Cpanel Login on ClientArea Home

[robbo]

From another thread, it was asked if you could add a login for clients into the home page (homepage.tpl).

 

With help from Matt I've now made this work - my code isn't the cleanest as I know only basic php/mysql.

I've only pasted the code as I have changed the way the page looks for my own site.

It will also not show to anyone that isn't logged in.

 

{if $loggedin}

<form name="cpanellogin" action="ip:2083/login/" method="post" target="_blank">

{php}

$query = "SELECT * FROM tblhosting";

$items = mysql_query($query);

$strTotal = mysql_numrows($items);

 

$i=0;

for ($i; $i <= 0; $i++) {

$strCurrent = $strTotal - ( $i + $off ); // Set Database offset

if ($strCurrent == "-1") { $i = "1"; } // Skip Blank Lines

else {

$query = "SELECT * FROM tblhosting WHERE userid='".$_SESSION["uid"]."' LIMIT 1";

$result = mysql_query($query); // Get Row from Database

$row = mysql_fetch_array($result); // Set Row as an Array

}

$username = $row['username'];

$password = decrypt($row['password']);

 

echo "<input type=\"hidden\" name=\"user\" value=\"$username\">\n";

echo "<input type=\"hidden\" name=\"pass\" value=\"$password\">\n";

}

{/php}

Control Panel Login (Cpanel)

 

Login to your Control Panel to control your website and hosting options

 

<noscript>

<input type="submit" value="Login to cPanel" class="button">

</noscript>

</form>

{/if}

 

I've made this a text link to correspond with the other links on the page - to change this, remove

Control Panel Login (Cpanel)

 

Login to your Control Panel to control your website and hosting options

 

<noscript>

<input type="submit" value="Login to cPanel" class="button">

</noscript>

 

to

 

<input type="submit" value="Login to cPanel" class="button">

 

For a screenshot of what it looks like in my design - http://img155.imageshack.us/img155/1463/cpanelzi0.png

[bear]

Pretty sure you can't PM until then either.

Upload the image somewhere, and link to it?

[robbo]

I uploaded to imageshack, but it said http error still (extra post count anyone )

 

Just to add, please remember that if the client changes their password in Cpanel that it won't sync up unless it is changed in the WHMCS Admin Panel. (Thanks Matt for this info!)

[bear]

Sorry, should have explained. Leave off the http and all that. Should work then.

Instead of "http://www.domain....."

Use "domain.tld/imagelocation/image.ext"

[Santo]

First of all thank you for your contribution, and see what a write below as a suggestion for improvement and not criticism.

 

This cPanel login only works for companies with 1 server and clients with no more then 1 account.

 

If you have more then 1 server, you need to query the database for the user server location, and if the user has more then 1 account spread over different servers then you need to get some input from the client, like what account he wants to manage.

 

So, for this to work for every business company it should have:

 

1 - Drop down that gets the accounts for that client and displays them as domains

 

2 - Depending on the domain selected the final IP is picked up from the database and sent to the form.

 

3 - The the rest of the code above.

 

I hope you see this as an improvement and not an abuse on my part.

 

Regards,

[robbo]

Hi Santo,

 

I definately see it as an improvement, however I only have the one server and limited knowledge on how to do this!

If anyone wants to recode and post for others with Santo's suggestions, that'd be good (for others and myself if I expand that much )

 

Rob

[Troy]

Here's what I did:

 

Created the following cp.php file and put it in the whmcs root:

 

<?php
       $query_string = "select s.name, s.type, h.packageid, h.domain, h.username, h.password from tblhosting h, tblservers s where h.server = s.id and s.type in ('cpanel','helm') and h.userid = ".$_SESSION['uid']." and h.domainstatus = 'Active' order by h.domain";
       $query = mysql_query($query_string);
       if (mysql_num_rows($query)) {
?>



[b]Control Panel Links[/b]</p>
<table align="center" style="width:90%" class="clientareatable" cellspacing="1">
<tr class="clientareatableheading">
       <td>Domain</td>
       <td>Links</td>
</tr>

<?php
while ($row = mysql_fetch_assoc($query)) {
       switch ($row["type"]) {
               case "cpanel": 
                       echo '<tr class="clientareatableactive">';
                       echo '<td>'.$row["domain"].'</td>';
                       echo '<td>[url="https://'.$row['name'].':2083/login?user='.$row['username'].'&pass='.decrypt($row['password']).'"]Control Panel[/url]';
                       if ($row['packageid'] >= 3 && $row['packageid'] <= 7) {
                               echo ', [url="https://'.$row['name'].':2087/login/?user='.$row['username'].'&pass='.decrypt($row['password']).'"]Web Host Manager[/url]';
                       }
                       echo '</td>';
                       echo '</tr>';
                       break;
               case "helm":
                       echo '<tr class="clientareatableactive">';
                       echo '<td>'.$row["domain"].'</td>';
                       echo '<td>[url="https://'.$row['name'].'/default.asp?txtUsername='.$row['username'].'&txtPassword='.decrypt($row['password']).'&&selLanguageCode=EN&selInterface=standard_XP'.'"]Control Panel[/url]</td>';
                       echo '</tr>';
       }
}
?>

</table>

<?php } ?>

 

We only do CPanel and Helm, so it only covers those two control panels. The links are simple links, no forms/javascript required, and they forward the user to the control panel with no need to enter the control panel username/password. The code expects the servername set up in whmcs to be the actual hostname of the server, and to be secured with an SSL certificate.

 

It also places a WHM link for resellers, but the code that does it will have to be adjusted for your reseller package ids. It's this bit:

 

                        if ($row['packageid'] >= 3 && $row['packageid'] <= 7) {
                               echo ', [url="https://'.$row['name'].':2087/login/?user='.$row['username'].'&pass='.decrypt($row['password']).'"]Web Host Manager[/url]';
                       }

 

Our reseller packages have ids between 3 and 7, hence the if ($row['packageid'] >= 3 && $row['packageid'] <= 7), which needs to be taylored to your packages.

 

Otherwise everything else is done by server type, (only cpanel or helm), in whmcs and will accomodate any number of servers.

 

Then you simply do this wherever you want the links:

 

{include_php file="cp.php"}

 

I put it in the clientareahome.tpl right above the ticket list.

 

The code above looks poorly formatted, but that's just due to the word wrapping. If you copy and paste it, it should be well formatted (I hope).

[markos]

Nice work, thanks for sharing.

[ddh]

The code of the script doesn't render, when used with PHP template files e.g. .tpl

 

The code needs to be rewritten for use with TPL files e.g.

{include file='cp.php'}

[TerrasIOI]

Hello Troy & Co.

 

Will your solution work if client has several cpanel accounts under one client account?

 

Will this script show them all?

 

I will appreciate clarification on this.

 

Regards.

[Santo]

The script works very well... Kudos to Troy.

 

Just follow instructions and you will give your client a nice list of domains with the respective cPanel link. This can be adapted also to plesk with some small modifications.

 

Cheers and thank you Troy

[TerrasIOI]

The script works very well... Kudos to Troy.

 

Just follow instructions and you will give your client a nice list of domains with the respective cPanel link. This can be adapted also to plesk with some small modifications.

 

Cheers and thank you Troy

 

Wow

 

Thanks a lot man for this information. Will do this right away.

[TerrasIOI]

The code of the script doesn't render, when used with PHP template files e.g. .tpl

 

The code needs to be rewritten for use with TPL files e.g.

{include file='cp.php'}

 

Yes otherwise it works well. Thanks man for this contribution.

 

But I'm wondering if it is possible to have cpanel to open i new browser window?

 

How do you people have it? What is better for security?

[robbo]

The code of the script doesn't render,

But I'm wondering if it is possible to have cpanel to open i new browser window?

 

How do you people have it? What is better for security?

 

Just add target="_blank" to the line which is:

echo '<td>[url="https://'.$row['name'].':2083/login?user='.$row['username'].'&pass='.decrypt($row['password']).'"]Control Panel[/url]'; 

 

So this will look like:

echo '<td>[url="https://'.$row['name'].':2083/login?user='.$row['username'].'&pass='.decrypt($row['password']).'"]Control Panel[/url]'; 

[Baja]

Hey,

 

I'm not sure whats different about your setup but for me I had to change this to get it to work:

 

[url="https://'.$row['name'].':2083/login?user='.$row['username'].'&pass='.decrypt($row['password']).'"]Control Panel[/url]';

 

to this:

 

[url="https://'.$row['domain'].':2083/login?user='.$row['username'].'&pass='.decrypt($row['password']).'"]Control Panel[/url]';

 

I changed ['name'] to ['domain'] for both cpanel and whm because "name" was pulling the name of my server instead of the domain name. Not sure how every body else had it working or whats going on.

 

Also this too:

 

{include_php file="cp.php"}

 

Anyway looks nice,

 

Baja

[Santo]

Any client can use the name of your server to login to their account.. cPanel looks for the login, not the server or domain name.

[Baja]

Any client can use the name of your server to login to their account.. cPanel looks for the login, not the server or domain name.

 

I understand what you mean yet, clientsdomainname.com or mydomainname.com is a lot different from the name I gave the server in whmcs which for example is "cpanel1" and "cpanel1" when linked as below does not work.

 

https://cpanel1:2083/login/?user=12345&pass=youwish

 

So thats what I was saying, not sure whats different with everyones setup compared to mine.

[Baja]

In fact I just checked phpmyadmin and I do not even have a "name" in tblhosting to select:

 

select s.name, s.type, h.packageid, h.domain, h.username, h.password from tblhosting h,

 

There is a "name" in the tblservers which is where the given name is being pulled from in whcms under each server setup.

 

No worries though, my way works fine for me.

[markos]

What to do , when a custom control panel use only POST method to accept username and password?

 

One option is to use a form with hidden fields. But is there a solution to use a link

[robbo]

What to do , when a custom control panel use only POST method to accept username and password?

 

One option is to use a form with hidden fields. But is there a solution to use a link

 

Yes, however you need javascript enabled. This is how I did mine (first post)

 

Add the following where the submit button would normally go:

 

[url="javascript:document.cpanellogin.submit();"][b]Control Panel Login[/b][/url] (Cpanel)

Login to your Control Panel to control your website and hosting options

 

The following will allow users with javascript disabled to have a login button

<noscript>
<input type="submit" value="Login to cPanel" class="button">
</noscript>

 

Hope this helps

[TerrasIOI]

Baja,

 

Yes it works perfectly for me too

 

My idea with opening in new browser window was that leave client possibility to read knowledge base etc - without having to browse to site again.

 

Thanks.

[Baja]

Baja,

 

Yes it works perfectly for me too

 

My idea with opening in new browser window was that leave client possibility to read knowledge base etc - without having to browse to site again.

 

Thanks.

 

TerrasIOI,

 

I used your idea actually too. Which was provide by robbo on the first page. All you had to do was add target="_blank" in each link. Pretty easy.

 

Baja

[Troy]

The code of the script doesn't render, when used with PHP template files e.g. .tpl

 

The code needs to be rewritten for use with TPL files e.g.

{include file='cp.php'}

 

Thanks for catching my oversight - I've corrected my post.

[Troy]

Hey,

 

I'm not sure whats different about your setup but for me I had to change this to get it to work:

 

[url="https://'.$row['name'].':2083/login?user='.$row['username'].'&pass='.decrypt($row['password']).'"]Control Panel[/url]';

 

to this:

 

[url="https://'.$row['domain'].':2083/login?user='.$row['username'].'&pass='.decrypt($row['password']).'"]Control Panel[/url]';

 

I changed ['name'] to ['domain'] for both cpanel and whm because "name" was pulling the name of my server instead of the domain name. Not sure how every body else had it working or whats going on.

 

Also this too:

 

{include_php file="cp.php"}

 

Anyway looks nice,

 

Baja

 

Baja,

 

The reason $row['name'] probably didn't work for you is that your server name in whmcs is not the actual hostname of the server.

 

In my post, I mentioned that "The code expects the servername set up in whmcs to be the actual hostname of the server, and to be secured with an SSL certificate".

 

The only way to provide secure control panel access to all customers, without a security warning, is to either purchase a certificate for the server's main IP address and then link via IP, or purchase a certificate for the server's hostname and then use the hostname in the https link. We use the latter route, so the server names in whmcs are set to the actual hostname, so that we can build a proper https link that will not result in security warnings.

[Troy]

In fact I just checked phpmyadmin and I do not even have a "name" in tblhosting to select:

 

select s.name, s.type, h.packageid, h.domain, h.username, h.password from tblhosting h,

 

There is a "name" in the tblservers which is where the given name is being pulled from in whcms under each server setup.

 

No worries though, my way works fine for me.

 

Baja,

 

I'm not sure you're using my method, so this is probably a moot point, but just to clarfiy for anyone who might read this - the "name" field is being pulled from tblservers, not tblhosting. Note the "s." prefix on the column, and the rest of the from clause which you didn't quote:

 

tblservers s

 

The inclusion of tblservers in the from clause, with the "s" abbreviation beside it, means that anything in the select clause with an "s." prefix is a column from the tblservers table.