HTTP Auth in CGI based PHP

[squiggerz]

OK, here's what I have:

I'm making up a script that displays awstats or webalizer based on a clients choosing, this goes through cPanel. I have a login.php form that has two fields, domain and password. The login.php file posts to dom.php, this is where the client chooses which stats app to use. In this dom.php file it includes headers.php which has the bulk of the script, all the variables etc. The headers.php takes the $_POST data, does a regex on the cPanel /scripts2/listaccts?viewall=1 page and drops the domains and usernames into an array with domains as keys and usernames as values.  I've read about cURL and used it to retreive pages so I understand how that works. I guess the problem I'm really having is being able to go to the stats page having already sent the user/pass instead of passing them in plaintext in the link. I can get the user/pass vars to be set, I think I'm mainly having trouble figuring out if you can take user defined variables from one script and use them in another script?? Anybody with any helpful info, I'd be in your debt.

 

From dom.php:

note the link to the stats.php file, SID... this should give you some indication of how much I really understand about sessions: 

<?
include 'header.php';
if (isset($password, $username)) {

echo 
"<table width=\"500\" border=\"0\" align=\"center\" cellpadding=\"1\" cellspacing=\"1\">
  <tr>
    <td height=\"70\" colspan=\"2\"><div align=\"center\">View stats for {$_COOKIE['domain']}<br> Click  on one of the Statistical Program images below to access your statistics. </div></td>
  </tr>
  <tr>
    <td height=\"89\"><div align=\"center\">
      <p><a href=\"stats.php?SID\"><img src=\"http://www.domain.com/stats/awstats.gif\" width=\"65\" height=\"42\" border=\"0\" /></a><br />
        AWStats
      </p>
    </div></td>
    <td><div align=\"center\"><a href=\"webstats.php?SID\"><img src=\"http://www.domain.com/stats/webaliser.gif\" width=\"65\" height=\"42\" border=\"0\" \/></a><br />
    Webalizer</div></td>
  </tr>
</table>"
; }else{ echo "<center>Sorry You have either accessed this page directly or endtered a wrong Domain/Password combination. Please check and retry. NOTE: Domain SHOULD NOT CONTAIN 'http://www.'";}
?>

 

 

 

 

From headers.php:

<?
session_start();
setcookie('domain', $_POST[domain]);
$username2 = session_register("username");
$password2 = session_register("password");
$dom2 = session_register("dom"); 
// Web Host Manager Main Reseller Username, Pass, and URL:
$g1user = "*******";
$g1pass = "*******";
$gator1url = "70.87.*.*";

$g2user = "*******";
$g2pass = "*******";
$gator2url = "70.87.*.*";

$g3user = "*******";
$g3pass = "*******";
$gator3url = "74.52.*.*";

// Domain and Password info as passed from form on login.php
$dom = $_POST[domain];
$pwd = $_POST[pass];


// Gets the contents of the list all accounts page and puts them in variable $page
$g1 = @file_get_contents("http://$g1user:$g1pass@$gator1url:2086/scripts2/listaccts?viewall=1"); 
$g2 = @file_get_contents("http://$g2user:$g2pass@$gator2url:2086/scripts2/listaccts?viewall=1"); 
$g3 = @file_get_contents("http://$g3user:$g3pass@$gator3url:2086/scripts2/listaccts?viewall=1"); 

// Regular Expression (PCRE) for finding the domain name, explaining this would be labor intensive.
// In a nutshell, it takes the code from $domain, looks for 
//  <tr class="(tdshade1 or tdshade2)"><td><a href="http://domain.com" target="_blank"> <-- domain.com being what we are wanting.
$gator1dn = preg_match_all("/(<tr class=.tdshade)+(1|2)*(.>)+(.........<td>)+(<a href=\"http:\/\/)+([a-zA-Z0-9\-\.]{1,50}.[a-zA-z]{1,4})+(\" )+(target=..blank.>)+/ism", $g1, $gator1d);
$gator2dn = preg_match_all("/(<tr class=.tdshade)+(1|2)*(.>)+(.........<td>)+(<a href=\"http:\/\/)+([a-zA-Z0-9\-\.]{1,50}.[a-zA-z]{1,4})+(\" )+(target=..blank.>)+/ism", $g2, $gator2d);
$gator3dn = preg_match_all("/(<tr class=.tdshade)+(1|2)*(.>)+(.........<td>)+(<a href=\"http:\/\/)+([a-zA-Z0-9\-\.]{1,50}.[a-zA-z]{1,4})+(\" )+(target=..blank.>)+/ism", $g3, $gator3d);

$gator1un = preg_match_all("/(<\/a><\/td>.........<td>)+([a-zA-Z0-9\-\.]{1,15})+(<\/td>)+/ism", $g1, $gator1u);
$gator2un = preg_match_all("/(<\/a><\/td>.........<td>)+([a-zA-Z0-9\-\.]{1,15})+(<\/td>)+/ism", $g2, $gator2u);
$gator3un = preg_match_all("/(<\/a><\/td>.........<td>)+([a-zA-Z0-9\-\.]{1,15})+(<\/td>)+/ism", $g3, $gator3u);


//Combines arrays of domain list and username list
$gator1data = array_combine($gator1u[2], $gator1d[6]);
$gator2data = array_combine($gator2u[2], $gator2d[6]);
$gator3data = array_combine($gator3u[2], $gator3d[6]);
$gatorarray = array_merge($gator1data, $gator2data, $gator3data);

if (isset($gatorarray)) {
asort($gatorarray);
}
//Searches the $_POST domain value against the domain list values in the array, and returns the username associated
if ($arraysearch = array_search($dom, $gatorarray)) {
$arraykeys = @array_keys($gatorarray[$dom]);

}
$username = $arraysearch;
$password = $pwd;
$_SESSION["username"] = $username;
$_SESSION["password"] = $password;
?>

 

 

 

and last but not least, from stats.php:

<?
session_start();
include 'header.php';
$username = $_SESSION["username"];
$password = $_SESSION["password"];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://$dom:2082/awstats.pl?config=$dom&ShowOriginStats=1000');
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_USERPWD, '$username:$password');

curl_exec($ch);
curl_close($ch);
echo $username."<br>".$password;
?> 

 

I can get this to work without curl by just making a link to http://$username:$password@$dom:2082/stats... but this displays the user/pass clearly to the client, and the obvious reasoning for this would be that we do not want them to have their either their username or password, the username was easier to hide, and we could use the reseller password as sort of master password for internal use. Another reason is that when we do the user:pass@domain syntax, it asks twice if you would like to log in to this site as username.