Is anyone fimiliar with Plesk Creation Utilities? I guess these are commands you can run from the command line to add users and assign a hosting package. I'm wondering if I could run these commands via a PHP script? If I could I would be able to develop my own sign up script. Anyone know anything about this? Thanks!

Maybe

this

http://download1.sw-soft.com/Plesk/Plesk7.5/Doc/plesk-7.5r-sdk-html/docs/cu/unix/ch23.html

and

this

http://download1.sw-soft.com/Plesk/Plesk7.5/Doc/plesk-7.5r-sdk-html/docs/cu/unix/ch04.html

are the ones you are looking for !

I'm new to linux. It says to use client.sh and these different files depending on what you want to do. How do you "use" that file? I tried:
root# client.sh --create user

I dont think that is the correct syntax though. I just dont know how to open client.sh so I can use it, anyone know what I mean?

Hi,

You can run the creation utilities via PHP, however, the creation utilities must be run as root. This understates that you must have SUDO installed.

Enter the second consideration, PHP normally runs as nobody (apache on certain systems). It would be murder to grant SUDO access to 'nobody'. You must therefore also have some type of SUEXEC module, carefully configured, to identify which user is running the PHP script - that way you can control which users get SUDO access.

All in all, the Plesk7 API design is poor. On the bright side, the Plesk6 API was worse - perhaps they'll nail it with Plesk8? :) An API is supposed to give a program access to another program (application program interface) - however - root-privilege only shell scripts is shooting yourself in the foot. Most resellers will not grant sudo access on a shared webhosting machine which is the audience that plesk caters to. Sudo opens a hole without doubt, and it is wise to keep these kinds of 'powerful' tools far away from scripting languages such as Perl and PHP, which are the tools generally used to create web applications. Why then create an API that is only accessible through means which are not viable under most situations? It's akin to selling soup knives. Jokes aside, much harm could be done by the savvy wrongdoer.

Regards.
Alexandre

So there is no way to do what I'm trying to do securely then? How does modernbill create a plesk acct sercurely then?

They don't lol. They depend on sudo and suexec as exacted above.

;)

Well someone mentioned to me running a cron job and have it check a database for new users every 5 mins or so and add them with plesk creation utilities. What do you think about that? Wouldn't that be secure?

Do you run your cron as root?

I thought cron runs as root, no?

Depends on how your system is configured. We forbid this on our machines...

not secure to run cron as root?