDomain($domain) {
// your cPanel username
$cpanel_user = 'User';
// your cPanel password
$cpanel_pass = 'Pass';
// your cPanel skin
$cpanel_skin = 'paper_lantern';
// your cPanel domain
$cpanel_host = 'example.com';
// subdomain name
$subdomain = $domain;
// directory - defaults to public_html/subdomain_name
$dir = 'public_html/user_site';
// create the subdomain
$sock = fsockopen($cpanel_host,2083);
if(!$sock) {
print('Socket error');
exit();
}
$pass = base64_encode("$cpanel_user:$cpanel_pass");
$in = "GET /frontend/$cpanel_skin/subdomain/doadddomain.html?rootdomain=$cpanel_host&domain=$subdomain&dir=$dir\r\n";
$in .= "HTTP/1.0\r\n";
$in .= "Host:$cpanel_host\r\n";
$in .= "Authorization: Basic $pass\r\n";
$in .= "\r\n";
fputs($sock, $in);
while (!feof($sock)) {
$result .= fgets ($sock,128);
}
fclose($sock);
return $result;
}
Like I said it gives me a 301 error and redirects to example.com:2083 instead of just doing it in the code and not having me login to the cPanel manually. Any help would be greatly appreciated!

ANSWER:
After fiddling with my code I realized that port 2082 and port 2083 are the same except that 2082 has no https:// so I changed the port to 2082 and it worked!
CODE:
function createDomain($domain) {
// your cPanel username
$cpanel_user = 'User';
// your cPanel password
$cpanel_pass = 'Pass';
// your cPanel skin
$cpanel_skin = 'paper_lantern';
// your cPanel domain
$cpanel_host = 'example.com';
// subdomain name
$subdomain = $domain;
// directory - defaults to public_html/subdomain_name
$dir = 'public_html/user_site';
// create the subdomain
$sock = fsockopen($cpanel_host,2082);
if(!$sock) {
print('Socket error');
exit();
}
$pass = base64_encode("$cpanel_user:$cpanel_pass");
$in = "GET /frontend/$cpanel_skin/subdomain/doadddomain.html?rootdomain=$cpanel_host&domain=$subdomain&dir=$dir\r\n";
$in .= "HTTP/1.0\r\n";
$in .= "Host:$cpanel_host\r\n";
$in .= "Authorization: Basic $pass\r\n";
$in .= "\r\n";
fputs($sock, $in);
while (!feof($sock)) {
$result .= fgets ($sock,128);
}
fclose($sock);
return $result;
}

API 1 is now dead. Also passing your cpanel password through a non-secure connection (ie port 2082 instead of 2083) is a very bad idea. Next thing you know someone will have hijacked your cpanel account!
However, combining the codes given here for authentication and here for adding a subdomain, gives us the following script which seems to work just fine:
<?php
$cpanelsername = "example";
$cpanelpassword = "**********";
$subdomain = 'newsubdomain';
$domain = 'example.com';
$directory = "/public_html/$subdomain"; // A valid directory path, relative to the user's home directory. Or you can use "/$subdomain" depending on how you want to structure your directory tree for all the subdomains.
$query = "https://$domain:2083/json-api/cpanel?cpanel_jsonapi_func=addsubdomain&cpanel_jsonapi_module=SubDomain&cpanel_jsonapi_version=2&domain=$subdomain&rootdomain=$domain&dir=$directory";
$curl = curl_init(); // Create Curl Object
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0); // Allow self-signed certs
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0); // Allow certs that do not match the hostname
curl_setopt($curl, CURLOPT_HEADER,0); // Do not include header in output
curl_setopt($curl, CURLOPT_RETURNTRANSFER,1); // Return contents of transfer on curl_exec
$header[0] = "Authorization: Basic " . base64_encode($whmusername.":".$whmpassword) . "\n\r";
curl_setopt($curl, CURLOPT_HTTPHEADER, $header); // set the username and password
curl_setopt($curl, CURLOPT_URL, $deletedir); // execute the query
$result = curl_exec($curl);
if ($result == false) {
error_log("curl_exec threw error \"" . curl_error($curl) . "\" for $query");
// log error if curl exec fails
}
curl_close($curl);
print $result;
?>
The result should be something like this:
{"cpanelresult":{"func":"addsubdomain","event":{"result":1},"apiversion":2,"module":"SubDomain","data":[{"reason":"The subdomain “newsubdomain.example.com” has been added.","result":1}],"preevent":{"result":1},"postevent":{"result":1}}}
To delete the subdomain, run this query through the above script:
$deletesub = "https://$domain:2083/json-api/cpanel?cpanel_jsonapi_func=delsubdomain&cpanel_jsonapi_module=SubDomain&cpanel_jsonapi_version=2&domain=".$subdomain.'.'.$domain."&dir=$directory"; //Note: To delete the subdomain of an addon domain, separate the subdomain with an underscore (_) instead of a dot (.). For example, use the following format: subdomain_addondomain.tld
And to delete the directory, run this:
$deletedir = "https://$domain:2083/json-api/cpanel?cpanel_jsonapi_module=Fileman&cpanel_jsonapi_func=fileop&op=unlink&sourcefiles=$directory";

Noel's answer from 2018 more than likely won't work anymore, but if you've come here looking for how to use the Cpanel API to add a subdomain, start at this link to see the arguments accepted for the Cpanel API Ver 2 for the SubDomain module addsubdomain.
Below is an example that worked perfectly well for me.
$whmusername = "cpanel_username";
$whmpassword = "cpanel_password";
$subdomain = 'newsubdomain';
$cpanel_ip = 'IP_ADDRESS'; //ip of cpanel or your_domain.com
$domain = "your_domain.com";
$query = "https://".$cpanel_ip."2083/json-api/cpanel?cpanel_jsonapi_module=SubDomain&cpanel_jsonapi_func=addsubdomain&cpanel_jsonapi_apiversion=2&dir=/public_html/".$subdomain.".".$domain."/&rootdomain=".$domain."&domain=".$subdomain."";
$curl = curl_init();
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($curl, CURLOPT_HEADER,0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
$header[0] = "Authorization: Basic " . base64_encode($whmusername.":".$whmpassword) . "\n\r";
curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
curl_setopt($curl, CURLOPT_URL, $query);
$result = curl_exec($curl);
curl_close($curl);
Note that if you want to see what Cpanel is returning as a response for $result, then place print $result; after curl_close($curl);

PHP/Cpanel - How to create cPanel accounts without 3rd party application?

Good evening SO Community,
I've been trying to figure out how to dynamically create a cPanel account with PHP. While doing my pre-question research, I noticed that this question was asked quite a few times, and had a few answers. Unfortunately, the answers that I have found seem to have been depreciated in the latest cPanel versions. I have been trying to get the below script working but had no luck. NOTE: I DID NOT CREATE THE SCRIPT, I JUST FORGOT THE SOURCE. If you know of any way to create cPanel accounts with hosting packages, PLEASE let me know!
<?php
###############################################################
# cPanel WHM Account Creator 1.1
###############################################################
# Visit http://www.zubrag.com/scripts/ for updates
###############################################################
# Required parameters:
# - domain - new account domain
# - user - new account username
# - password - new account password
# - package - new account hosting package (plan)
# - email - contact email
#
# Sample run: create-whm-account.php?domain=reseller.com&user=hosting&password=manager&package=unix_500
#
# If no parameters passed then input form will be shown to enter data.
#
# This script can also be run from another PHP script. This may
# be helpful if you have some user interface already in place and
# want to automatically create WHM accounts from there.
# In this case you have to setup following variables instead of
# passing them as parameters:
# - $user_domain - new account domain
# - $user_name - new account username
# - $user_pass - new account password
# - $user_plan - new account hosting package (plan)
# - $user_email - contact email
#
###############################################################
/////// YOUR WHM LOGIN DATA
$whm_user = "root"; // reseller username
$whm_pass = "PASS"; // the password you use to login to WHM
#####################################################################################
############## END OF SETTINGS. DO NOT EDIT BELOW #######################
#####################################################################################
$whm_host = $_SERVER['HTTP_HOST'];
function getVar($name, $def = '') {
if (isset($_REQUEST[$name]))
return $_REQUEST[$name];
else
return $def;
}
// Domain name of new hosting account
// To create subdomain just pass full subdomain name
// Example: newuser.zubrag.com
if (!isset($user_domain)) {
$user_domain = getVar('domain');
}
// Username of the new hosting account
if (!isset($user_name)) {
$user_name = getVar('user');
}
// Password for the new hosting account
if (!isset($user_pass)) {
$user_pass = getVar('password');
}
// New hosting account Package
if (!isset($user_plan)) {
$user_plan = getVar('package');
}
// Contact email
if (!isset($user_email)) {
$user_email = getVar('email');
}
// if parameters passed then create account
if (!empty($user_name)) {
// create account on the cPanel server
$script = "http://{$whm_user}:{$whm_pass}#{$whm_host}:2086/scripts/wwwacct";
$params = "?plan={$user_plan}&domain={$user_domain}&username={$user_name}&password={$user_pass}&contactemail={$user_email}";
$result = file_get_contents($script.$params);
// output result
echo "RESULT: " . $result;
}
// otherwise show input form
else {
$frm = <<<EOD
<html>
<head>
<title>cPanel/WHM Account Creator</title>
<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
</head>
<body>
<style>
input { border: 1px solid black; }
</style>
<form method="post">
<h3>cPanel/WHM Account Creator</h3>
<table border="0">
<tr><td>Domain:</td><td><input name="domain" size="30"></td><td>Subdomain or domain, without www</td></tr>
<tr><td>Username:</td><td><input name="user" size="30"></td><td>Username to be created</td></tr>
<tr><td>Password:</td><td><input name="password" size="30"></td><td></td></tr>
<tr><td>Package:</td><td><input name="package" size="30"></td><td>Package (hosting plan) name. Make sure you cpecify existing package</td></tr>
<tr><td>Contact Email:</td><td><input name="email" size="30"></td><td></td></tr>
<tr><td colspan="3"><br /><input type="submit" value="Create Account"></td></tr>
</table>
</form>
</body>
</html>
EOD;
echo $frm;
}
?>
Please let me know if you need any more information!
Thank you in advance,
Tim
EIDT
Source: https://github.com/Ephygtz/cPanel-WHM-automated-account-creator/blob/master/create-whm-account.php
Any ideas?

Good afternoon,
I know this questions is a little dated, but I have found a solution that works for me. Please see below.
<?php
Function createAccount ($newDomain = "", $newUser = "", $newPass = "", $newPlan = "", $newEmail = "") {
$whm_user = "usename";
$whm_pass = "password";
$whm_host = "example.com";
$newDomain = fixData($newDomain);
$newUser = fixData($newUser);
$newPlan = fixData($newPlan);
If (!empty($newUser)) {
// Get new session ID
$sessID = newSession($whm_host, $whm_user, $whm_pass);
$script = "https://www." . $whm_host . ":2087" . $sessID . "/scripts/wwwacct";
$sData = "?plan={$newPlan}&domain={$newDomain}&username={$newUser}&password={$newPass}&contactemail={$newEmail}";
// Authenticate User for WHM access
$context = stream_context_create(array(
'http' => array(
'header' => "Authorization: Basic " . base64_encode("{$whm_user}:{$whm_pass}"),
),
));
// Get result
$result = file_get_contents($script.$sData, false, $context);
//Echo "URL: " . $script.$sData . "<br /><br />";
// Echo "Result: " . $result;
} Else {
Echo "Error: Username is empty!";
}
}
Function newSession($nHost, $nUser, $nPass) { // Example details
$ip = $nHost;
$cp_user = $nUser;
$cp_pwd = $nPass;
$url = "https://$ip:2087/login";
// Create new curl handle
$ch=curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "user=$cp_user&pass=$cp_pwd");
curl_setopt($ch, CURLOPT_TIMEOUT, 100020);
// Execute the curl handle and fetch info then close streams.
$f = curl_exec($ch);
$h = curl_getinfo($ch);
curl_close($ch);
// If we had no issues then try to fetch the cpsess
if ($f == true and strpos($h['url'],"cpsess"))
{
// Get the cpsess part of the url
$pattern="/.*?(\/cpsess.*?)\/.*?/is";
$preg_res=preg_match($pattern,$h['url'],$cpsess);
}
// If we have a session then return it otherwise return empty string
return (isset($cpsess[1])) ? $cpsess[1] : "";
}
Function fixData($data) {
$data = str_replace("-","%2D",$data);
$data = str_replace(".","%2E",$data);
$data = str_replace(" ","%20",$data);
return $data;
}
Function returnData($data) {
$data = str_replace("%2D","-",$data);
$data = str_replace("%2E",".",$data);
$data = str_replace("%20"," ",$data);
return $data;
}
header('Location: https://www.example.com/users');
?>

Using cPanel API to create mySQL database and user in PHP

I am trying to create a mysql user and assign it to the created database.
I have tried setting $db_host as IP address, FQD, localhost (since I am running from the same server) etc. All of these has no success.
Any advice on what I'm doing wrong? (xmlapi.php is being incuded fine)
include("xmlapi.php");
$db_host = "usingfullyqualifieddomain";
$cpuser = "myuser";
$cppass = "mypass";
$xmlapi = new xmlapi($db_host);
$xmlapi->set_port(2083);
$xmlapi->password_auth($cpuser,$cppass);
$xmlapi->set_debug(1);
//create database
print $xmlapi->api1_query($cpuser, "Mysql", "adddb", 'myDatabaseName');
//create user
print $xmlapi->api1_query($cpuser, "Mysql", "adduser", array('user' => 'myDBUser','pass'=>'myDBPwd'));

The error is probably related to the way you're making your first service call, to create the database. Here is how I do it, on CPanel 11:
$auth_user = 'XXXXXX';
$auth_pass = 'XXXXX';
$server = 'XXXXXXXX.com';
$json_client = new \xmlapi($server);
$json_client->set_output('json');
$json_client->set_port(2083);
$json_client->password_auth($auth_user, $auth_pass);
$json_client->set_debug(1);
# Create Database
$result = $json_client->api1_query( $auth_user, 'Mysql', 'adddb', array($shop->alias));
var_dump($result);
Note that the fourth parameter should be an array with the parameters, and not a string as you are doing it.
Also notice that the print on the api call result is not very useful for debugging. Try var_dump'ing it, as it will show you some more interesting information to work on.

currently, cpanel support the cpanel json api..
here you can use this code ..
this worked for me well
<?php
$cpanelusername = "cpanelusername";
$cpanelpassword = "cpanelpassword";
$domain = 'mydomain.com';
$query = "https://$domain:2083/json-api/cpanel?cpanel_jsonapi_module=Mysql&cpanel_jsonapi_func=adddb&cpanel_jsonapi_apiversion=1&arg-0=DBNAME";
$curl = curl_init(); // Create Curl Object
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0); // Allow self-signed certs
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0); // Allow certs that do not match the hostname
curl_setopt($curl, CURLOPT_HEADER,0); // Do not include header in output
curl_setopt($curl, CURLOPT_RETURNTRANSFER,1); // Return contents of transfer on curl_exec
$header[0] = "Authorization: Basic " . base64_encode($cpanelusername.":".$cpanelpassword) . "\n\r";
curl_setopt($curl, CURLOPT_HTTPHEADER, $header); // set the username and password
curl_setopt($curl, CURLOPT_URL, $query); // execute the query
$result = curl_exec($curl);
if ($result == false) {
error_log("curl_exec threw error \"" . curl_error($curl) . "\" for $query");
// log error if curl exec fails
}
curl_close($curl);
print $result;
?>

How to use Constant Contact API?

I want to use API of the constant contact and want to insert user email using PHP while user register to the site.
please reply if any help.
Thanks in advance.

// fill in your Constant Contact login and API key
$ccuser = 'USERNAME_HERE';
$ccpass = 'PASS_HERE';
$cckey = 'APIKEY_HERE';
// fill in these values
$firstName = "";
$lastName = "";
$emailAddr = "";
$zip = "";
// represents the contact list identification number(s)
$contactListId = INTEGER_OR_ARRAY_OF_INTEGERS_HERE;
$contactListId = (!is_array($contactListId)) ? array($contactListId) : $contactListId;
$post = new SimpleXMLElement('<entry></entry>');
$post->addAttribute('xmlns', 'http://www.w3.org/2005/Atom');
$title = $post->addChild('title', "");
$title->addAttribute('type', 'text');
$post->addChild('updated', date('c'));
$post->addChild('author', "");
$post->addChild('id', 'data:,none');
$summary = $post->addChild('summary', 'Contact');
$summary->addAttribute('type', 'text');
$content = $post->addChild('content');
$content->addAttribute('type', 'application/vnd.ctct+xml');
$contact = $content->addChild('Contact');
$contact->addAttribute('xmlns', 'http://ws.constantcontact.com/ns/1.0/');
$contact->addChild('EmailAddress', $emailAddr);
$contact->addChild('FirstName', $firstName);
$contact->addChild('LastName', $lastName);
$contact->addChild('PostalCode', $zip);
$contact->addChild('OptInSource', 'ACTION_BY_CUSTOMER');
$contactlists = $contact->addChild('ContactLists');
// loop through each of the defined contact lists
foreach($contactListId AS $listId) {
$contactlist = $contactlists->addChild('ContactList');
$contactlist->addAttribute('id', 'http://api.constantcontact.com/ws/customers/' . $ccuser . '/lists/' . $listId);
}
$posturl = "https://api.constantcontact.com/ws/customers/{$ccuser}/contacts";
$authstr = $cckey . '%' . $ccuser . ':' . $ccpass;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $posturl);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, $authstr);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post->asXML());
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type:application/atom+xml"));
curl_setopt($ch, CURLOPT_HEADER, false); // Do not return headers
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0); // If you set this to 0, it will take you to a page with the http response
$response = curl_exec($ch);
curl_close($ch);
// returns true on success, false on error
return (!is_numeric($response));

The developers of ConstantContact have launched PHP library to handle such kind of tasks.
Following version is for older PHP versions (5.2 or lesser). Download code from here: https://github.com/constantcontact/ctct_php_library
Following is an example to add a subscriber's email in your constant contact lists.
After downloading the above library, use following code to add an email in Constant Contact list(s).
session_start();
include_once('ConstantContact.php'); // Set path accordingly
$username = 'YOUR_CONSTANT_CONTACT_USER_NAME';
$apiKey = 'YOUR_API_KEY';
$password = 'YOUR_CONSTANT_CONTACT_PASSWORD';
$ConstantContact = new Constantcontact("basic", $apiKey, $username, $password);
$emailAddress = "new_email#test.com";
// Search for our new Email address
$search = $ConstantContact->searchContactsByEmail($emailAddress);
// If the search did not return a contact object
if($search == false){
$Contact = new Contact();
$Contact->emailAddress = $emailAddress;
//$Contact->firstName = $firstName;
//$Contact->lastName = $lastName;
// represents the contact list identification link(s)
$contactList = LINK_OR_ARRAY_OF_LINKS_HERE;
// For example,
// "http://api.constantcontact.com/ws/customers/USER_NAME/lists/14";
$Contact->lists = (!is_array($contactList)) ? array($contactList) : $contactList;
$NewContact = $ConstantContact->addContact($Contact);
if($NewContact){
echo "Contact Added. This is your newly created contact's information<br /><pre>";
print_r($NewContact);
echo "</pre>";
}
} else {
echo "Contact already exist.";
}
Note: The latest version can be found on the GitHub links given in following URL: http://developer.constantcontact.com/libraries/sample-code.html
But I am not sure if the above example code works with the newer library or not.

If you can't get this to work, you might have to add this curl_setopt:
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);