#!/usr/bin/php
<?php
// ###############################
// # WHM XML API Password Change #
// # http://v-nessa.net/         #
// ###############################
//
// CLI arguments 
// Set != to match num of arguments, include script name in count (2 args + script name = 3 args)
if ($argc != 3) {
    die("Usage: chacctpass <user> <new password>\n");
}

// remove first argument
array_shift($argv);

// assign remaining arguments to variables
$cpuser = $argv[0];
$newpass = $argv[1];

$apipath = "/xml-api/passwd?user=$cpuser&pass=$newpass";

// $hash = your hash (not needed if using password authentication, if using uncomment user and pass vars)
$user = "whmuser";
$pass = "whmpass";
$server = "serverhostname";


# Make hash into one long string, in case it isn't already
$hash = str_replace("\n","",$hash);

# Open a socket for HTTPS
$fp = fsockopen("ssl://" . $server, 2087, $errno, $errstr, 30);

# Uncomment to use unsecure HTTP instead
//$fp = fsockopen($server, 2086, $errno, $errstr, 30);

# Die on error initializing socket
if ($errno == 0 && $fp == FALSE) {
 die("Socket Error: Could not initialize socket.");
} elseif ($fp == FALSE) {
 die("Socket Error #" . $errno . ": " . $errstr);
}

# Assemble the header to send
$header = "";
$header .= "GET " . $apipath . " HTTP/1.0\r\n";
$header .= "Host: " . $server . "\r\n";
$header .= "Connection: Close\r\n";
//$header .= "Authorization: WHM " . $user . ":" . $hash . "\r\n";
# Comment above line and uncomment below line to use password authentication in place of hash authentication
$header .= "Authorization: Basic " . base64_encode($user . ":" . $pass) . "\r\n";
$header .= "\r\n";

# Send the Header
fputs($fp, $header);

# Get the raw output from the server
$rawResult = "";
while (!feof($fp)) {
 $rawResult .= @fgets($fp, 128); // Suppress errors with @
}

# Close the socket
fclose($fp);

# Ignore headers
$rawResultParts = explode("\r\n\r\n",$rawResult);
$result = $rawResultParts[1];

# Output XML
echo $result;