Untitled

<?php

session_start();
set_time_limit(0);
error_reporting(0);

$authPass="deaf555b170bc30dab4e83b36dbbf62f"; // default pass: @syifa@ ( md5 hash )

include("dataLogin.php");

echo'<!DOCTYPE html><html lang="en"><head><title>:: Simple Remote WHM ::</title><link rel="stylesheet" href="koboi.css" media="all, handheld" type="text/css"><meta name="author" content="Adip Perdana"><meta name="viewport" content="width=device-width,initial-scale=1.0"></head><body><div id="wrapper"><div id="content">';

if (isset($_REQUEST["logout"]))
unset($_SESSION["login"]);
if (!isset($_SESSION["login"])){
if (isset($_POST["login"]) && !empty($_POST["login"]) && md5($_POST["login"])==$authPass){
$_SESSION["login"]=md5($_SERVER["REMOTE_ADDR"]);
}
else{
echo'<div class="box"><h3>:: Enter Password ::</h3><form method="POST"><input type="password" name="login" placeholder="Enter Password"><input type="submit" value="Login ##"></form></div>';
exit();
}
}

$getHostname="https://".$dataLogin["hostname"].":2087/json-api/gethostname?api.version=1";
$hostname=json_decode(getData($getHostname), true);
$getLoadavg="https://".$dataLogin["hostname"].":2087/json-api/systemloadavg?api.version=1";
$loadavg=json_decode(getData($getLoadavg), true);
if (!isset($hostname["data"]["hostname"]) || empty($hostname["data"]["hostname"]) && !isset($loadavg["data"]["one"]) || empty($loadavg["data"]["one"]))
echo'<div class="box"><font color="#e74c3c">Your data login can\'t connect to the server, please check dataLogin.php</font></div>';
else
echo'<div class="box">Hostname : <font color="#1abc9c"><b>'.$hostname['data']['hostname'].'</b></font><br>System Load : <font color="#3498db"><b>'.$loadavg['data']['one'].' '.$loadavg['data']['five'].' '.$loadavg['data']['fifteen'].'</b></font></div>';

// CREATE ACCOUNTS

if (isset($_REQUEST["action"]) && $_REQUEST["action"]=="create"){
echo'<div class="box"><h3>:: CPanel Account Creator ::</h3><form method="POST"><input type="text" name="domain" placeholder="Domain : Input Valid Domain"><input type="text" name="username" placeholder="Username : Input Valid, Max 16 Chars"><input type="text" name="password" placeholder="Password : Create a Secure Password"><input type="text" name="email" placeholder="Contact Email : Input Valid Email Address"><select name="package">';
if ($dataLogin["username"]=="root")
echo'<option value="default">default [ Disk : unlimited | Bw : unlimited ]</option>';
$packageList=json_decode(getData("https://".$dataLogin["hostname"].":2087/json-api/listpkgs?api.version=1"), true);
foreach ($packageList["data"]["pkg"] as $package){
echo'<option value="'.$package['name'].'">'.$package['name'].' [ Disk : '.$package['QUOTA'].' | Bw : '.$package['BWLIMIT'].' ]</option>';
}
echo'</select>';
if ($dataLogin["username"]=="root"){
echo'<input type="checkbox" name="reseller" value="1"> Create account with Reseller<br><input type="checkbox" name="global" value="1"> Create reseller allow to use global packages<br>';
}
echo'<input type="checkbox" name="ip" value="y"> Create account with Dedicated IP<br><input type="checkbox" name="cgi" value="1" checked> Create account with CGI<br><input type="checkbox" name="shell" value="1"> Create account with SSH Access<br>';
if ($dataLogin["username"]=="root") echo'If you create account to reseller, please input max create cpanel account to your reseller or fill 0 to create unlimited cpanel<input type="text" name="max_reseller" value="0">';
echo'<input type="hidden" name="action" value="create"><input type="submit" value="CREATE"></form></div>';
if (isset($_POST["action"]) && $_POST["action"]=="create"){
if (strpos($_POST["domain"], ".")) $dataValid["Domain"]=$_POST["domain"];
else $dataError["Domain"]="Please input valid domain";
if (preg_match("/^[0-9a-zA-Z]+$/", $_POST["username"]) && strlen($_POST["username"]) <= 16 && strlen($_POST["username"]) >= 1) $dataValid["Username"]=$_POST["username"];
else $dataError["Username"]="Please input valid username with a-z A-Z 0-9 and chars must 16 or less";
if (strlen($_POST["password"]) >= 8) $dataValid["Password"]=$_POST["password"];
else $dataError["Password"]="Pleas input valid password with minimun 8 chars";
if (isset($_POST["email"]) && !empty($_POST["email"])){
if (preg_match("/^([a-z0-9])(([-a-z0-9._])*([a-z0-9]))*\@([a-z0-9])(([a-z0-9-])*([a-z0-9]))+(\.([a-z0-9])([-a-z0-9_-])?([a-z0-9])+)+$/i", $_POST["email"])) $dataValid["Email"]=$_POST["email"];
else $dataError["Email"]="Please input valid email address and we will send information to your email";
}
else {
$dataValid["Email"]="koboijnck@gmail.com";
}
$dataValid["Package"]=urlencode($_POST["package"]);
if (isset($dataError) && !empty($dataErro)){
foreach ($dataError as $keyError=>$valueError){
echo $keyError." : ".$valueError;
}
}
else{
$createAddress="https://".$dataLogin["hostname"].":2087/json-api/createacct?api.version=1&domain=".$dataValid["Domain"]."&username=".$dataValid["Username"]."&password=".$dataValid["Password"]."&plan=".$dataValid["Package"]."&contactemail=".$dataValid["Email"];
if (isset($_POST["ip"]) && !empty($_POST["ip"])) $createAddress.="&ip=".$_POST["ip"];
if (isset($_POST["cgi"]) && !empty($_POST["cgi"])) $createAddress.="&cgi=".$_POST["cgi"];
if (isset($_POST["reseller"]) && !empty($_POST["reseller"])) $createAddress.="&reseller=".$_POST["reseller"];
if (isset($_POST["shell"]) && !empty($_POST["shell"])) $createAddress.="&hasshell=".$_POST["shell"];
$createAccount=json_decode(getData($createAddress), true);
if (isset($_POST["reseller"]) && !empty($_POST["reseller"])){
if ($_POST["max_reseller"] != 0)
getData("https://".$dataLogin["hostname"].":2087/json-api/setresellerlimits?api.version=1&user=".$dataValid["Username"]."&enable_account_limit=1&account_limit=".$_POST["max_reseller"]);
 // getData("https://".$dataLogin["hostname"].":2087/json-api/setupreseller?api.version=1&user=".$dataValid["Username"]."&makeowner=1");
$reselleracl="https://".$dataLogin["hostname"].":2087/json-api/setacls?api.version=1&reseller=".$dataValid["Username"]."&acl-edit-pkg=1&acl-add-pkg=1&acl-list-accts=1&acl-kill-dns=1&acl-edit-dns=1&acl-park-dns=1&acl-create-dns=1&acl-ssl=1&acl-create-acct=1&acl-suspend-acct=1&acl-res-cart=1&acl-passwd=1&acl-ssl-buy=1&acl-ssl-gencrt=1&acl-kill-acct=1&acl-disallow-shell=1&acl-allow-addoncreate=1&acl-allow-parkedcreate=1&acl-allow-unlimited-disk-pkgs=1&acl-allow-unlimited-pkgs=1&acl-allow-unlimited-bw-pkgs=1";
if ( $_POST["global"] == 1 ) {
$reselleracl.="&acl-viewglobalpackages=1";
}
getData($reselleracl);
}
}
echo'<div class="box"><h3>:: Result Create cPanel ::</h3><textarea name="result">';
if ($createAccount["metadata"]["result"]==0) echo $createAccount["metadata"]["reason"];
else echo cutData($createAccount['metadata']['output']['raw'], 'Dns Zone check is enabled.', '...Done');
echo'</textarea></div>';
}
}
}

// TERMINATE ACCOUNT

if (isset($_REQUEST["action"]) && $_REQUEST["action"]=="terminate"){
if (isset($_POST["username"]) && !empty($_POST["username"])){
$terminateAddress="https://".$dataLogin["hostname"].":2087/json-api/removeacct?api.version=1&user=".$_POST["username"];
if (isset($_POST["keepdns"]) && !empty($_POST["keepdns"]) && $_POST["keepdns"]==1) $terminateAddress.="&keepdns=1";
$terminateAccount=json_decode(getData($terminateAddress), true);
echo'<div class="box">'.$terminateAccount['metadata']['reason'].'</div>';
}
echo'<div class="box"><h3>:: Terminate Account ::</h3><form method="POST"><select name="username">';
$listAccts=json_decode(getData("https://".$dataLogin["hostname"].":2087/json-api/listaccts?api.version=1"), true);
foreach ($listAccts["data"]["acct"] as $accts){
echo'<option value="'.$accts['user'].'">'.$accts['domain'].' [ User : '.$accts['user'].' | Owner : '.$accts['owner'].' ]</option>';
}
echo'</select><input type="checkbox" name="keepdns" value="1"> Keepdns to retain the account\'s DNS entries<input type="hidden" name="action" value="terminate"><input type="submit" value="Terminate Account"></form></div>';
}

// SUSPEND ACCOUNT

if (isset($_REQUEST["action"]) && $_REQUEST["action"]=="suspend"){
if (isset($_POST["username"]) && !empty($_POST["username"])){
$suspendAddress="https://".$dataLogin["hostname"].":2087/json-api/suspendacct?api.version=1&user=".$_POST["username"];
if (isset($_POST["reason"]) && !empty($_POST["reason"])) $suspendAddress.="&reason=".urlencode($_POST["reason"]);
if (isset($_POST["disallowun"]) && !empty($_POST["disallowun"]) && $_POST["disallowun"]==1) $suspendAddress.="&disallowun=1";
$suspendAccount=json_decode(getData($suspendAddress), true);
echo'<div class="box">Suspend Username '.$_POST['username'].' : '.$suspendAccount['metadata']['reason'].'</div>';
}
echo'<div class="box"><h3>:: Suspend Account ::</h3><form method="POST"><select name="username">';
$listAccts=json_decode(getData("https://".$dataLogin["hostname"].":2087/json-api/listaccts?api.version=1"), true);
foreach ($listAccts["data"]["acct"] as $accts){
if ($accts['suspended'] != 0) continue;
echo'<option value="'.$accts['user'].'">'.$accts['domain'].' [ User : '.$accts['user'].' | Owner : '.$accts['owner'].' ]</option>';
}
echo'</select>';
if ($dataLogin["username"]=="root") echo'<input type="checkbox" name="disallowun" value="1"> Only the root user can unsuspend the account<br>';
echo'You can input reason for suspending this account<input type="text" name="reason" value="Not Payment"><input type="hidden" name="action" value="suspend"><input type="submit" value="Suspend Account"></form></div>';
}

// UNSUSPEND ACCOUNT

if (isset($_REQUEST["action"]) && $_REQUEST["action"]=="unsuspend"){
if (isset($_POST["username"]) && !empty($_POST["username"])){
$unsuspendAddress="https://".$dataLogin["hostname"].":2087/json-api/unsuspendacct?api.version=1&user=".$_POST["username"];
$unsuspendAccount=json_decode(getData($unsuspendAddress), true);
echo'<div class="box">Unsuspend Username '.$_POST['username'].' : '.$unsuspendAccount['metadata']['reason'].'</div>';
}
echo'<div class="box"><h3>:: Unsuspend Account ::</h3><form method="POST"><select name="username">';
$listAccts=json_decode(getData("https://".$dataLogin["hostname"].":2087/json-api/listaccts?api.version=1"), true);
foreach ($listAccts["data"]["acct"] as $accts){
if ($accts['suspended'] != 1) continue;
echo'<option value="'.$accts['user'].'">'.$accts['domain'].' [ User : '.$accts['user'].' | Owner : '.$accts['owner'].' ]</option>';
}
echo'</select><input type="hidden" name="action" value="unsuspend"><input type="submit" value="Unsuspend Account"></form></div>';
}

// LIST SUSPEND ACCOUNT

if (isset($_REQUEST["action"]) && $_REQUEST["action"]=="listsuspend"){
$listSuspendAccts=json_decode(getData("https://".$dataLogin["hostname"].":2087/json-api/listsuspended?api.version=1"), true);
echo'<div class="box"><h3>:: List Suspend Account ::</h3></div>';
foreach ($listSuspendAccts["data"]["account"] as $suspended){
echo'<div class="box">Username : <b>'.$suspended['user'].'</b><br>Locked : '.$suspended['is_locked'].'<br>Reason : "'.$suspended['reason'].'"<br>Owner : '.$suspended['owner'].'<br>Time Suspend : '.$suspended['time'].'</div>';
}
}

// CHANGE PASSWORD

if (isset($_REQUEST["action"]) && $_REQUEST["action"]=="changepassword"){
if (isset($_POST["username"]) && !empty($_POST["username"]) && isset($_POST["password"]) && !empty($_POST["password"])){
$passwdAddress="https://".$dataLogin["hostname"].":2087/json-api/passwd?api.version=1&user=".$_POST["username"]."&password=".$_POST["password"];
if (isset($_POST["enabledigest"]) && !empty($_POST["enabledigest"]) && $_POST["enabledigest"]==1) $passwdAddress="&enabledigest=1";
if (isset($_POST["db_pass_update"]) && !empty($_POST["db_pass_update"]) && $_POST["db_pass_update"]==1) $passwdAddress="&db_pass_update=1";
$passwd=json_decode(getData($passwdAddress), true);
echo'<div class="box">Change Password '.$_POST['username'].' : '.$passwd['metadata']['reason'].'</div>';
}
echo'<div class="box"><h3>:: Change Password ::</h3><form method="POST"><select name="username"><option value="'.$dataLogin['username'].'">'.$dataLogin['username'].' ( Self Server )</option>';
$listAccts=json_decode(getData("https://".$dataLogin["hostname"].":2087/json-api/listaccts?api.version=1"), true);
foreach ($listAccts["data"]["acct"] as $accts){
echo'<option value="'.$accts['user'].'">'.$accts['domain'].' [ User : '.$accts['user'].' | Owner : '.$accts['owner'].' ]</option>';
}
echo'</select><input type="checkbox" name="enabledigest" value="1"> Enable Digest Authentication for the account<br><input type="checkbox" name="db_pass_update" value="1"> Change the MYSQL account<br>Please using with high security and minimun 6 chars<input type="text" name="password" placeholder="Input Password"><input type="hidden" name="action" value="changepassword"><input type="submit" value="Change Password"></form></div>';
}

// LIST ACCOUNTS

if (isset($_REQUEST["action"]) && $_REQUEST["action"]=="listaccounts"){
$listAccts=json_decode(getData("https://".$dataLogin["hostname"].":2087/json-api/listaccts?api.version=1"), true);
echo'<div class="box"><h3>:: List Accounts ::</h3></div>';
foreach ($listAccts["data"]["acct"] as $list){
echo'<div class="box">Domain : <a href="http://'.$list['domain'].'" target="_blank">'.$list['domain'].'</a><br>Username : <b>'.$list['user'].'</b><br>Locked : '.$list['is_locked'].'<br>Suspended : '.$list['suspended'].'<br>Suspend Time : '.$list['suspendtime'].'<br>Reason : "'.$list['reason'].'"<br>Owner : '.$list['owner'].'<br>Time Start : '.$list['startdate'].'<br>Email : '.$list['email'].'<br>IP : '.$list['ip'].'<br>Disklimit : '.$list['disklimit'].'<br>Plan : '.$list['plan'].'</div>';
}
}

// SUSPEND RESELLER

if (isset($_REQUEST["action"]) && $_REQUEST["action"]=="suspendreseller"){
if (isset($_POST["username"]) && !empty($_POST["username"])){
$suspendAddress="https://".$dataLogin["hostname"].":2087/json-api/suspendreseller?api.version=1&user=".$_POST["username"];
if (isset($_POST["reason"]) && !empty($_POST["reason"])) $suspendAddress.="&reason=".urlencode($_POST["reason"]);
$suspendReseller=json_decode(getData($suspendAddress), true);
if (isset($suspendReseller["metadata"]["reason"])) echo'<div class="box">Suspend Reseller '.$_POST['username'].' : '.$suspendReseller['metadata']['reason'].'</div>';
}
$listRes=json_decode(getData("https://".$dataLogin["hostname"].":2087/json-api/listresellers?api.version=1"), true);
echo'<div class="box"><h3>:: Suspend Reseller ::</h3><form method="POST"><select name="username">';
foreach ($listRes["data"]["reseller"] as $reseller){
echo'<option value="'.$reseller.'">'.$reseller.'</option>';
}
echo'</select>The reason for the reseller suspension<input type="text" name="reason" value="Not Payment"><input type="hidden" name="action" value="suspendreseller"><input type="submit" value="Suspend Reseller"></form></div>';
}

// UNSUSPEND RESELLER

if (isset($_REQUEST["action"]) && $_REQUEST["action"]=="unsuspendreseller"){
if (isset($_POST["username"]) && !empty($_POST["username"])){
$unsuspendAddress="https://".$dataLogin["hostname"].":2087/json-api/unsuspendreseller?api.version=1&user=".$_POST["username"];
$unsuspendReseller=json_decode(getData($unsuspendAddress), true);
if (isset($unsuspendReseller["metadata"]["reason"])) echo'<div class="box">Unsuspend Reseller '.$_POST['username'].' : '.$unsuspendReseller['metadata']['reason'].'</div>';
}
$listRes=json_decode(getData("https://".$dataLogin["hostname"].":2087/json-api/listresellers?api.version=1"), true);
echo'<div class="box"><h3>:: Unsuspend Reseller ::</h3><form method="POST"><select name="username">';
foreach ($listRes["data"]["reseller"] as $reseller){
echo'<option value="'.$reseller.'">'.$reseller.'</option>';
}
echo'</select><input type="hidden" name="action" value="unsuspendreseller"><input type="submit" value="Unsuspend Reseller"></form></div>';
}

// TERMINATE RESELLER

if (isset($_REQUEST["action"]) && $_REQUEST["action"]=="terminatereseller"){
if (isset($_POST["username"]) && !empty($_POST["username"])){
$terminateAddress="https://".$dataLogin["hostname"].":2087/json-api/terminatereseller?api.version=1&user=".$_POST["username"];
if (isset($_POST["terminatemain"]) && !empty($_POST["terminatemain"]) && $_POST["terminatemain"]==1) $terminateAddress.="&terminatereseller=1";
else $terminateAddress.="&terminatereseller=0";
$terminateReseller=json_decode(getData($terminateAddress), true);
if (isset($terminateReseller["metadata"]["reason"])) echo'<div class="box">Terminate Reseller '.$_POST['username'].' : '.$terminateReseller['metadata']['reason'].'</div>';
}
$listRes=json_decode(getData("https://".$dataLogin["hostname"].":2087/json-api/listresellers?api.version=1"), true);
echo'<div class="box"><h3>:: Terminate Reseller ::</h3><form method="POST"><select name="username">';
foreach ($listRes["data"]["reseller"] as $reseller){
echo'<option value="'.$reseller.'">'.$reseller.'</option>';
}
echo'</select><input type="checkbox" name="terminatemain" value="1"> Terminate the reseller main account<input type="hidden" name="action" value="terminatereseller"><input type="submit" value="Terminate Reseller" style="background: #e74c3c;"></form></div>';
}

// MENU FUNCTIONS

if (!empty($hostname["data"]["hostname"])){
echo'<div class="box"><h3>:: Menu Functions ::</h3><div><a href="'.$_SERVER['PHP_SELF'].'?action=listaccounts" title="List Accounts" class="button">List Accounts</a></div><div><a href="'.$_SERVER['PHP_SELF'].'?action=changepassword" title="Change Password" class="button">Change Password</a></div><div><a href="'.$_SERVER['PHP_SELF'].'?action=create" title="Create Account" class="button">Create Account</a></div><div><a href="'.$_SERVER['PHP_SELF'].'?action=terminate" title="Terminate Account" class="button">Terminate Account</a></div><div><a href="'.$_SERVER['PHP_SELF'].'?action=suspend" title="Suspend Account" class="button">Suspend Account</a></div><div><a href="'.$_SERVER['PHP_SELF'].'?action=unsuspend" title="Unsuspend Account" class="button">Unsuspend Account</a></div><div><a href="'.$_SERVER['PHP_SELF'].'?action=listsuspend" title="List Suspend Account" class="button">List Suspend Account</a></div>';
if ($dataLogin["username"]=="root")
echo'<div><a href="'.$_SERVER['PHP_SELF'].'?action=suspendreseller" title="Suspend Reseller" class="button">Suspend Reseller</a></div><div><a href="'.$_SERVER['PHP_SELF'].'?action=unsuspendreseller" title="Unsuspend Reseller" class="button">Unsuspend Reseller</a></div><div><a href="'.$_SERVER['PHP_SELF'].'?action=terminatereseller" title="Terminate Reseller" class="button">Terminate Reseller</a></div>';
echo'<div><a href="'.$_SERVER['PHP_SELF'].'?logout" title="Logout" class="button" style="background: #e74c3c;">Logout</a></div></div>';
}

echo'</div></div></body></html>';

?>