Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

unsuspend/suspend

Posted on 2006-06-13
9
Medium Priority
?
768 Views
Last Modified: 2013-12-13
hi
how do i suspend an account using a script php ?
i want to change the paramater $suspenduser with the name of account $accdomain in suspend($host,$user,$accesshash,$usessl,$suspenduser) in the file accounting.php.inc
for exmple :
$host="localhost";
$user"user";
$accesshash="accesshash";
$suspenduser="user.mysite.com";
In whm you can choose betwen th name of the account or the user, so i want to use th account
any idea is good
0
Comment
Question by:qadelq
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 16900607
Does your DB have an option to suspend a user?

There is not PHP function called suspend, so you must be looking at a specific application?
0
 

Author Comment

by:qadelq
ID: 16900813
i think that you dont indrstand me
ok
if you look at suspend/unsuspend account page in whm there are two optoins to suspend an account one by domain and an other by users.
i have a script suspending account by users in accounting.php.inc file:



<?php
global $cpanelaccterr;
function suspend ($host,$user,$accesshash,$usessl,$suspenduser) {
    $result = whmreq("/scripts/remote_suspend?user=${suspenduser}",$host,$user,$accesshash,$usessl);
    if ($cpanelaccterr != "") { return; }
    return $result;
}
function unsuspend ($host,$user,$accesshash,$usessl,$suspenduser) {
    $result = whmreq("/scripts/remote_unsuspend?user=${suspenduser}",$host,$user,$accesshash,$usessl);
    if ($cpanelaccterr != "") { return; }
    return $result;
}

function whmreq ($request,$host,$user,$accesshash,$usessl) {


    $cleanaccesshash = preg_replace("'(\r|\n)'","",$accesshash);
        $authstr = $user . ":" . $cleanaccesshash;
    $cpanelaccterr = "";


    if (function_exists("curl_init")) {
        $ch = curl_init();
        if ($usessl) {
            curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,0);                
            curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0);
            curl_setopt($ch, CURLOPT_URL, "https://${host}:2087" . $request);
        } else {
            curl_setopt($ch, CURLOPT_URL, "http://${host}:2086" . $request);
                }
        curl_setopt($ch, CURLOPT_HEADER, 0);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
            $curlheaders[0] = "Authorization: WHM $authstr";
                curl_setopt($ch,CURLOPT_HTTPHEADER,$curlheaders);
        $data=curl_exec ($ch);
        curl_close ($ch);
    } elseif (function_exists("socket_create")) {
        if ($usessl) {
            $cpanelaccterr = "SSL Support requires curl";
            return;
        }
        $service_port = 2086;
        $address = gethostbyname($host);
        $socket = socket_create (AF_INET, SOCK_STREAM, 0);
        if ($socket < 0) {
                $cpanelaccterr = "socket_create() failed";
            return;
        }
        $result = socket_connect ($socket, $address, $service_port);
        if ($result < 0) {
                $cpanelaccterr = "socket_connect() failed";
            return;
        }
        $in = "GET $request HTTP/1.0\n";
        socket_write($socket,$in,strlen($in));    
        $in = "Connection: close\n";
        socket_write($socket,$in,strlen($in));    
        $in = "Authorization: WHM $authstr\n\n\n";
        socket_write($socket,$in,strlen($in));    
   
        $inheader = 1;
        while(($buf = socket_read($socket, 512)) != false) {
          if (!$inheader) {
              $data .= $buf;
              }
          if(preg_match("'\r\n\r\n$'s", $buf)) {
            $inheader = 0;
          }
          if(preg_match("'\n\n$'s", $buf)) {
            $inheader = 0;
          }
          if(preg_match("'\r\n$'s", $buf)) {
            $inheader = 0;
          }
        }

    } else {
        $cpanelaccterr = "php not compiled with --enable-sockets OR curl";
        return;
    }

    return $data;    
}

 
   $host = "localhost";
   $user = "myuser";
   $accesshash = 'myaccesshash';
   // new account
   $acctdomain ='user.mysite.com';
   $suspenduser = "accuser";
   $acctpass = 'pwd';
   $acctplan = 'pkg'; // see Accounting.php.inc what should be in here
   $spd=suspend ($host,$user,$accesshash,$usessl,$suspenduser)
 
?>
 when i execute this script the account "user.mysite.com" appear in the list suspended accounts in whm, but i want to replace $suspenduser by $acctdomain
thanks
   
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 16900918
Sorry. I thought whm was a mistype.

I'm not a CPanel expert, so can you please explain the difference between the user and the domain? I though they are the same thing in this regard?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:qadelq
ID: 16900997
thanks for your replay

I when create new acount in whm , the requirment  1- user  ( username) 2- domain ( yuordomain.com) , but I when want to suspend or terminat , the whm requirment the user in order to terminate or suspend the acount  (please note the example above) , therefore I want susped or termenate the acount depnded on the acctdomain ( domain) .
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 16901008
Is the user uniquely tied to the domain?

Having looked at the code you supplied, you need to take a look at

/scripts/remote_suspend

and

/scripts/remote_unsuspend

These are the scripts which do the suspending and unsuspending. I don't know if they are PHP or not. They expect a user parameter. They may accept a domain parameter.
0
 

Author Comment

by:qadelq
ID: 16901159
please explain
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 16901380
The code you supplied doesn't actually make the required changes to the status. Instead it calls 1 of 2 scripts ...

scripts/remote_suspend

from

$result = whmreq("/scripts/remote_suspend?user=${suspenduser}",$host,$user,$accesshash,$usessl);

and

scripts_remote_unsuspend

from

$result = whmreq("/scripts/remote_unsuspend?user=${suspenduser}",$host,$user,$accesshash,$usessl);


As you can see the parameters are all user orientated, but the scripts themselves may well support domain.

You will need to see if they do. Can you supply those scripts here?
0
 

Author Comment

by:qadelq
ID: 16901704
ok

1- suspendacct


  #!/usr/bin/perl
# cpanel9 - scripts        Copyright(c) 1997-2004 cPanel, Inc.
#                                 All rights Reserved.
# copyright@cpanel.net      http://cpanel.net
# This code is subject to the cpanel license. Unauthorized copying is prohibited

BEGIN {
    push(@INC,'/scripts');
}

use cPScript::SafetyBits;
use cPScript::iContact qw( );
use SafeFile;
use AcctLock;
use POSIX;

my $system = (POSIX::uname())[0];


$user = $ARGV[0];
$reason = $ARGV[1];
$disallowun = $ARGV[2];
if ($user eq "" || $user eq "root") {
    print "Syntax Error: usage: suspendacct <user>\n";
    exit;
}
my $homedir = gethomedir($user);
my $shell = getshell($user);
print "Changing Shell to /bin/false...";
system("chsh","-s","/bin/false","$user");
print "Done\n";
AcctLock::acctlock();
print "Locking Password...";
if (-e "/usr/sbin/pw") {
    system("/usr/sbin/pw","lock","$user");
} else {
    system("passwd","-l","$user");
}
print "Done\n";
AcctLock::acctunlock();
$owner = getowner($user);
$owner =~ s/\n//g;
if ($owner eq "" || $owner eq "root" || $user eq $owner) {
    chomp($host = `hostname`);
} else {
    $host = getdomain($owner);
}

$domain = getdomain($user);
if (! -e "/var/cpanel/suspended") {
    mkdir("/var/cpanel/suspended",0755);
}

open(USERS,">/var/cpanel/suspended/${user}");
print USERS $reason;
close(USERS);
if ($disallowun eq "1") {
    open(USERS,">/var/cpanel/suspended/${user}.lock");
    close(USERS);
}

if ($system =~ /freebsd/i) {
    system("killall","-9","-u","$user","-m",".");
} else {
    system("skill","-9","$user");
}

open(CPU,"/var/cpanel/users/${user}");
while(<CPU>) {
    if (/^DNS.?.?.?.?=(\S+)/) {
        push(@DNS,$1);
    }
}
close(CPU);

mkdir("/usr/local/cpanel/3rdparty/mailman/suspended.lists",0755);

foreach my $dns (@DNS) {
    $dns = makevaliddns($dns);
    next if ($dns eq "-1");

    system("mv /usr/local/cpanel/3rdparty/mailman/lists/*_$dns /usr/local/cpanel/3rdparty/mailman/suspended.lists 2>/dev/null");

    if (-f "${homedir}/etc/${dns}/shadow" && ! -l "${homedir}/etc/${dns}/shadow") {
        print "Suspending email account logins for ${dns} .... ";
        suspendshadowfile("${homedir}/etc/${dns}/shadow");
        print "Done\n";
    }
}


$msg = <<"EOM";
+===================================+
| Account Info                      |
+===================================+
| Domain: $domain
| UserName: $user
+===================================+
Account suspended by $ENV{'REMOTE_USER'} ($ENV{'USER'})
EOM

cPScript::iContact::icontact('application' => 'suspendacct',
                             'level'   => 3,
                             'subject' => qq{Account Suspended on $host ($domain)},
                             'message' => $msg,
                             'msgtype' => '');


if ($shell eq "/bin/false") {
    print "Account Already Suspended\n";
    exit;
}
if (! -e "/var/cpanel/suspendinfo") {
    mkdir("/var/cpanel/suspendinfo",0700);
}
open(CPINFO,">","/var/cpanel/suspendinfo/${user}");
print CPINFO "shell=${shell}\n";
close(CPINFO);


open(CPU,">>/var/cpanel/users/${user}");
my $now = time();
print CPU "SUSPENDTIME=$now\n";
close(CPU);

if (! -e "/var/spool/cron.suspended") {
    mkdir("/var/spool/cron.suspended",0700);
}

if (-f "/var/spool/cron/${user}") {
    link("/var/spool/cron/${user}",
         "/var/spool/cron.suspended/${user}");
    unlink("/var/spool/cron/${user}");
}

cPScript::SafetyBits::safe_chmod(0000,$user,"${homedir}/public_ftp");
rename("$homedir/public_html/.htaccess","$homedir/public_html/.htaccess.suspend");
unlink("$homedir/public_html/.htaccess");
open(HTACCESS,">>$homedir/public_html/.htaccess");
print HTACCESS "RedirectMatch .* http://${host}/suspended.page/\n";
print HTACCESS "Options -Includes -Indexes -ExecCGI\n";
close(HTACCESS);
system("sync");

my $ftpfile = "/etc/proftpd/$user";
if(-e $ftpfile && -e "/var/cpanel/suspended/$user") {
    print "Suspending FTP accounts...\n";
    rename($ftpfile, "$ftpfile.suspended")
        or warn "Could not rename $ftpfile to $ftpfile.suspended";
}

system("/usr/local/cpanel/bin/ftpupdate",$user);
system '/usr/local/cpanel/bin/updateauthtab';
print ${user} . "'s account has been suspended\n";



sub gethomedir {
    my($user) = @_;
    my($homedir);
    open(PASSWD,"/etc/passwd");
    while(<PASSWD>) {
        if (/^$user:/) {
            (undef,undef,undef,undef,undef,$homedir,undef) = split(/:/, $_,  7);
            return $homedir;
        }
    }
    close(PASSWD);
}

sub getshell {
    my($user) = @_;
    my($shell);
    open(PASSWD,"/etc/passwd");
    while(<PASSWD>) {
        s/\n//g;
        if (/^$user:/) {
            (undef,undef,undef,undef,undef,undef,$shell) = split(/:/, $_,  7);
            return $shell;

        }
    }
    close(PASSWD);
}

sub getowner {
    my($user) = @_;
    my($owner);
    open(CPUO,"/var/cpanel/users/$user") || return 'root';
    while(<CPUO>) {
        s/\n//g;
        if (/^OWNER=(\S+)/) {
            $owner = $1;
        }
    }
    close(CPUO);

    if ($owner eq "" || $owner eq "0") { $owner = 'root'; }
    return($owner);
}


sub getdomain {
    my($user) = $_[0];
    open(CPU,"/var/cpanel/users/$user");
    while(<CPU>) {
        s/\n//g;
        if (/^DNS=(\S+)/) {
            close(CPU);
            return $1;
        }
    }
    close(CPU);
    return "";
}


sub makevaliddns {
    my($domain) = @_;
    $domain =~ s/[^\w\.\-]*[_]*//g;


    if (length($domain) < 3) {
        return(-1);
    }
    if ($domain =~ /^\./) {
        return(-1);
    }


    return($domain);
}

sub suspendshadowfile {
    my($file) = @_;
    my($shadowlock);
    $shadowlock = SafeFile::safeopen(\*SHF,"<",$file);
    my @CT = <SHF>;
    SafeFile::safeclose(\*SHF,$shadowlock);
    $shadowlock = SafeFile::safeopen(\*SHF,">",$file);
    foreach (@CT) {

        my @DC=split(/:/,$_);
        chomp($DC[$#DC]);
        if ($DC[1] !~ /^\*LOCKED\*/) {
            $DC[1] = "*LOCKED*" . $DC[1];
        }
        print SHF join(":",@DC) . "\n";
    }
    SafeFile::safeclose(\*SHF,$shadowlock);
}

================================================
==================================================

2- unsuspendacct

#!/usr/bin/perl
# cpanel9 - scripts        Copyright(c) 1997-2004 cPanel, Inc.
#                                 All rights Reserved.
# copyright@cpanel.net      http://cpanel.net
# This code is subject to the cpanel license. Unauthorized copying is prohibited


BEGIN {
   push(@INC,"/scripts");
}


use cPScript::SafetyBits;
use cPScript::iContact qw( );
use SafeFile;
use AcctLock;

open(CF,"/var/cpanel/cpanel.config");
while(<CF>) {
    next if (/^\#/);
    s/\n//g;
    ($var,$value) = split(/=/, $_);
    $CPCONF{$var} = $value;
}
close(CF);


$user = $ARGV[0];
if ($user eq "" || $user eq "root") {
    print "Syntax Error: usage: unsuspendacct <user>\n";
    exit;
}
if (-e "/etc/wwwacct.conf") {
    open(CONF,"/etc/wwwacct.conf");
    while(<CONF>) {
        $_ =~ s/\n//g;
        if ($_ !~ /^;/) {
            if ($_ =~ /DEFSHELL/) {
                (undef,$shell) = split(/ /, $_);
                last;
            }
        }
    }
    close(CONF);
}      

if ($owner eq "" || $owner eq "root") {
    chomp($host = `hostname`);
} else {
    $host = getdomain($owner);
}

if ((! -e $shell) || (! $shell)) {
    $shell = "/bin/bash";
}
my $homedir = gethomedir($user);

if ($CPCONF{'acls'} eq "1") {
    if (my $pid = fork()) {        
        waitpid($pid,0);  
    } else {
        setuids($user);
        system("setfacl","-kb","-m","group:nobody:x",
               "-m","group:mail:x",
               "-m","group:cpanel:x",
               "-m","group:mailnull:x",
                '-m','group:65535:x',
               '-m','group:ftp:x',
                "--","${homedir}");
        chmod(0750,${homedir});
        exit();
    }              
} else {              
    cPScript::SafetyBits::safe_chmod(0711,$user,$homedir);
}
if (-e "/var/cpanel/fileprotect") {            
                            my $httpgid = (getgrnam('nobody'))[2];
    my $useruid = (getpwnam($user))[2];
    cPScript::SafetyBits::safe_userchgid($useruid,$httpgid,"${homedir}/public_html");
    cPScript::SafetyBits::safe_chmod(0750,$useruid,"${homedir}/public_html");
} else {        
    cPScript::SafetyBits::safe_chmod(0755,$user,"${homedir}/public_html");
}

cPScript::SafetyBits::safe_chmod(0755,$user,"${homedir}/public_ftp");


my(%SUINFO);
open(SUINFO,"<","/var/cpanel/suspendinfo/${user}");
while(<SUINFO>) {                
    chomp();            
    my($name,$value) = split(/=/, $_);
    $SUINFO{$name} = $value;    
}
close(SUINFO);              
unlink("/var/cpanel/suspendinfo/${user}");

if ($SUINFO{'shell'} eq "") {
    system("chsh","-s","/usr/local/cpanel/bin/noshell","$user");
} else {
    system("chsh","-s",$SUINFO{'shell'},$user);
}
AcctLock::acctlock();                  
if (-e "/usr/sbin/pw") {            
    system("/usr/sbin/pw","unlock","$user");
} else {
    system("passwd","-u","$user");
}              
AcctLock::acctunlock();

open(CPU,"/var/cpanel/users/${user}");
while(<CPU>) {
    if (/^DNS.?.?.?.?=(\S+)/) {                
        if (/^DNS.?.?.?.?=(\S+)/) {                              
        push(@DNS,$1);
    }
}
close(CPU);

mkdir("/usr/local/cpanel/3rdparty/mailman/suspended.lists",0755);        

foreach my $dns (@DNS) {
    $dns = makevaliddns($dns);
    next if ($dns eq "-1");

    system("mv /usr/local/cpanel/3rdparty/mailman/suspended.lists/*_$dns /usr/local/cpanel/3rdparty/mailman/lists 2>/dev/null");

    if (-f "${homedir}/etc/${dns}/shadow" && ! -l "${homedir}/etc/${dns}/shadow") {
        print "Unsuspending email account logins for ${dns} .... ";
        unsuspendshadowfile("${homedir}/etc/${dns}/shadow");
        print "Done\n";        
    }
}                            



unlink("$homedir/public_html/.htaccess");
rename("$homedir/public_html/.htaccess.suspend","$homedir/public_html/.htaccess");
unlink("/var/cpanel/suspended/${user}");      
unlink("/var/cpanel/suspended/${user}.lock");

system("sync");                      

my $ftpfile = "/etc/proftpd/$user";
if(-e "$ftpfile.suspended" && !-e "/var/cpanel/suspended/$user") {
    print "Unsuspending FTP accounts...\n";
    rename("$ftpfile.suspended", $ftpfile)
        or warn "Could not rename $ftpfile.suspended to $ftpfile";
}

system("/usr/local/cpanel/bin/ftpupdate",$user);
           system '/usr/local/cpanel/bin/updateauthtab';
print "${user}'s account is now active\n";

$domain = getdomain($user);

if (-f "/var/spool/cron.suspended/${user}") {
    unlink("/var/spool/cron/${user}");
    link("/var/spool/cron.suspended/${user}",
         "/var/spool/cron/${user}");
    unlink("/var/spool/cron.suspended/${user}");
}



$msg = <<"EOM";
+===================================+
| Account Info                      |
+===================================+
| Domain: $domain            
| UserName: $user
+===================================+
Account Unsuspended by $ENV{'REMOTE_USER'} ($ENV{'USER'})
EOM

cPScript::iContact::icontact('application' => 'unsuspendacct',
                             'level'       => 3,
                             'subject'     => qq{Account Unsuspended on $host ($domain)},
                             'message'     => $msg,
                             'msgtype'     => '');


sub gethomedir {
    my($user) = @_;
    my($homedir);
    open(PASSWD,"/etc/passwd");
    while(<PASSWD>) {
        if (/^$user:/) {
            (undef,undef,undef,undef,undef,$homedir,undef) = split(/:/, $_,  7);
            return $homedir;              
        }
    }
    close(PASSWD);

}




sub makevaliddns {
    my($domain) = @_;
    $domain =~ s/[^\w\.\-]*[_]*//g;

    if (length($domain) < 3) {      
        return(-1);                  
    }
    if ($domain =~ /^\./) {  
        return(-1);
    }


    return($domain);
}




sub getdomain {
    my($user) = $_[0];
    open(CPU,"/var/cpanel/users/$user");
    while(<CPU>) {
        s/\n//g;
        if (/^DNS=(\S+)/) {    
            close(CPU);
            return $1;  
            }
    }
    close(CPU);
    return "";
}                

sub unsuspendshadowfile {
    my($file) = @_;
    my($shadowlock);
    $shadowlock = SafeFile::safeopen(\*SHF,"<",$file);
    my @CT = <SHF>;
    SafeFile::safeclose(\*SHF,$shadowlock);
    $shadowlock = SafeFile::safeopen(\*SHF,">",$file);
    foreach (@CT) {                
        my @DC=split(/:/,$_);
        chomp($DC[$#DC]);            
        while ($DC[1] =~ /^\*LOCKED\*/) {
            $DC[1] =~ s/^\*LOCKED\*//g;
        }                    
        print SHF join(":",@DC) . "\n";
    }
    SafeFile::safeclose(\*SHF,$shadowlock);
}



===========================================

thanks
0
 
LVL 40

Accepted Solution

by:
Richard Quadling earned 1000 total points
ID: 16902365
Ha! That's PERL. I'd be guessing.

Sorry.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question