Then that's exactly what I said in my deleted post. It will connect to port :2082 using sockets, check if the username and password is invalid or not, and return the value. And it doesn't need your WHM Accesshash, because it's not going to use cPanel accounting module.no because it doesnt use WHM access it just logins it has no access to cpanel nor WHM when the login they go to the members area not WHM or cpanel
Oh sorry, I misunderstood.all it does is when you login with the username and password (Not the same as there cpanel login details.) it will go the the member's area.
<?php session_start();
// FUNCTION TO AUTHORIZE A USER WITH CPANEL LOGIN DETAILS
function auth()
{
if (empty($_POST['user']) || empty($_POST['pass']))
{
header("location: login.php");
exit;
}
if ( strlen($_POST['user']) > 8 )
{
header("location: login.php");
exit;
}
$url = "http://".$_POST['user'].":".$_POST['pass']."@localhost:2082/";
$ch = curl_init();
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_URL, $url );
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($ch);
if (!preg_match("/cPanel Login/i", $result))
{ // if
$_SESSION['user'] = $_POST['user'];
$_SESSION['authed'] = true;
return true;
}
else // else
{
return false;
}
} // end if
// END FUNCTION TO AUTHORIZE A USER WITH CPANEL LOGIN DETAILS
if (!$_POST)
{ // THIS CAN BE REPLACED WITH YOUR OWN HTML
// ENSURE YOU GIVE THE FORM OBJECTS THE SAME NAMES
echo "<form action=\"\" method=\"post\">\n";
echo "Username : <input type=\"text\" name=\"user\"><br>\n";
echo "Password : <input type=\"password\" name=\"pass\"><br>\n";
echo "<input type=\"submit\" value=\"login\"><br>\n";
echo "</form>";
exit;
}
elseif (auth()) {
header("location: members.php");
exit;
}
else
{
header("location members.php");
exit;
} // end if
?>
<?php session_start();
// Make sure the user has permissions to view the page
if (!$_SESSION['authed']) { header("location: login.php"); exit; }
// Logout
if ($_GET['action'] == "logout")
{
session_destroy();
header("location: login.php");
}
?>
<!-- PROTECTED PAGE -->
<a href="?action=logout">Logout</a>