Page 1 of 1

problem with a script it works but is to unsecure *newbe*

Posted: Tue Dec 16, 2003 7:07 pm
by tlc
Firstly thanks for reading,

I have a script that i have written it does what its ment to but i want to make it secure the script is as follows,

<?php
$user = 'USERNAME FOR CPANEL ACCESS';
$pass = 'PASSWORD, FOR CPANEL ACCESS';
?>
<meta http-equiv="refresh" content="0; URL=http://<?=$user?>:<?=$pass?>@www.DOMAIN.COM:2082/frontend/x/subdomain/doadddomain.html?domain=<?=$sub?>&rootdomain=DOMAIN.com">;



I will explain the script it takes the following information from a basic html form $sub

This then creates the subdomain on Cpanel which is great and works a treat bar the following,

This is my first script, it works which is always a bonus.

But, it has flaws which are as follows:

1. it displays the cpanel password & username.
2. i dont know how to get it to check if the subdomain is already created etc
3. once subdomain is created it doesnt log the user out of cpanel

4. i dont like storing the user name and password in a web accessable php file i may move it so its non web accessable


Could someone help me to correct the following problems i would give someone a drink out of it but i think it could be done with sessions and hashs but beyond me :-(


I can be reached here or by email @ nathan@foley1982.fsworld.co.uk


Many thanks in advance

Posted: Wed Dec 17, 2003 3:24 am
by aquila125
Did you fix this? If not.. explain a bit clearer.. I don't get it :)

Posted: Wed Dec 17, 2003 3:29 am
by qads
well tlc, i dont think anyone would email you will a fix, all we can suggest is how to fix it.

there are more tutorials on this subject alone then any other..i think :P

try google for: [google]user authorization with php tutorial[/google].