Solved

unsuspend/suspend

Posted on 2006-06-13
9
757 Views
Last Modified: 2013-12-13
hi
how do i suspend an account using a script php ?
i want to change the paramater $suspenduser with the name of account $accdomain in suspend($host,$user,$accesshash,$usessl,$suspenduser) in the file accounting.php.inc
for exmple :
$host="localhost";
$user"user";
$accesshash="accesshash";
$suspenduser="user.mysite.com";
In whm you can choose betwen th name of the account or the user, so i want to use th account
any idea is good
0
Comment
Question by:qadelq
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 16900607
Does your DB have an option to suspend a user?

There is not PHP function called suspend, so you must be looking at a specific application?
0
 

Author Comment

by:qadelq
ID: 16900813
i think that you dont indrstand me
ok
if you look at suspend/unsuspend account page in whm there are two optoins to suspend an account one by domain and an other by users.
i have a script suspending account by users in accounting.php.inc file:



<?php
global $cpanelaccterr;
function suspend ($host,$user,$accesshash,$usessl,$suspenduser) {
    $result = whmreq("/scripts/remote_suspend?user=${suspenduser}",$host,$user,$accesshash,$usessl);
    if ($cpanelaccterr != "") { return; }
    return $result;
}
function unsuspend ($host,$user,$accesshash,$usessl,$suspenduser) {
    $result = whmreq("/scripts/remote_unsuspend?user=${suspenduser}",$host,$user,$accesshash,$usessl);
    if ($cpanelaccterr != "") { return; }
    return $result;
}

function whmreq ($request,$host,$user,$accesshash,$usessl) {


    $cleanaccesshash = preg_replace("'(\r|\n)'","",$accesshash);
        $authstr = $user . ":" . $cleanaccesshash;
    $cpanelaccterr = "";


    if (function_exists("curl_init")) {
        $ch = curl_init();
        if ($usessl) {
            curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,0);                
            curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0);
            curl_setopt($ch, CURLOPT_URL, "https://${host}:2087" . $request);
        } else {
            curl_setopt($ch, CURLOPT_URL, "http://${host}:2086" . $request);
                }
        curl_setopt($ch, CURLOPT_HEADER, 0);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
            $curlheaders[0] = "Authorization: WHM $authstr";
                curl_setopt($ch,CURLOPT_HTTPHEADER,$curlheaders);
        $data=curl_exec ($ch);
        curl_close ($ch);
    } elseif (function_exists("socket_create")) {
        if ($usessl) {
            $cpanelaccterr = "SSL Support requires curl";
            return;
        }
        $service_port = 2086;
        $address = gethostbyname($host);
        $socket = socket_create (AF_INET, SOCK_STREAM, 0);
        if ($socket < 0) {
                $cpanelaccterr = "socket_create() failed";
            return;
        }
        $result = socket_connect ($socket, $address, $service_port);
        if ($result < 0) {
                $cpanelaccterr = "socket_connect() failed";
            return;
        }
        $in = "GET $request HTTP/1.0\n";
        socket_write($socket,$in,strlen($in));    
        $in = "Connection: close\n";
        socket_write($socket,$in,strlen($in));    
        $in = "Authorization: WHM $authstr\n\n\n";
        socket_write($socket,$in,strlen($in));    
   
        $inheader = 1;
        while(($buf = socket_read($socket, 512)) != false) {
          if (!$inheader) {
              $data .= $buf;
              }
          if(preg_match("'\r\n\r\n$'s", $buf)) {
            $inheader = 0;
          }
          if(preg_match("'\n\n$'s", $buf)) {
            $inheader = 0;
          }
          if(preg_match("'\r\n$'s", $buf)) {
            $inheader = 0;
          }
        }

    } else {
        $cpanelaccterr = "php not compiled with --enable-sockets OR curl";
        return;
    }

    return $data;    
}

 
   $host = "localhost";
   $user = "myuser";
   $accesshash = 'myaccesshash';
   // new account
   $acctdomain ='user.mysite.com';
   $suspenduser = "accuser";
   $acctpass = 'pwd';
   $acctplan = 'pkg'; // see Accounting.php.inc what should be in here
   $spd=suspend ($host,$user,$accesshash,$usessl,$suspenduser)
 
?>
 when i execute this script the account "user.mysite.com" appear in the list suspended accounts in whm, but i want to replace $suspenduser by $acctdomain
thanks
   
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 16900918
Sorry. I thought whm was a mistype.

I'm not a CPanel expert, so can you please explain the difference between the user and the domain? I though they are the same thing in this regard?
0
Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

 

Author Comment

by:qadelq
ID: 16900997
thanks for your replay

I when create new acount in whm , the requirment  1- user  ( username) 2- domain ( yuordomain.com) , but I when want to suspend or terminat , the whm requirment the user in order to terminate or suspend the acount  (please note the example above) , therefore I want susped or termenate the acount depnded on the acctdomain ( domain) .
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 16901008
Is the user uniquely tied to the domain?

Having looked at the code you supplied, you need to take a look at

/scripts/remote_suspend

and

/scripts/remote_unsuspend

These are the scripts which do the suspending and unsuspending. I don't know if they are PHP or not. They expect a user parameter. They may accept a domain parameter.
0
 

Author Comment

by:qadelq
ID: 16901159
please explain
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 16901380
The code you supplied doesn't actually make the required changes to the status. Instead it calls 1 of 2 scripts ...

scripts/remote_suspend

from

$result = whmreq("/scripts/remote_suspend?user=${suspenduser}",$host,$user,$accesshash,$usessl);

and

scripts_remote_unsuspend

from

$result = whmreq("/scripts/remote_unsuspend?user=${suspenduser}",$host,$user,$accesshash,$usessl);


As you can see the parameters are all user orientated, but the scripts themselves may well support domain.

You will need to see if they do. Can you supply those scripts here?
0
 

Author Comment

by:qadelq
ID: 16901704
ok

1- suspendacct


  #!/usr/bin/perl
# cpanel9 - scripts        Copyright(c) 1997-2004 cPanel, Inc.
#                                 All rights Reserved.
# copyright@cpanel.net      http://cpanel.net
# This code is subject to the cpanel license. Unauthorized copying is prohibited

BEGIN {
    push(@INC,'/scripts');
}

use cPScript::SafetyBits;
use cPScript::iContact qw( );
use SafeFile;
use AcctLock;
use POSIX;

my $system = (POSIX::uname())[0];


$user = $ARGV[0];
$reason = $ARGV[1];
$disallowun = $ARGV[2];
if ($user eq "" || $user eq "root") {
    print "Syntax Error: usage: suspendacct <user>\n";
    exit;
}
my $homedir = gethomedir($user);
my $shell = getshell($user);
print "Changing Shell to /bin/false...";
system("chsh","-s","/bin/false","$user");
print "Done\n";
AcctLock::acctlock();
print "Locking Password...";
if (-e "/usr/sbin/pw") {
    system("/usr/sbin/pw","lock","$user");
} else {
    system("passwd","-l","$user");
}
print "Done\n";
AcctLock::acctunlock();
$owner = getowner($user);
$owner =~ s/\n//g;
if ($owner eq "" || $owner eq "root" || $user eq $owner) {
    chomp($host = `hostname`);
} else {
    $host = getdomain($owner);
}

$domain = getdomain($user);
if (! -e "/var/cpanel/suspended") {
    mkdir("/var/cpanel/suspended",0755);
}

open(USERS,">/var/cpanel/suspended/${user}");
print USERS $reason;
close(USERS);
if ($disallowun eq "1") {
    open(USERS,">/var/cpanel/suspended/${user}.lock");
    close(USERS);
}

if ($system =~ /freebsd/i) {
    system("killall","-9","-u","$user","-m",".");
} else {
    system("skill","-9","$user");
}

open(CPU,"/var/cpanel/users/${user}");
while(<CPU>) {
    if (/^DNS.?.?.?.?=(\S+)/) {
        push(@DNS,$1);
    }
}
close(CPU);

mkdir("/usr/local/cpanel/3rdparty/mailman/suspended.lists",0755);

foreach my $dns (@DNS) {
    $dns = makevaliddns($dns);
    next if ($dns eq "-1");

    system("mv /usr/local/cpanel/3rdparty/mailman/lists/*_$dns /usr/local/cpanel/3rdparty/mailman/suspended.lists 2>/dev/null");

    if (-f "${homedir}/etc/${dns}/shadow" && ! -l "${homedir}/etc/${dns}/shadow") {
        print "Suspending email account logins for ${dns} .... ";
        suspendshadowfile("${homedir}/etc/${dns}/shadow");
        print "Done\n";
    }
}


$msg = <<"EOM";
+===================================+
| Account Info                      |
+===================================+
| Domain: $domain
| UserName: $user
+===================================+
Account suspended by $ENV{'REMOTE_USER'} ($ENV{'USER'})
EOM

cPScript::iContact::icontact('application' => 'suspendacct',
                             'level'   => 3,
                             'subject' => qq{Account Suspended on $host ($domain)},
                             'message' => $msg,
                             'msgtype' => '');


if ($shell eq "/bin/false") {
    print "Account Already Suspended\n";
    exit;
}
if (! -e "/var/cpanel/suspendinfo") {
    mkdir("/var/cpanel/suspendinfo",0700);
}
open(CPINFO,">","/var/cpanel/suspendinfo/${user}");
print CPINFO "shell=${shell}\n";
close(CPINFO);


open(CPU,">>/var/cpanel/users/${user}");
my $now = time();
print CPU "SUSPENDTIME=$now\n";
close(CPU);

if (! -e "/var/spool/cron.suspended") {
    mkdir("/var/spool/cron.suspended",0700);
}

if (-f "/var/spool/cron/${user}") {
    link("/var/spool/cron/${user}",
         "/var/spool/cron.suspended/${user}");
    unlink("/var/spool/cron/${user}");
}

cPScript::SafetyBits::safe_chmod(0000,$user,"${homedir}/public_ftp");
rename("$homedir/public_html/.htaccess","$homedir/public_html/.htaccess.suspend");
unlink("$homedir/public_html/.htaccess");
open(HTACCESS,">>$homedir/public_html/.htaccess");
print HTACCESS "RedirectMatch .* http://${host}/suspended.page/\n";
print HTACCESS "Options -Includes -Indexes -ExecCGI\n";
close(HTACCESS);
system("sync");

my $ftpfile = "/etc/proftpd/$user";
if(-e $ftpfile && -e "/var/cpanel/suspended/$user") {
    print "Suspending FTP accounts...\n";
    rename($ftpfile, "$ftpfile.suspended")
        or warn "Could not rename $ftpfile to $ftpfile.suspended";
}

system("/usr/local/cpanel/bin/ftpupdate",$user);
system '/usr/local/cpanel/bin/updateauthtab';
print ${user} . "'s account has been suspended\n";



sub gethomedir {
    my($user) = @_;
    my($homedir);
    open(PASSWD,"/etc/passwd");
    while(<PASSWD>) {
        if (/^$user:/) {
            (undef,undef,undef,undef,undef,$homedir,undef) = split(/:/, $_,  7);
            return $homedir;
        }
    }
    close(PASSWD);
}

sub getshell {
    my($user) = @_;
    my($shell);
    open(PASSWD,"/etc/passwd");
    while(<PASSWD>) {
        s/\n//g;
        if (/^$user:/) {
            (undef,undef,undef,undef,undef,undef,$shell) = split(/:/, $_,  7);
            return $shell;

        }
    }
    close(PASSWD);
}

sub getowner {
    my($user) = @_;
    my($owner);
    open(CPUO,"/var/cpanel/users/$user") || return 'root';
    while(<CPUO>) {
        s/\n//g;
        if (/^OWNER=(\S+)/) {
            $owner = $1;
        }
    }
    close(CPUO);

    if ($owner eq "" || $owner eq "0") { $owner = 'root'; }
    return($owner);
}


sub getdomain {
    my($user) = $_[0];
    open(CPU,"/var/cpanel/users/$user");
    while(<CPU>) {
        s/\n//g;
        if (/^DNS=(\S+)/) {
            close(CPU);
            return $1;
        }
    }
    close(CPU);
    return "";
}


sub makevaliddns {
    my($domain) = @_;
    $domain =~ s/[^\w\.\-]*[_]*//g;


    if (length($domain) < 3) {
        return(-1);
    }
    if ($domain =~ /^\./) {
        return(-1);
    }


    return($domain);
}

sub suspendshadowfile {
    my($file) = @_;
    my($shadowlock);
    $shadowlock = SafeFile::safeopen(\*SHF,"<",$file);
    my @CT = <SHF>;
    SafeFile::safeclose(\*SHF,$shadowlock);
    $shadowlock = SafeFile::safeopen(\*SHF,">",$file);
    foreach (@CT) {

        my @DC=split(/:/,$_);
        chomp($DC[$#DC]);
        if ($DC[1] !~ /^\*LOCKED\*/) {
            $DC[1] = "*LOCKED*" . $DC[1];
        }
        print SHF join(":",@DC) . "\n";
    }
    SafeFile::safeclose(\*SHF,$shadowlock);
}

================================================
==================================================

2- unsuspendacct

#!/usr/bin/perl
# cpanel9 - scripts        Copyright(c) 1997-2004 cPanel, Inc.
#                                 All rights Reserved.
# copyright@cpanel.net      http://cpanel.net
# This code is subject to the cpanel license. Unauthorized copying is prohibited


BEGIN {
   push(@INC,"/scripts");
}


use cPScript::SafetyBits;
use cPScript::iContact qw( );
use SafeFile;
use AcctLock;

open(CF,"/var/cpanel/cpanel.config");
while(<CF>) {
    next if (/^\#/);
    s/\n//g;
    ($var,$value) = split(/=/, $_);
    $CPCONF{$var} = $value;
}
close(CF);


$user = $ARGV[0];
if ($user eq "" || $user eq "root") {
    print "Syntax Error: usage: unsuspendacct <user>\n";
    exit;
}
if (-e "/etc/wwwacct.conf") {
    open(CONF,"/etc/wwwacct.conf");
    while(<CONF>) {
        $_ =~ s/\n//g;
        if ($_ !~ /^;/) {
            if ($_ =~ /DEFSHELL/) {
                (undef,$shell) = split(/ /, $_);
                last;
            }
        }
    }
    close(CONF);
}      

if ($owner eq "" || $owner eq "root") {
    chomp($host = `hostname`);
} else {
    $host = getdomain($owner);
}

if ((! -e $shell) || (! $shell)) {
    $shell = "/bin/bash";
}
my $homedir = gethomedir($user);

if ($CPCONF{'acls'} eq "1") {
    if (my $pid = fork()) {        
        waitpid($pid,0);  
    } else {
        setuids($user);
        system("setfacl","-kb","-m","group:nobody:x",
               "-m","group:mail:x",
               "-m","group:cpanel:x",
               "-m","group:mailnull:x",
                '-m','group:65535:x',
               '-m','group:ftp:x',
                "--","${homedir}");
        chmod(0750,${homedir});
        exit();
    }              
} else {              
    cPScript::SafetyBits::safe_chmod(0711,$user,$homedir);
}
if (-e "/var/cpanel/fileprotect") {            
                            my $httpgid = (getgrnam('nobody'))[2];
    my $useruid = (getpwnam($user))[2];
    cPScript::SafetyBits::safe_userchgid($useruid,$httpgid,"${homedir}/public_html");
    cPScript::SafetyBits::safe_chmod(0750,$useruid,"${homedir}/public_html");
} else {        
    cPScript::SafetyBits::safe_chmod(0755,$user,"${homedir}/public_html");
}

cPScript::SafetyBits::safe_chmod(0755,$user,"${homedir}/public_ftp");


my(%SUINFO);
open(SUINFO,"<","/var/cpanel/suspendinfo/${user}");
while(<SUINFO>) {                
    chomp();            
    my($name,$value) = split(/=/, $_);
    $SUINFO{$name} = $value;    
}
close(SUINFO);              
unlink("/var/cpanel/suspendinfo/${user}");

if ($SUINFO{'shell'} eq "") {
    system("chsh","-s","/usr/local/cpanel/bin/noshell","$user");
} else {
    system("chsh","-s",$SUINFO{'shell'},$user);
}
AcctLock::acctlock();                  
if (-e "/usr/sbin/pw") {            
    system("/usr/sbin/pw","unlock","$user");
} else {
    system("passwd","-u","$user");
}              
AcctLock::acctunlock();

open(CPU,"/var/cpanel/users/${user}");
while(<CPU>) {
    if (/^DNS.?.?.?.?=(\S+)/) {                
        if (/^DNS.?.?.?.?=(\S+)/) {                              
        push(@DNS,$1);
    }
}
close(CPU);

mkdir("/usr/local/cpanel/3rdparty/mailman/suspended.lists",0755);        

foreach my $dns (@DNS) {
    $dns = makevaliddns($dns);
    next if ($dns eq "-1");

    system("mv /usr/local/cpanel/3rdparty/mailman/suspended.lists/*_$dns /usr/local/cpanel/3rdparty/mailman/lists 2>/dev/null");

    if (-f "${homedir}/etc/${dns}/shadow" && ! -l "${homedir}/etc/${dns}/shadow") {
        print "Unsuspending email account logins for ${dns} .... ";
        unsuspendshadowfile("${homedir}/etc/${dns}/shadow");
        print "Done\n";        
    }
}                            



unlink("$homedir/public_html/.htaccess");
rename("$homedir/public_html/.htaccess.suspend","$homedir/public_html/.htaccess");
unlink("/var/cpanel/suspended/${user}");      
unlink("/var/cpanel/suspended/${user}.lock");

system("sync");                      

my $ftpfile = "/etc/proftpd/$user";
if(-e "$ftpfile.suspended" && !-e "/var/cpanel/suspended/$user") {
    print "Unsuspending FTP accounts...\n";
    rename("$ftpfile.suspended", $ftpfile)
        or warn "Could not rename $ftpfile.suspended to $ftpfile";
}

system("/usr/local/cpanel/bin/ftpupdate",$user);
           system '/usr/local/cpanel/bin/updateauthtab';
print "${user}'s account is now active\n";

$domain = getdomain($user);

if (-f "/var/spool/cron.suspended/${user}") {
    unlink("/var/spool/cron/${user}");
    link("/var/spool/cron.suspended/${user}",
         "/var/spool/cron/${user}");
    unlink("/var/spool/cron.suspended/${user}");
}



$msg = <<"EOM";
+===================================+
| Account Info                      |
+===================================+
| Domain: $domain            
| UserName: $user
+===================================+
Account Unsuspended by $ENV{'REMOTE_USER'} ($ENV{'USER'})
EOM

cPScript::iContact::icontact('application' => 'unsuspendacct',
                             'level'       => 3,
                             'subject'     => qq{Account Unsuspended on $host ($domain)},
                             'message'     => $msg,
                             'msgtype'     => '');


sub gethomedir {
    my($user) = @_;
    my($homedir);
    open(PASSWD,"/etc/passwd");
    while(<PASSWD>) {
        if (/^$user:/) {
            (undef,undef,undef,undef,undef,$homedir,undef) = split(/:/, $_,  7);
            return $homedir;              
        }
    }
    close(PASSWD);

}




sub makevaliddns {
    my($domain) = @_;
    $domain =~ s/[^\w\.\-]*[_]*//g;

    if (length($domain) < 3) {      
        return(-1);                  
    }
    if ($domain =~ /^\./) {  
        return(-1);
    }


    return($domain);
}




sub getdomain {
    my($user) = $_[0];
    open(CPU,"/var/cpanel/users/$user");
    while(<CPU>) {
        s/\n//g;
        if (/^DNS=(\S+)/) {    
            close(CPU);
            return $1;  
            }
    }
    close(CPU);
    return "";
}                

sub unsuspendshadowfile {
    my($file) = @_;
    my($shadowlock);
    $shadowlock = SafeFile::safeopen(\*SHF,"<",$file);
    my @CT = <SHF>;
    SafeFile::safeclose(\*SHF,$shadowlock);
    $shadowlock = SafeFile::safeopen(\*SHF,">",$file);
    foreach (@CT) {                
        my @DC=split(/:/,$_);
        chomp($DC[$#DC]);            
        while ($DC[1] =~ /^\*LOCKED\*/) {
            $DC[1] =~ s/^\*LOCKED\*//g;
        }                    
        print SHF join(":",@DC) . "\n";
    }
    SafeFile::safeclose(\*SHF,$shadowlock);
}



===========================================

thanks
0
 
LVL 40

Accepted Solution

by:
Richard Quadling earned 500 total points
ID: 16902365
Ha! That's PERL. I'd be guessing.

Sorry.
0

Featured Post

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These days socially coordinated efforts have turned into a critical requirement for enterprises.
This article discusses how to implement server side field validation and display customized error messages to the client.
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question