Knut Sparhell

Testing results:
Fails for Vimeo video URLs when WP/core Vimeo embed block is used AND viewed on front when user is logged in AND this plugin is activated AND Jetpack is activated AND Jetpack Module “Shortcode Embeds” is turned on.
Works in all other cases I have covered, a lot of possible ofther plugin interferences, caching, policy restrictions, Windows PC browsers (Edge/Firefox), Android phones (Chrome/Firefox).

Did not work on two sites, now trying a third site it works. Very strange. I’ll get back as soon as I find what triggers this. No such problem without the plugin, no other errors in browser console (Firefox). Nothing in PHP debug.log. Also tried removing all Content-Security-Policy rules in .htaccess.

Nice. Please write a review.
For bugs, new features, please strat a new thead.

A check for this is now included in v4.5.
If that won’t work, I hope you can check that you are really hosted on cPAnel. If not, this plgin can do nothing but give a proper error message.

v4.5 was just released.

v¤.5-beta is out, with shortcode support! Please download and test the current development version.

Parameters (not set in stone yet):
email,
target,
before_form,
after_form,
form_class,
button_class,
not_logged_in,
no_account

All parameter defaults can be filtered by add_filter('wf_cpanel_email_shortcode_webmail_$attribute', fn()=>'your-value' ); (replace the $attribute part by the parameter to filter.

Almost finished. It works! Will be in v4.5, probably Monday.

Working on it myself.

Also, the line to test should now be:
public const uapi = '/usr/local/cpanel/bin/uapi';

In 4.4.16 a null return causes the plugin to assume not on cPanel, to avoid this.

Hi! This is unexpected. It seems shell_exec is available, but returns null. Then the uapi command may not be in path enironment on the server, so must use the full path. If you can edit files:

Change line 14 of includes/UAPI.php
private const uapi = 'uapi';//'/usr/local/cpanel/bin/uapi';
to
private const uapi = '/usr/local/cpanel/bin/uapi';
If that helps, great, it explains it fully, so please get back here and I’ll try detect what’s correct for each Linux distribution and cPanel configs, ready for next version.

Or just, or if above does not help, try add this to your wp-config.php to force try communicating over HTTP instead:
const WF_CPANEL_SHELL_EXEC_DISABLE = true;
and this should bring up a message (not fatal error) about whats missing. See Details page here:

If the shell_exec function is disabled in your PHP config, add this line to your wp-config.php file:
const WF_CPANEL_API_TOKEN = 'paste-your-api-token';
See [Manage API Tokens in cPanel?](https://docs.cpanel.net/cpanel/security/manage-api-tokens-in-cpanel/ )

Then og into your cPanel manuaaly, once, create an API Access Token as described, and paste it into the config line shown above, save. It should then just work. The config line can be removed later, after creating a new access token from wp-admin, “cPanel Token Management” – an automated process.

In case your $session->hostname is empty, use your site hostname or cPanel server native hostname.

Thinking about it. You may try

$email = wp_get_current_user()->user_email;

The use this $email to get

$session = WebFacing\cPanel\UAPI::create_webmail_session( $email );
$action = 'https://' . $session->hostname . ':2096' . $session->token . '/login';

The use this $session object and $action url in a
<form method="post" action="<?=$action"><input type="hidden" name="session" value="<?=$session->session?>"/><button type="submit">Your Webmail</button></form>

Sorry, no.

This plugin only works in the admin area. The current Webmail session is created for any, and may be used if the button is seen.

But it’s a good idea. I’ll think about it for the next version. Must also be a block, I think, as I generally dislike shortcodes.

I never restrict registered user form the admin area. The capability system ensures they only see (or can chenge) what they are allowed to. The read capability gives access, plus the cpanel capability. Other stuff they see are public, or by default considered public.

I’ve finally found the root cause of the blank admin screen and eliminated that, I think. Pleasy try latest.