TinkerMan

On 11/8/2021 at 9:28 PM, Shen Wei said:

Ok

Thanks!

Can you push out the fix to the following bugs?

• The CSR Generator does not work
• If invalid CSR code in entered in the get SSL field, private info is displayed instead of an error

Thanks!

Something with the exit statement. @Shen Whi fixed it. 

Thanks so much for fixing it! It is really appreciated.

Sure!

Ill send you a PM with the URL and login info

That does not change anything unfortunately. 

PHP errors are "ON" in the control panel, and my .htaccess file (In the /htdocs folder, there are no other .htaccess files on the site) is below.

php_flag display_errors on

php_value display_errors On
php_value mbstring.http_input auto
php_value date.timezone America/Chicago

How would I turn on errors? Enabling errors in the control panel does nothing…

Change its nameservers

I dident, but that does not seem to be it, as after adding it the error is still shown.

src/function/NewAccount.php (Other files remain the same as above post)

<?php
require __DIR__.'/Connect.php';
require __DIR__.'/../handler/CookieHandler.php';
require_once __DIR__.'/../handler/AreaHandler.php';
require_once __DIR__.'/../modules/autoload.php';
use \InfinityFree\MofhClient\Client;
if(isset($_POST['submit'])){
	$FormData = array(
		'username' => substr(str_shuffle('qwertyuioplkjhgfdsazxcvbnm012345789QWERTYUIOPLKJHGFDSAZXCVBNM'),0,8),
		'password' => substr(str_shuffle('?!qwertyuioplkjhgfdsazxcvbnm012345789QWERTYUIOPLKJHGFDSAZXCVBNM?!@#$%^&*/'),0,6),
		'domain' => $_POST['domain'],
		'email' => $ClientInfo['hosting_client_email'],
		'plan' => $_POST['package'],
		'label' => $_POST['label']
	);
	if(empty($FormData['domain'])){
		$_SESSION['message'] = '<div class="alert alert-danger" role="alert">
									  <button class="close" data-dismiss="alert" type="button" aria-label="Close">
									    <span aria-hidden="true">&times;</span>
									  </button>
									  Domain cannot be <b>empty!</b>
									</div>';
		header('location: ../newaccount.php');
	}
	else{
		$sql = mysqli_query($connect,"SELECT * FROM `hosting_account` WHERE `account_for`='".$ClientInfo['hosting_client_key']."'");
		if(mysqli_num_rows($sql)<3){
			$client = Client::create();
			$request = $client->createAccount([
			'username' => $FormData['username'],
			'password' => $FormData['password'],
			'domain' => $FormData['domain'],
			'email' => $FormData['email'],
			'plan' => $FormData['plan']
			]);
			$response = $request->send();
			$Data = $response->getData();
			$Result = array(
				'username' => $Data['result']['options']['vpusername'],
				'message' => $Data['result']['statusmsg'],
				'status' => $Data['result']['status'],
				'domain' => str_replace('cpanel', strtolower($FormData['username']), API_CPANEL_URL),
				'date' => date('m-j-Y'),
				'time' => date('G-i-s'),
				'timeanddate' => date('m-j-Y-G-i-s'),
				'label' => $FormData['label']
			);
			if($Result['status']==0 && strlen($Result['message'])>1){
				$_SESSION['message'] = '<div class="alert alert-danger" role="alert">
										  <button class="close" data-dismiss="alert" type="button" aria-label="Close">
										    <span aria-hidden="true">&times;</span>
										  </button>
										  '.$Result['message'].'
										</div>';
				header('location: ../newaccount.php');
				exit;
			}
			elseif($Result['status']==1 && strlen($Result['message'])>1){
				$sql = mysqli_query($connect,"INSERT INTO `hosting_account`(`account_username`, `account_password`, `account_domain`, `account_key`, `account_status`, `account_date`, `account_time`, `account_timeanddate`, `account_for`, `account_label`) VALUES ('".$Result['username']."','".$FormData['password']."','".$FormData['domain']."','".$Result['username']."','1','".$Result['date']."','".$Result['time']."','".$Result['timeanddate']."','".$ClientInfo['hosting_client_key']."','".$Result['label']."')");

...

The fist error message is the one triggered:

				else{
					$_SESSION['message'] = '<div class="alert alert-danger" role="alert">
											  <button class="close" data-dismiss="alert" type="button" aria-label="Close">
											    <span aria-hidden="true">&times;</span>
											  </button>
											  Something went <b>wrong!</b>
											</div>';
					header('location: ../newaccount.php');
					exit;
				}

I'm trying to customize a bit, but it is not working. What am I doing wrong?

ORIGINAL CODE:

DATABASE:

CREATE TABLE `hosting_account` (

`account_id` INT(11) PRIMARY KEY AUTO_INCREMENT NOT NULL,

`account_username` VARCHAR(22) NOT NULL,

`account_password` VARCHAR(16) NOT NULL,

`account_domain` VARCHAR(70) NOT NULL,

`account_key` VARCHAR(8) NOT NULL,

`account_status` INT(1) NOT NULL,

`account_date` VARCHAR(20) NOT NULL,

`account_for` INT(6) NOT NULL)

src/function/NewAccount.php

...
	else{
		$sql = mysqli_query($connect,"SELECT * FROM `hosting_account` WHERE `account_for`='".$ClientInfo['hosting_client_key']."'");
		if(mysqli_num_rows($sql)<3){
			$client = Client::create();
			$request = $client->createAccount([
			'username' => $FormData['username'],
			'password' => $FormData['password'],
			'domain' => $FormData['domain'],
			'email' => $FormData['email'],
			'plan' => $FormData['plan']
			]);
			$response = $request->send();
			$Data = $response->getData();
			$Result = array(
				'username' => $Data['result']['options']['vpusername'],
				'message' => $Data['result']['statusmsg'],
				'status' => $Data['result']['status'],
				'domain' => str_replace('cpanel', strtolower($FormData['username']), API_CPANEL_URL),
				'date' => date('d-m-Y')
			);
			if($Result['status']==0 && strlen($Result['message'])>1){
				$_SESSION['message'] = '<div class="alert alert-danger" role="alert">
										  <button class="close" data-dismiss="alert" type="button" aria-label="Close">
										    <span aria-hidden="true">&times;</span>
										  </button>
										  '.$Result['message'].'
										</div>';
				header('location: ../newaccount.php');
				exit;
			}
			elseif($Result['status']==1 && strlen($Result['message'])>1){
				$sql = mysqli_query($connect,"INSERT INTO `hosting_account`(`account_username`, `account_password`, `account_key`, `account_domain`, `account_status`, `account_date`, `account_for`) VALUES ('".$Result['username']."','".$FormData['password']."','".$FormData['username']."','".$Result['domain']."','1','".$Result['date']."','".$ClientInfo['hosting_client_key']."')");
                
...

NEW CODE:

DATEBASE: (Adds some info described below)

CREATE TABLE `hosting_account` (
  `account_id` int(11) NOT NULL,
  `account_username` varchar(22) NOT NULL,
  `account_password` varchar(16) NOT NULL,
  `account_domain` varchar(70) NOT NULL,
  `account_key` varchar(8) NOT NULL,
  `account_status` int(1) NOT NULL,
  `account_date` varchar(20) NOT NULL,
  `account_time` varchar(20) NOT NULL,
  `account_dateandtime` varchar(100) NOT NULL,
  `account_for` int(6) NOT NULL,
  `account_label` varchar(255) NOT NULL
)

src/template/NewAccount.php (Added around line 77, basically another text field to fill out when creating an account)

					<div class="col-md-6">
						<div class="mb-10 px-10">
							<label class="form-label required">Account Name</label>
							<input type="text" name="label" placeholder="Name this account!" class="form-control" required="true">
						</div>
					</div>

src/function/NewAccount.php (Now collects timestamp as well, and what was entered into the new text field).

...

	else{
		$sql = mysqli_query($connect,"SELECT * FROM `hosting_account` WHERE `account_for`='".$ClientInfo['hosting_client_key']."'");
		if(mysqli_num_rows($sql)<3){
			$client = Client::create();
			$request = $client->createAccount([
			'username' => $FormData['username'],
			'password' => $FormData['password'],
			'domain' => $FormData['domain'],
			'email' => $FormData['email'],
			'plan' => $FormData['plan']
			]);
			$response = $request->send();
			$Data = $response->getData();
			$Result = array(
				'username' => $Data['result']['options']['vpusername'],
				'message' => $Data['result']['statusmsg'],
				'status' => $Data['result']['status'],
				'domain' => str_replace('cpanel', strtolower($FormData['username']), API_CPANEL_URL),
				'date' => date('m-j-Y'),
				'time' => date('G-i-s'),
				'timeanddate' => date('m-j-Y-G-i-s'),
				'label' => $FormData['label']
			);
			if($Result['status']==0 && strlen($Result['message'])>1){
				$_SESSION['message'] = '<div class="alert alert-danger" role="alert">
										  <button class="close" data-dismiss="alert" type="button" aria-label="Close">
										    <span aria-hidden="true">&times;</span>
										  </button>
										  '.$Result['message'].'
										</div>';
				header('location: ../newaccount.php');
				exit;
			}
			elseif($Result['status']==1 && strlen($Result['message'])>1){
				$sql = mysqli_query($connect,"INSERT INTO `hosting_account`(`account_username`, `account_password`, `account_domain`, `account_key`, `account_status`, `account_date`, `account_time`, `account_timeanddate`, `account_for`, `account_label`) VALUES ('".$Result['username']."','".$FormData['password']."','".$FormData['domain']."','".$Result['username']."','1','".$Result['date']."','".$Result['time']."','".$Result['timeanddate']."','".$ClientInfo['hosting_client_key']."','".$FormData['label']."')");

...

Thanks

Make sure you have the country set in the profile. 
 

I do believe it still returns and error though, although its a different one

ALERT!

If incorrect CSR code in entered into the new SSL page, info that should remain secret is displayed. Try entering "fff" into the box and click "enter" to test it out yourself. 

2 hours ago, Pro Hostinga said:

I don't think it will work on free hosting.

I was just about to say that it is still not working.

@Shen Wei, are you trying this on free hosting?

How do we setup the callback URL? (Where should it point to)

What is this used for?

Also, when can we the suspension bug fix to be released?

Try re-installing MOFHY, everything works for me. Also, can you give the exact error message?

Thanks

2 hours ago, Shen Wei said:

I already implemented it and will be uploaded soon. 

Cant wait! Did you also fix the suspension system bug?

20 hours ago, Santiago said:

Now 5

Its not allowed.

ME: So I am not allowed to build a client area that allows people to create 5 accounts each?

Support Operator:
Hi there,

Correct, It is not allowed to register more than 3 free hosting accounts

Thank you and stay safe !

Please let us know if there is anything we can do.

Best Regards

54 minutes ago, Santiago said:

But I have created a 4 accounts in my clientarea

Its probably not allowed, but the auto-system cant detect it. I'm sure something will happen at some point.

and ftp.yourdomain.com for FTP (Unless you are using a different FTP server).

Actually there is a limit. I contact support on the topic and their reply is below.

----

Hi there,

The limit is 3 accounts per person which we feel is a fair amount since you can add many domains / sub domains to each account.

Best Regards

1 minute ago, Santiago said:

MyOwnFreeHost not limit the accounts per email

Ah, I though they did

2 hours ago, Santiago said:

one of the peculiarities is that instead of 3 free accounts we allow 50

Can you do that? I don't think so...

Is the error log file supposed to be there?

What is that?