cPanel / Webalizer Hack

[squiggerz]

So I'm trying to set up a script that grabs webalizer stats from 1 of our 3 servers running cPanel. I have found many, many scripts that will allow you to do this if you put the stats script on the same domain that you are pulling stats for, however I'm trying to pull stats about a domain on one server by a script on another server, nothing I have tried has worked thus far.. auth doesnt seem to work correctly between the two servers (guessing because of the Host: header, not really sure), anyway I've came across another script that works the same way the rest do, if you stick it on the same host, it works. This script actually looks very promising though, hopefully somebody here can help me figure out a way to get it to work cross-server style.

 

Here's the stats script, note the first 3 vars, if you set them to the actual domain/user/pass, the script works, but where I'm trying to use $_POST values from my login.php form, the script fails to pull the images and the links will not work because those vars obviously do not propagate to the links... :

<?php
$user = $_POST['user'];
$pass = $_POST['pass'];
$url  = $_POST['dom'];

//retrieves the webalizer file, either .html or .png
function getFile($file) {
global $user, $pass, $url;
return file_get_contents("http://" . $user . ":" . $pass . "@" . $url . ":2082/tmp/" . $user . "/webalizer/" . $file);
}

//alters links, either .html or .png
function changeLinks($subject, $type) {
return preg_replace("/($type=\")(?!http)(.*?)\"/is", "$1$PHP_SELF?$2\"", $subject);
}

if(!empty($_SERVER['QUERY_STRING'])) {

//get file (whether png or html) 
$page = getFile($_SERVER['QUERY_STRING']);

//if png, output appropriate header
if(strpos($_SERVER['QUERY_STRING'],'.png') !== false) {
header("Content-type: image/png");
}
//change the .png src(s)
else {
$page = changePix($page, 'src');
	}
}
else {
//get index
$page = getFile('index.html');

//change links
$page = changeLinks($page, 'href');

//change the usage.png src
$page = changePix($page, 'src');
}
//output it
echo $page;

?> 

 

Now, just for reference, here's my login.php script, keep in mind, this script will reside on a neutral server to the actual servers that the stats script will reside on, which is sort of irrelevant to the actual problem, POST is POST no matter what page it came from:

 

<html>
<head>
<title>Customer Statistics Login</title>

</head>
<body>
<form name = "cpLoginForm" method="POST" action="stats.php"  target="_self">
  <p align="center">Please log in. </p>
  <p align="center">Domain:<br>
    <input type="text" name="dom">
  </p>
    <p align="center">Username:<br>
    <input type="text" name="user">
  </p>
  <p align="center">Password: <br>
    <input type="password" name="pass">
      <br>
      <br>
   <input type="submit" value="Login">
  </p>
</form>
</body>
</html>

 

So, any ideas? I've thought about the session/cookie concept but I'm very ill-versed with that, any help would be greatly appreciated.

 

sq

[radar]

This I don't think will work very well, however I will try and come up with something based on this for you...  You may have to upload a file to every server, but at that point you would be able to have a single program run all of the info you wish to gather...

 

i'll work on it within the week.