Auto User Email Creation

[babyina99]

Hi,

1st of All thanks to Tuney and ur mailed regarding the url to download the script. My suggestion here is if you can do like this, user will only created after admin approval. If make it that way, I would very happy because I really need that way in my organization as goverment body.

Hope to hear from you soon and can't wait for new patch..

Cheers!
Ina

[ptwmedia]

Thanks Tuney for the script. Do you have any updates on Joomla! integration?

[bts_11]

Thanks for the script Tuney.

I am not sure but, I think there is a security risk in the admin files. I have the latest version, and if you put the url to some of the admin pages such as delaccount.php it will let you carry out actions. I tried going directly to delaccount.php. It did not ask to delete a specific account it asked "Are you sure you wish to delete the account @mydomain.com ?" and it did indeed delete my only account in cpanel which is my administrative account. I was not able to log in after this. Although, after re-creating my account in cpanel, my account worked fine and also automatically regained administrative rights. It seems the email accounts in roundcubes database were not affected. Browsing to the file ed534ggt.php however, produces "YOU ARE NOT AUTHORIZED TO ACCESS THIS AREA". Also I can create an account with administratiive privledges without being logged in. This is a major bug, probabably easily fixed though. Anyone know how to fix it?

Not to be rushing or annoying, but how is the new version coming. Is it still being developed? Also for the joomla intergration. Roundcube being wrapped isn't much a concern for me however, it would be nice to have the registration for email tied in with joomla's registration. Would this be hard to implement?

Thanks,
Brandon

[modem]

For anyone interested in the DirectAdmin port... here is the DirectAdmin API and documentation:

http://www.directadmin.com/api.html

[bts_11]

I am trying to intergrate roundcube for joomla. I currently am able to use joomla's registration to create an email account in cpanel. After filling out the forms it creates the email address and sends both the administrator and the new user an email with details about their new email account. However, sending the registration does not add the user to joomla's database. In the registation registration.html.php i have this

Code: [Select]

<input type=&quot;hidden&quot; name=&quot;task&quot; value=&quot;emailsignup&quot; />
and in registration.php i have

Code: [Select]

switch( $task ) {case 'emailsignup':
emailsignup( $option );
break;
}
and at the bottom of registration.php i have

Code: [Select]

function emailsignup( $option ){email signup code.....}
What do I need to change/add to allow joomla to carry out it's business before the email signup code is activated?

Thanks,
Brandon

[Chadi]

Is this available for vbulletin yet? Just curious

[MikeyT]

Hey,

Can anyone help..

I have put all the files up into a folder named 'email'

Whenever i try to install i get this error:

'can't open file'

Any ideas why?


...........

Problem sorted..

However now once I have clicked install.. It ends up going to a blank page.

When i go to domain.com/email I get this error appear: Error No. 1f4)


Any ideas what this means?

[bts_11]

Is anyone still working on this project?

[nolit]

I want to share something. On the usuall install of auto create, you will have an admin folder which files can be viewed by typing "http://yourdomain.com/emsu/admin/". In order to hide it, I simple put in a blank index.html on the folder. So goes with the emsu folder.

I am not sure if having these accessible thru open directories make them vulnerable, but paranoid as I am, I made the fix. What do you guys think of it? Other CMS uses this method. Does this affect the whole script?

[bts_11]

In Cpanel, there is a way to turn indexing off for certain directories. But this script is still not that safe because since everyone that uses the script knows the filenames, and so if they know your website they can go in and delete accounts and such. Do you know what I mean? Go ahead and try it on your site. I wouldn't reccomend posting links to where you have this script installed.

Anyway I think this project is dead. Nobody has posted on it for a while now.

Brandon

[nolit]

Here is a small fixed I made on my installation.

To secure the emsu/admin directory I simply made it password protected thru cpanel. So this way, there will be an authentication in order to get into the administration page. You can have the option of making a global username/password for all your admins, or you can make a username/password for each admin user. (note: on cpanel this is case sensitive for both username and password).

There is a small flaw however. If you set your script to access multiple domains/accounts from your server, it is a big possibility that there will be an admin@yourdomain.com other than admin@youroriginaldomain.com. Since it is an "admin" user name, it automatically will have that admin icon on their email account. Fortunately if you set the directory with password as i mentioned above, it will not be a security issue. But to make it aestetically nice, it sure needs a fix.

Though some others think the project is dead, I still find the script useful. So far it is the simplest and most easiest script to dress-up a layout on. I hope that captcha option found on tunney's site gets on the new version. Hope the new version really come out soon.

[bts_11]

Thanks a million nolit, I will try that out. Seems like it will work great. It's glad to see there is still some life in this thread. I am sure tuney must be busy or something, but hopefully the new version will come out when time permits. Once again, thanks tuney for the awesome script.

[pluto459]

I have read the thread and cant find a link anywhere!!

Do you need to register to see them? I saw a post bitching at someone to read the thread and well I have and cant find the link and even the thread given has no link.

Can someone tell me where or send it ot me PLEASE.

THanks

[bts_11]

pluto, I sent you a pm.

[pluto459]

pluto, I sent you a pm.

Thanks for the SUPER fast reply. Well after i regestered the links show up POOF lol.

SO to people reading this who want the link, register and then they show up.
Save you from going crazy and rereading lol.