Skip to content

Instantly share code, notes, and snippets.

@AlexR1712
Forked from kmark/LogMeIn.php
Created May 20, 2017 17:57
Show Gist options
  • Save AlexR1712/d84a1fbdccc54a55ffede658f4adfc2d to your computer and use it in GitHub Desktop.
Save AlexR1712/d84a1fbdccc54a55ffede658f4adfc2d to your computer and use it in GitHub Desktop.
PHP implementation of cPanel's Perl LogMeIn class.
<?php
namespace cPanel;
/**************************************************************************************
* Copyright (c) 2013, cPanel, Inc. *
* All rights reserved. *
* *
* Redistribution and use in source and binary forms, with or without modification, *
* are permitted provided that the following conditions are met: *
* *
* Redistributions of source code must retain the above copyright notice, this list *
* of conditions and the following disclaimer. Redistributions in binary form must *
* reproduce the above copyright notice, this list of conditions and the following *
* disclaimer in the documentation and/or other materials provided with the *
* distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS *
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE *
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE *
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR *
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES *
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS *
* OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY *
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING *
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN *
* IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. *
* *
* PHP implementation of cPanel's LogMeIn.pm by Kevin Mark *
**************************************************************************************/
class LogMeIn {
// The available services with their HTTPS ports
private static $servicePorts = array('cpanel' => 2083, 'whm' => 2087, 'webmail' => 2096);
public static function getLoggedInUrl($user, $pass, $hostname, $service, $goto = '/') {
// If no valid service has been given, default to cPanel
$port = isset(self::$servicePorts[$service]) ? self::$servicePorts[$service] : 2083;
$ch = curl_init();
$fields = array('user' => $user, 'pass' => $pass, 'goto_uri' => $goto);
// Sets the POST URL to something like: https://example.com:2083/login/
curl_setopt($ch, CURLOPT_URL, 'https://' . $hostname . ':' . $port . '/login/');
curl_setopt($ch, CURLOPT_POST, true);
// Turn our array of fields into a url encoded query string i.e.: ?user=foo&pass=bar
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($fields));
// RFC 2616 14.10 compliance
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection' => 'close'));
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Execute POST query returning both the response headers and content into $page
$page = curl_exec($ch);
curl_close($ch);
$session = $token = array();
// Find the session cookie in the page headers
if(!preg_match('/session=([^\;]+)/', $page, $session)) {
// This will also fail if the login authentication failed. No need to explicitly check for it.
return false;
}
// Find the cPanel session token in the page content
if(!preg_match('|<META HTTP-EQUIV="refresh"[^>]+URL=/(cpsess\d+)/|i', $page, $token)) {
return false;
}
// Append the goto_uri to the query string if it's been manually set
$extra = $goto == '/' ? '' : '&goto_uri=' . urlencode($goto);
return 'https://' . $hostname . ':' . $port . '/' . $token[1] . '/login/?session=' . $session[1] . $extra;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment