#!/bin/bash clear echo "#################################################################" echo "# By TheFantas® - Mod Reseller CWP #" echo "#################################################################" echo "" API_KEY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1) PASS_MYSQL=$(grep db_pass /usr/local/cwpsrv/htdocs/resources/admin/include/db_conn.php | xargs | sed 's/$db_pass = //g;s/;//g') echo "API_KEY = $API_KEY" touch /usr/local/cwp/.conf/api_allowed.conf touch /usr/local/cwpsrv/htdocs/resources/client/include/3rdparty.php touch /usr/local/cwp/.conf/api_key.conf if ! [ $(grep 127.0.0.1 /usr/local/cwp/.conf/api_allowed.conf | wc -l) -ge 1 ];then echo "127.0.0.1" >> /usr/local/cwp/.conf/api_allowed.conf fi if ! [ $(grep $API_KEY /usr/local/cwp/.conf/api_key.conf | wc -l) -ge 1 ];then echo "$API_KEY" >> /usr/local/cwp/.conf/api_key.conf fi # Create 3rdparty cat >> /usr/local/cwpsrv/htdocs/resources/client/include/3rdparty.php <Reseller EOF touch /usr/local/cwpsrv/htdocs/resources/admin/include/3rdparty.php # Create 3rdparty admin cat >> /usr/local/cwpsrv/htdocs/resources/admin/include/3rdparty.php <Reseller EOF # MySQL Database import mysql -u root -p$PASS_MYSQL << EOF use root_cwp; ALTER TABLE user ADD COLUMN owner_id int(11) NOT NULL AFTER backup; ALTER TABLE user ADD COLUMN is_reseller int(1) NOT NULL AFTER backup; EOF touch /usr/local/cwpsrv/htdocs/resources/client/modules/reseller.php # Create reseller.php cat >> /usr/local/cwpsrv/htdocs/resources/client/modules/reseller.php <owner = @\$_SESSION['username']; \$result = \$mysqli->query("SELECT id FROM user WHERE username='".\$this->owner."' LIMIT 1"); if (\$result->num_rows > 0) { \$row = \$result->fetch_assoc(); \$this->id_username = \$row['id']; } echo '
Reseller Account

'; \$arrContextOptions=array( "ssl"=>array( "verify_peer"=>false, "verify_peer_name"=>false, ), ); switch (@\$_POST['api_cmd']) { case "account_new": if ((strlen(@\$_POST['domain']) > 1) && (strlen(@\$_POST['username']) == 8) && (strlen(@\$_POST['password']) > 5) && (@\$_POST['package'] > 0) && (strlen(@\$_POST['email']) > 5)) { \$response_cmd_api = file_get_contents(str_replace(array('DOMAIN_R', 'USERNAME_R', 'PASSWORD_R', 'PACKAGE_NUMBER', 'CLIENT_EMAIL'), array(@\$_POST['domain'], @\$_POST['username'], @\$_POST['password'], @\$_POST['package'], @\$_POST['email']), \$this->account_new), false, stream_context_create(\$arrContextOptions)); \$this->alert = "alert-success"; \$this->message = "Aviso! Account successfully created.

Response: ".\$response_cmd_api; \$this->toHtml(); if (strpos(\$response_cmd_api, 'OK') !== FALSE) \$result = \$mysqli->query("UPDATE user SET owner_id='".\$this->id_username."' WHERE username='".@\$_POST['username']."' LIMIT 1"); } else { \$this->alert = "alert-danger"; \$this->message = "Error! Enter all fields correctly."; \$this->toHtml(); } break; case "account_remove": if ((strlen(@\$_POST['domain']) > 1) && (strlen(@\$_POST['username']) == 8)) { \$response_cmd_api = file_get_contents(str_replace(array('DOMAIN_R', 'USERNAME_R'), array(@\$_POST['domain'], @\$_POST['username']), \$this->account_remove), false, stream_context_create(\$arrContextOptions)); \$this->alert = "alert-success"; \$this->message = "Aviso! Account successfully deleted.

Response: ".\$response_cmd_api; \$this->toHtml(); } else { \$this->alert = "alert-danger"; \$this->message = "Error! Account could not be deleted."; \$this->toHtml(); } break; case "account_suspend": if ((strlen(@\$_POST['domain']) > 1) && (strlen(@\$_POST['username']) == 8)) { \$response_cmd_api = file_get_contents(str_replace(array('DOMAIN_R', 'USERNAME_R'), array(@\$_POST['domain'], @\$_POST['username']), \$this->account_suspend), false, stream_context_create(\$arrContextOptions)); \$this->alert = "alert-success"; \$this->message = "Aviso! Account successfully suspended.

Response: ".\$response_cmd_api; \$this->toHtml(); } else { \$this->alert = "alert-danger"; \$this->message = "Error! The account could not be suspended.".str_replace(array('DOMAIN_R', 'USERNAME_R'), array(@\$_POST['domain'], @\$_POST['username']), \$this->account_suspend); \$this->toHtml(); } break; case "account_unsuspend": if ((strlen(@\$_POST['domain']) > 1) && (strlen(@\$_POST['username']) == 8)) { \$response_cmd_api = file_get_contents(str_replace(array('DOMAIN_R', 'USERNAME_R'), array(@\$_POST['domain'], @\$_POST['username']), \$this->account_unsuspend), false, stream_context_create(\$arrContextOptions)); \$this->alert = "alert-success"; \$this->message = "Aviso! Successfully suspended account.

Response: ".\$response_cmd_api; \$this->toHtml(); } else { \$this->alert = "alert-danger"; \$this->message = "Error! The account could not be suspended."; \$this->toHtml(); } break; case "unblock_ip": if (strlen(@\$_POST['user_ip']) > 6) { \$response_cmd_api = file_get_contents(str_replace(array('IP_UNBLOCK'), array(@\$_POST['user_ip']), \$this->unblock_ip), false, stream_context_create(\$arrContextOptions)); \$this->alert = "alert-success"; \$this->message = "Aviso! Ip successfully unlocked.

Response: ".\$response_cmd_api; \$this->toHtml(); } else { \$this->alert = "alert-danger"; \$this->message = "Error! The ip could not be unlocked."; \$this->toHtml(); } break; } } public function initalize() { \$this->check_is_reseller(); } public function check_is_reseller() { global \$db_host, \$db_name, \$db_user, \$db_pass, \$crypt_pwd; @\$mysqli = new mysqli(\$db_host, \$db_user, \$db_pass, \$db_name); /* check connection */ if (\$mysqli->connect_error) { die("Error: The server can't connect to the database: Probably there isn't one."); exit(); } /* change character set to utf8 */ if (!\$mysqli->set_charset("utf8")) { printf("Error loading character set utf8: %s\n", \$mysqli->error); exit; } \$result = \$mysqli->query("SELECT is_reseller FROM user WHERE username='".\$this->owner."' LIMIT 1"); if (\$result->num_rows > 0) { \$row = \$result->fetch_assoc(); \$is_reseller = \$row['is_reseller']; if (\$is_reseller == 1) { \$package = ''; \$result = \$mysqli->query("SELECT id, package_name FROM packages"); if (\$result->num_rows > 0) { \$package = ''; while(\$row = \$result->fetch_assoc()) { \$package .= ''; } } echo '

Create a New Account

Domain: (without www.)
Username: (8 characters)
Password:
Package:
Email: (*Required)



'; \$this->alert = "alert-info"; \$this->message = "Welcome! Your account is Reseller."; \$this->toHtml(); \$result = \$mysqli->query("SELECT * FROM user WHERE owner_id='".\$this->id_username."' AND is_reseller=0"); if (\$result->num_rows > 0) { echo ''; while(\$row = \$result->fetch_assoc()) { \$id = \$row['id']; \$username = \$row['username']; \$domain = \$row['domain']; \$ip_address = \$row['ip_address']; \$email = \$row['email']; \$setup_date = \$row['setup_date']; \$package = \$row['package']; \$owner_id = \$row['owner_id']; echo ''; } echo ''; } else { echo 'No reconciliation accounts.'; } } else { \$this->alert = "alert-danger"; \$this->message = "Error! Your account is not Reseller."; \$this->toHtml(); } } } public function toHtml() { echo '
× '.\$this->message.'
'; } } \$reseller = new reseller(); \$reseller->initalize(); ?> EOF touch /usr/local/cwpsrv/htdocs/resources/admin/modules/reseller.php # Create reseller.php admin cat >> /usr/local/cwpsrv/htdocs/resources/admin/modules/reseller.php <Reseller Account
'; switch (@\$_POST['api_cmd']) { case "account_reseller": if ((strlen(@\$_POST['domain']) > 1) && (strlen(@\$_POST['username']) > 1)) { \$mysqli->query("UPDATE user SET is_reseller='1' WHERE username='".@\$_POST['username']."' LIMIT 1"); \$this->alert = "alert-success"; \$this->message = "Aviso! Reseller Conversion Account."; \$this->toHtml(); } else { \$this->alert = "alert-danger"; \$this->message = "Error! The reseller account could not be changed.".str_replace(array('DOMAIN_R', 'USERNAME_R'), array(@\$_POST['domain'], @\$_POST['username']), \$this->account_reseller); \$this->toHtml(); } break; case "account_non_reseller": if ((strlen(@\$_POST['domain']) > 1) && (strlen(@\$_POST['username']) > 1)) { \$mysqli->query("UPDATE user SET is_reseller='0' WHERE username='".@\$_POST['username']."' LIMIT 1"); \$this->alert = "alert-success"; \$this->message = "Aviso! Non-Reseller Conversion Account."; \$this->toHtml(); } else { \$this->alert = "alert-danger"; \$this->message = "Error! The Non-Reseller account could not be changed."; \$this->toHtml(); } break; } } public function initalize() { \$this->check_is_reseller(); } public function check_is_reseller() { global \$db_host, \$db_name, \$db_user, \$db_pass, \$crypt_pwd; @\$mysqli = new mysqli(\$db_host, \$db_user, \$db_pass, \$db_name); /* check connection */ if (\$mysqli->connect_error) { die("Error: The server can't connect to the database: Probably there isn't one."); exit(); } /* change character set to utf8 */ if (!\$mysqli->set_charset("utf8")) { printf("Error loading character set utf8: %s\n", \$mysqli->error); exit; } \$this->alert = "alert-info"; \$this->message = "Welcome! Account List."; \$this->toHtml(); \$result = \$mysqli->query("SELECT * FROM user"); if (\$result->num_rows > 0) { echo ''; while(\$row = \$result->fetch_assoc()) { \$id = \$row['id']; \$username = \$row['username']; \$domain = \$row['domain']; \$ip_address = \$row['ip_address']; \$email = \$row['email']; \$setup_date = \$row['setup_date']; \$is_reseller = (\$row['is_reseller'])?'True':'False'; \$owner_id = \$row['owner_id']; echo ''; } echo ''; } else { echo 'No reconciliation accounts.'; } } public function toHtml() { echo '
× '.\$this->message.'
'; } } \$reseller = new reseller(); \$reseller->initalize(); ?> EOF echo "" echo "#################################################################" echo "# finished process #" echo "#################################################################"