├── .gitignore
├── logout.php
├── README.md
├── index.php
├── edit_email.php
├── email_accounts.php
├── login.php
└── DirectAdminAPI.php


/.gitignore:
--------------------------------------------------------------------------------
1 | .vscode
2 | .htaccess
3 | .htpasswd
4 | .git
5 | 


--------------------------------------------------------------------------------
/logout.php:
--------------------------------------------------------------------------------
1 | <?php
2 | session_start();
3 | session_unset();
4 | session_destroy();
5 | header("Location: login.php");
6 | exit();
7 | ?>
8 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # controlpanel
2 | 
3 | This is the current stage of the in-house control panel for MXroute, using the DirectAdmin API. The login system is not what I would like it to be long term, but it is a decent stand-in for a first iteration, for staging only.
4 | 


--------------------------------------------------------------------------------
/index.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | session_start();
 3 | 
 4 | if (!isset($_SESSION['username']) || !isset($_SESSION['password'])) {
 5 |     header("Location: login.php");
 6 |     exit();
 7 | }
 8 | 
 9 | require_once 'DirectAdminAPI.php';
10 | 
11 | $domains = $directAdmin->getDomainList();
12 | 
13 | ?>
14 | 
15 | <!DOCTYPE html>
16 | <html>
17 | <head>
18 |     <title>Control Panel</title>
19 | </head>
20 | <body>
21 |     <h1>Domain List</h1>
22 |     <ul>
23 |     <?php foreach ($domains as $domain): ?>
24 |     <li><a href="email_accounts.php?domain=<?php echo htmlspecialchars($domain); ?>"><?php echo htmlspecialchars($domain); ?></a></li>
25 |     <?php endforeach; ?>
26 |         <p><a href="logout.php">Logout</a></p>
27 |     </ul>
28 | </body>
29 | </html>
30 | 


--------------------------------------------------------------------------------
/edit_email.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | session_start();
 3 | 
 4 | if (!isset($_SESSION['username']) || !isset($_SESSION['password'])) {
 5 |     header("Location: login.php");
 6 |     exit();
 7 | }
 8 | 
 9 | require_once 'DirectAdminAPI.php';
10 | 
11 | $domain = $_GET['domain'];
12 | $domain = strip_tags(htmlspecialchars($domain));
13 | $emailaccounts = $directAdmin->getEmailAccounts($domain);
14 | 
15 | ?>
16 | 
17 | <!DOCTYPE html>
18 | <html>
19 | <head>
20 |     <title>Control Panel</title>
21 | </head>
22 | <body>
23 |     <h1>Email List</h1>
24 |     <ul>
25 |     <?php foreach ($emailaccounts as $emailaccount): ?>
26 |     <li><a href="edit_email.php?<?php echo "domain=" . $domain . "&acct=" . $emailaccount; ?>"><?php echo htmlspecialchars($emailaccount); ?></a></li>
27 |     <?php endforeach; ?>
28 |         <p><a href="index.php">Back to index</a></p>
29 |         <p><a href="logout.php">Logout</a></p>
30 |     </ul>
31 | </body>
32 | </html>
33 | 


--------------------------------------------------------------------------------
/email_accounts.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | session_start();
 3 | 
 4 | if (!isset($_SESSION['username']) || !isset($_SESSION['password'])) {
 5 |     header("Location: login.php");
 6 |     exit();
 7 | }
 8 | 
 9 | require_once 'DirectAdminAPI.php';
10 | 
11 | $domain = $_GET['domain'];
12 | $domain = strip_tags(htmlspecialchars($domain));
13 | $emailaccounts = $directAdmin->getEmailAccounts($domain);
14 | 
15 | ?>
16 | 
17 | <!DOCTYPE html>
18 | <html>
19 | <head>
20 |     <title>Control Panel</title>
21 | </head>
22 | <body>
23 |     <h1>Email List</h1>
24 |     <ul>
25 |     <?php foreach ($emailaccounts as $emailaccount): ?>
26 |     <li><a href="edit_email.php?<?php echo "domain=" . $domain . "&acct=" . $emailaccount; ?>"><?php echo htmlspecialchars($emailaccount); ?></a></li>
27 |     <?php endforeach; ?>
28 |         <p><a href="index.php">Back to index</a></p>
29 |         <p><a href="logout.php">Logout</a></p>
30 |     </ul>
31 | </body>
32 | </html>
33 | 


--------------------------------------------------------------------------------
/login.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | session_start();
 3 | 
 4 | if (isset($_SESSION['username']) && isset($_SESSION['password'])) {
 5 |     header("Location: index.php");
 6 |     exit();
 7 | }
 8 | 
 9 | if ($_SERVER['REQUEST_METHOD'] === 'POST') {
10 |     require_once 'DirectAdminAPI.php';
11 |     $username = strip_tags(htmlspecialchars($_POST['username']));
12 |     $password = strip_tags(htmlspecialchars($_POST['password']));
13 | 
14 |     $directAdmin = new DirectAdminAPI($username, $password, 'arrow.mxrouting.net', 2222);
15 | 
16 |     if ($directAdmin->authenticate()) {
17 |         $_SESSION['username'] = $username;
18 |         $_SESSION['password'] = $password;
19 |         header("Location: index.php");
20 |         exit();
21 |     } else {
22 |         $loginFailed = true;
23 |         $errorMessage = $directAdmin->getLastError();
24 |     }    
25 | }
26 | ?>
27 | 
28 | <!DOCTYPE html>
29 | <html>
30 | <head>
31 |     <title>Login</title>
32 | </head>
33 | <body>
34 |     <h1>Login</h1>
35 |     <?php if (isset($loginFailed) && $loginFailed): ?>
36 |     <p style="color: red;">Login failed: <?php echo htmlspecialchars($errorMessage); ?></p>
37 |     <?php endif; ?>
38 |     <form action="login.php" method="post">
39 |         <label for="username">Username:</label>
40 |         <input type="text" name="username" id="username" required>
41 |         <br>
42 |         <label for="password">Password:</label>
43 |         <input type="password" name="password" id="password" required>
44 |         <br>
45 |         <button type="submit">Login</button>
46 |     </form>
47 | </body>
48 | </html>
49 | 


--------------------------------------------------------------------------------
/DirectAdminAPI.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | class DirectAdminAPI {
 4 |     private $username;
 5 |     private $password;
 6 |     private $hostname;
 7 |     private $port;
 8 | 
 9 |     public function __construct($username, $password, $hostname, $port = 2222) {
10 |         $this->username = $username;
11 |         $this->password = $password;
12 |         $this->hostname = $hostname;
13 |         $this->port = $port;
14 |     }
15 | 
16 |     public function authenticate() {
17 |         $url = "https://{$this->hostname}:{$this->port}/CMD_API_LOGIN_TEST";
18 |     
19 |         $response = $this->sendRequest($url);
20 |     
21 |         return isset($response['error']) && $response['error'] === '0';
22 |     }                   
23 | 
24 |     public function getDomainList() {
25 |         $url = "https://{$this->hostname}:{$this->port}/CMD_API_SHOW_DOMAINS";
26 | 
27 |         $response = $this->sendRequest($url);
28 | 
29 |         if (isset($response['error']) || !isset($response['list'])) {
30 |             return [];
31 |         }
32 | 
33 |         return array_values($response['list']);
34 |     }
35 | 
36 |     public function getEmailAccounts($domain) {
37 |         $url = "https://{$this->hostname}:{$this->port}/CMD_API_POP?action=list&domain={$domain}";
38 | 
39 |         $response = $this->sendRequest($url);
40 | 
41 |         if (isset($response['error']) || !isset($response['list'])) {
42 |             return [];
43 |         }
44 | 
45 |         return array_values($response['list']);
46 |     }
47 | 
48 |     private function sendRequest($url) {
49 |         $curl = curl_init($url);
50 |         curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
51 |         curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
52 |         curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
53 |         curl_setopt($curl, CURLOPT_USERPWD, "{$this->username}:{$this->password}");
54 |     
55 |         $response = curl_exec($curl);
56 |     
57 |         // Check for errors and display them
58 |         if (curl_errno($curl)) {
59 |             $error_number = curl_errno($curl);
60 |             $error_message = 'Curl error (' . $error_number . '): ' . curl_error($curl);
61 |             echo $error_message;
62 |         }
63 |     
64 |         curl_close($curl);
65 |     
66 |         //echo "Raw Response: " . $response;
67 |     
68 |         parse_str($response, $parsedResponse);
69 |         return $parsedResponse;
70 |     }       
71 | 
72 |     private function parseDirectAdminResponse($response) {
73 |         $result = [];
74 |     
75 |         parse_str($response, $result);
76 |     
77 |         return $result;
78 |     }    
79 | 
80 |     private $lastError;
81 |         public function getLastError() {
82 |         return $this->lastError;
83 |     }
84 | }
85 | 
86 | $directAdmin = new DirectAdminAPI($_SESSION['username'], $_SESSION['password'], 'arrow.mxrouting.net', 2222);


--------------------------------------------------------------------------------