[Development Guides Home](/guides) >> [Guide to cPanel Interface Customization and Branding](/guides/guide-to-cpanel-interface-customization-and-branding) >> [Guide to cPanel Interface Customization - The Login Theme](/guides/guide-to-cpanel-interface-customization-and-branding/guide-to-cpanel-interface-customization-the-login-theme)
# Guide to cPanel Interface Customization - Login Templates
## Introduction
Template files determine the appearance of each login page. Each login theme includes template files for the main login pages, error pages, and templates for the *Reset Password* feature.
## Templates
The locations listed below are relative to the `/usr/local/cpanel/base/unprotected/cpanel/` directory, which contains the cPanel & WHM default login theme.
Select a template file below to view more information about that template file:
* [`-error-wrapper.tmpl`](#templates/_error-wrapper.tmpl)
* [`access-denied.tmpl`](#templates/access_denied.tmpl)
* [`disabled.tmpl`](#templates/disabled.tmpl)
* [`error502.tmpl`](#templates/error502.tmpl)
* [`error503.tmpl`](#templates/error503.tmpl)
* [`external-auth-header.tmpl`](#templates/external_auth_header.tmpl)
* [`external-auth.tmpl`](#templates/external_auth.tmpl)
* [`fourohfour.tmpl`](#templates/fourohfour.tmpl)
* [`generic-error.tmpl`](#templates/generic_error.tmpl)
* [`invitation-failure.tmpl`](#templates/invitation_failure.tmpl)
* [`invitation-set-password.tmpl`](#templates/invitation_set_password.tmpl)
* [`invitation-success.tmpl`](#templates/invitation_success.tmpl)
* [`login.tmpl`](#templates/login.tmpl)
* [`main.tmpl`](#main.tmpl)
* [`templates/passthrough.tmpl`](#passthrough.tmpl)
* [`referrer-denied.tmpl`](#templates/referrer_denied.tmpl)
* [`resetpass.tmpl`](#resetpass.tmpl)
* [`resetpass-confirmation.tmpl`](#templates/resetpass_confirmation.tmpl)
* [`resetpass-failure.tmpl`](#templates/resetpass_failure.tmpl)
* [`resetpass-no-user.tmpl`](#templates/resetpass_no_user.tmpl)
* [`resetpass-puzzle.tmpl`](#templates/resetpass_puzzle.tmpl)
* [`resetpass-set-password.tmpl`](#templates/resetpass_set_password.tmpl)
* [`resetpass-success.tmpl`](#templates/resetpass_success.tmpl)
* [`resetpass-suspended.tmpl`](#templates/resetpass_suspended.tmpl)
* [`securitypolicy-footer.html.tmpl`](#securitypolicy_footer.html.tmpl)
* [`securitypolicy-header.html.tmpl`](#securitypolicy_header.html.tmpl)
* [`token-denied.tmpl`](#templates/token_denied.tmpl)
### templates/_error_wrapper.tmpl
The system accesses this wrapper template whenever the user encounters an error.
**Template variables**
This template does not use template variables.
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# app_name - What application is loading this interface (cpaneld, whostmgrd, webmaild)
# http_status_code - HTTP Status code
# page_to_show - Page to display
[%
SET app_images = {
'whostmgrd' => 'whm-logo_white.svg',
'webmaild' => 'webmail-logo.svg',
'cpaneld' => 'cpanel-logo.svg',
};
SET app_image = app_images.$app_name || app_images.cpaneld;
SET app_image = MagicRevision(get_theme_url("images/$app_image"));
%]
[% IF page_to_show != "access_denied" %]
[% content %]
```
### templates/access_denied.tmpl
The system accesses this template whenever the server responds with an *Access Denied* error. This error occurs whenever a user attempts to log in with an invalid username or password.
**Template variables**
| **Variables** | **Type** | **Description** |
| --- | --- | --- |
| `dest_uri` | *string* | The URL to load after a user authenticates. This URL does **not** contain the security token. |
| `error_msg` | *string* | The error message to display. |
| `form_ref` | *hash* | A hash of the form variables to pass with the request. The system sends this hash to the location that the `redirect_uri` variable specifies. |
| `parameterized_form` | *hash* | A hash of form variables that the user provided as a URL query string. |
| `theme` | *string* | The theme to load. |
| `user` | *string* | The username to authenticate. |
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# uri - URI user tried to access without authorization
# page_message - Additional message to display to the user
%]
[% WRAPPER 'templates/_error_wrapper' -%]
[% uri.html() %]
[% locale.maketext('You do not have permission to access this page.') %]
[% IF page_message %]
[% locale.makevar(page_message) FILTER html %]
[% END %]
[% END -%]
```
### templates/disabled.tmpl
The system accesses this template whenever the visitor attempts to access a disabled account.
**Template variables**
This template inherits the template variables from its parent template.
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
%]
[%# marker for testing%]
```
### templates/error502.tmpl
The system accesses this template whenever the server responds with a 502 (server) error.
**Template variables**
| **Variable** | **Type** | **Description** |
| --- | --- | --- |
| `dest_uri` | *string* | The URL to load after a user authenticates. This URL does **not** contain the security token. |
| `error_msg` | *string* | The error message to display. |
| `form_ref` | *hash* | A hash of the form variables to pass with the request. The system sends this hash to the location that the `redirect_uri` variable specifies. |
| `parameterized_form` | *hash* | A hash of form variables that the user provided as a URL query string. |
| `theme` | *string* | The theme to load. |
| `user` | *string* | The username to authenticate. |
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
%]
[% WRAPPER 'templates/_error_wrapper' -%]
[% locale.maketext('The server received a bad response while acting as a proxy.') %]
[% END -%]
```
### templates/error503.tmpl
The system accesses this template whenever the server responds with a HTTP status 503. The system displays HTTP status 503 when the requested service is unavailable.
**Template variables**
| **Variable** | **Type** | **Description** |
| --- | --- | --- |
| `dest_uri` | *string* | The URL to load after a user authenticates. This URL does **not** contain the security token. |
| `error_msg` | *string* | The error message to display. |
| `form_ref` | *hash* | A hash of the form variables to pass with the request. The system sends this hash to the location that the `redirect_uri` variable specifies. |
| `page_message` | *string* | The optional message provides more details about why the service is unavailable. |
| `parameterized_form` | *hash* | A hash of form variables that the user provided as a URL query string. |
| `theme` | *string* | The theme to load. |
| `user` | *string* | The username to authenticate. |
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# page_message - Message to be displayed to the user
%]
[% WRAPPER 'templates/_error_wrapper' -%]
[% locale.maketext('The service is unavailable.') %]
[% IF page_message%]
[% page_message.html() %]
[%END%]
[% END -%]
```
### templates/external_auth_header.tmpl
The system accesses this template in order to add the header for the External Authentication login section.
**Template variables**
This template inherits the template variables from its parent template.
**Default template variables**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# https - Is the application running in https mode
# link_account - Boolean are we currently trying to link an account
%]
[%-
USE ExternalAuthentication;
SET external_auth_modules = https && !link_account ? ExternalAuthentication.get_enabled_and_configured_openid_provider_display_configurations() : [];
-%]
```
### templates/external_auth.tmpl
The system accesses this template in order to add the External Authentication login section.
**Template variables**
This template inherits the template variables from its parent template.
**Default template variables**
```
templates/external_auth.tmpl
The system accesses this template in order to add the External Authentication login section.
Template variables
This template inherits the template variables from its parent template.
Default template variables
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# external_auth_modules - What are the currently enabled external authentication modules (cpanel, google, facebook, etc)
# page_to_show - Page to display
# user - The cPanel user (or virtual user that is logged in)
# parameterized_form - A dump of the postdata that is uri encoded
# theme - The current cPanel theme that the user is using
# goto_uri - The uri that the user requested
%]
[%-
USE HTTP;
SET query = {
'user' => user,
'theme' => theme,
'parameterized_form' => parameterized_form,
'goto_uri' => goto_uri,
'goto_app' => goto_app,
};
IF page_to_show == 'token_denied';
query.token_denied = 1;
END;
IF external_auth_modules.size > 0 && external_auth_modules
%]
[% locale.maketext('OR[comment,this is a decoration separator, shortest form is best]') %][% locale.maketext("Log in via"); %]
[% FOR auth_mod = external_auth_modules %]
[%
IF oidc_failed == auth_mod.provider_name;
# This must match use the same regex as unprotected/cpanel/js/login.js
IF ENV_REQUEST_URI.match('^\/(?:logout|login|openid_connect_callback)\/?');
SET xauth_link = auth_mod.link.html();
ELSE;
SET xauth_link = ENV_REQUEST_URI.html;
END;
ELSE;
SET xauth_link = auth_mod.link.html() _ '?' _ HTTP.make_query_string(query);
END; %]
[% END %]
```
### templates/fourohfour.tmpl
The system accesses this template whenever the server responds with a HTTP 404 (page not found) error.
**Template variables**
| **Variable** | **Type** | **Description** |
| --- | --- | --- |
| `dest_uri` | *string* | The URL to load after a user authenticates. This URL does **not** contain the security token. |
| `error_msg` | *string* | The error message to display. |
| `form_ref` | *hash* | A hash of the form variables to pass with the request. The system sends this hash to the location that the `redirect_uri` variable specifies. |
| `parameterized_form` | *hash* | A hash of form variables that the user provided as a URL query string. |
| `theme` | *string* | The theme to load. |
| `user` | *string* | The username to authenticate. |
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
%]
[% WRAPPER 'templates/_error_wrapper' -%]
[% locale.maketext('The requested page was not found.') %]
[% locale.maketext('Possible reasons why you are seeing this page:') %]
[% locale.maketext('A bookmarked URL may have changed since you last visited.') %]
[% locale.maketext('The URL was entered incorrectly.') %]
[% locale.maketext('The URL was entered with inaccurate capitalization (URLs are [output,url,_1,case sensitive]).','http://wikipedia.org/wiki/Case_sensitivity') %]
[% locale.maketext('Please re-check the URL you are trying to reach. ([output,url,_1,Go Back])', 'javascript:history.back()' ) %]
[% END -%]
```
### templates/generic_error.tmpl
The system accesses this template whenever the server responds with a generic error.
**Template variables**
| **Variable** | **Type** | **Description** |
| --- | --- | --- |
| `dest_uri` | *string* | The URL to load after a user authenticates. This URL does **not** contain the security token. |
| `error_msg` | *string* | The error message to display. |
| `form_ref` | *hash* | A hash of the form variables to pass with the request. The system sends this hash to the location that the `redirect_uri` variable specifies. |
| `parameterized_form` | *hash* | A hash of form variables that the user provided as a URL query string. |
| `theme` | *string* | The theme to load. |
| `user` | *string* | The username to authenticate. |
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# uri - URI the user was trying to access when the error occurred
# generic_error - The error message
%]
[% WRAPPER 'templates/_error_wrapper' -%]
[% uri.html() %]
[% generic_error.html() %]
[% END -%]
```
### templates/invitation_failure.tmpl
The system accesses this template whenever it cannot properly process a new user invitation.
**Template variables**
This template inherits the template variables from its parent template.
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# notice_class - class to add to the notice for styling purposes
# reason - Reason the invitation failed.
%]
[% IF reason == 'unknown' %]
[% locale.maketext('The system could not process the invitation due to an unknown error.') %]
[% ELSIF reason == 'bad-request' %]
[% locale.maketext('This invitation is not valid. It may have expired or the server administrator withdrew the invitation.') %]
[% ELSIF reason == 'suspended' %]
[% locale.maketext('You cannot set your password because the [asis, cPanel] account that owns your [asis,Subaccount] is suspended.') %]
[% ELSIF reason == 'flooding' %]
[% locale.maketext('You exceeded the maximum number of attempts to set your new account's password. Try again in one hour.') %]
[% ELSE %]
[% locale.maketext('The system failed to update your account's password. Additional information may exist in the server error log. Contact your server account provider, server administrator, or hosting provider.') %]
[% END %]
[%# marker for testing%]
```
### templates/invitation_set_password.tmpl
The system accesses this template whenever an invited user needs to set a new password.
**Template variables**
This template inherits the template variables from its parent template.
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# user - User being accessed / updated
SET application_dir = 'cpanel';
SET file = 'invitation';
%]
[% PROCESS '_assets/cjt2_header_include.tt' %]
[%# marker for testing%]
```
### templates/invitation_success.tmpl
The system accesses this template whenever an invited user successfully accepts the invitation and sets their new password.
**Template variables**
This template inherits the template variables from its parent template.
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# next_steps - List of invitation step objects
# {
# key => Key identifying the step type
# instructions => Instructions for that specific step
# services => List of services associate with that step
# }
#
# logins - List of login service objects
# {
# id => Dom Element ID
# url => url the button will direct them to when clicked
# button_text => label for the button
# }
%]
[% FOREACH step IN next_steps %]
[% IF step.value.services.size() %]
[% step.value.instructions %]
[% END %]
[% END %]
[% FOREACH login IN logins -%]
```
### templates/login.tmpl
This template determines the appearance of the first login page that users see when they attempt to log in to cPanel, WHM, or Webmail.
**Template variables**
| **Variable** | **Type** | **Description** |
| --- | --- | --- |
| `dest_uri` | *string* | The URL to load after a user authenticates. This URL does **not** contain the security token. |
| `msg_code` | *string* | The Key that corresponds to the `login_messages` value. This message displays on the loading page after the user authenticates. |
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# allow_login_autocomplete - Boolean for autocompleting login names
# app_name - What application is loading this interface (cpaneld, whostmgrd, webmaild)
# goto_uri - The uri that the user requested
# goto_app - App the user is attempting to log in to.
# display_locales - Boolean for if the interface display the locales list
# https - Is the application running in https mode
# login_messages - Messages to present to the user pertaining to the login process
# logout - Boolean of whether to display the login button
# msg_code - Key for what we are currently doing in the login display (link_account, etc)
# reset_pass - should be true if either resetpass or resetpass_sub is enabled (doesn't have to be both)
USE DataURI;
USE JSON;
USE Wbr;
SET disp_apps = {
'whostmgrd' => 'WHM',
'webmaild' => 'Webmail',
'cpaneld' => 'cPanel',
};
SET disp_app = disp_apps.item(app_name) || 'cPanel';
SET app_images = {
'whostmgrd' => 'whm-logo_white.svg',
'webmaild' => 'webmail-logo.svg',
'cpaneld' => 'cpanel-logo.svg',
};
# get app modules based on $app_name
SET app_image = app_images.$app_name || app_images.cpaneld;
SET app_image = MagicRevision(get_theme_url("images/" _ app_image));
#If msg_code is 'link_account' we already have a separate display notice so don't need to show it twice
SET shownotice = logout || msg_code;
SET shownotice = msg_code == 'link_account' ? 0 : shownotice;
SET shownotice = msg_code == 'max_users_exceeded' ? 0 : shownotice;
SET notice_message = msg_code
? (login_messages.$msg_code || locale.maketext('An authorization error occurred. Please try again.') )
: locale.maketext('You have logged out.');
SET login_target = (goto_uri=='/') ? '_top' : '_self';
#Windows XP doesn't have the fancy arrows, so use ellipsis for now.
SET more_locales_symbol = "…";
# Only run the display_locales function once by saving it into all_display_locales
SET all_display_locales = display_locales;
PROCESS "templates/external_auth_header.tmpl";
SET login_classes = [];
IF reset_pass;
login_classes.push('has-pw-reset');
END;
UNLESS external_auth_modules;
login_classes.push('no-external-auth-modules');
END;
SET notice_style_ = logout ? 'success-notice' : notice_style ? notice_style : 'error-notice';
-%]
[% MACRO ceil(n)
GET n + (n - (n % (n + 1)) > 0 ? 1 : 0) FILTER format("%d");
%]
[% IF msg_code == 'link_account' %]
[% IF user_info_payload.picture %]
[% IF user_info_payload.picture.match('https://') %]
[% ELSE %]
[% END %]
[% END %]
[% IF existing_link_count %]
[% locale.maketext('Your account “[_1]” is already associated with an existing “[_2]” account. Please log in to connect a new account.' , preferred_username , disp_app); %]
[% ELSE %]
[% locale.maketext('Your account “[_1]” is not associated with an existing “[_2]” account. Please log in to connect the account.' , preferred_username , disp_app); %]
[% END %]
[% END %]
[% IF msg_code == 'max_users_exceeded' %]
[% locale.maketext('Maximum Users Exceeded.') %]
[% locale.maketext('The number of users on the server exceeds the maximum number of allowed users for your host server.') %]
[% locale.maketext('For more information, contact your server administrator.') %]
[% IF script_uri == "/cpsess0/scripts7/authorizesupport" %]
—
[% locale.maketext('To grant [asis,cPanel] Support access to your server, log in to [asis,WHM] and click the “[_1]” button.', locale.maketext('Grant Access')) %]
[% ELSE %]
[% END %]
[%# Don't change the form action or the ids/names of the username and password fields.
Doing so will break browser-native login credential storage.
-%]
[% PROCESS "templates/external_auth.tmpl" %]
[% IF linked_users.size -%]
[% locale.maketext('OR[comment,this is a decoration separator, shortest form is best]') %][% locale.maketext("Log in via"); %]
[% END -%]
[% #If we have multiple users the user must select one %]
[% IF linked_users.size -%]
[% #calculate left postion based on # of items with a max width of 6 %]
[% SET max_width = linked_users.size < 6 ? ( linked_users.size + 1 ) * 100 : 600; %]
[% END -%]
```
### main.tmpl
This template contains the conditions to perform the following actions:
* Correctly set the title of the login page in the web browser.
* Set the page's favicon.
* Load the login theme CSS files.
* Include the login page's copyright notice.
**Template variables**
This template does not use template variables.
**Advanced use**
The `login` application loads the `main.tmpl` template to determine how the system processes user input.
**Application parameters**
The `login` application uses the following parameters, which are **only** available in templates that use the `main.tmpl` parent template:
| **Parameter** | **Type** | **Description** |
| --- | --- | --- |
| `app_name` | *string* | The cPanel & WHM service that the user attempted to log in to: `cpaneld` — The cPanel interface`whostmgrd` — The WHM interface`webmaild` — The Webmail interface. |
| `http_status_code` | *string* | The HTTP status code that the server used to respond to the request. |
| `login_messages` | *hash* | A hash of messages that the browser can display dynamically via Javascript. |
| `logout` | *Boolean* | Whether the user logged out recently: `1` — The user logged out recently`0` — The user has not logged out recently. |
| `page_to_show` | *string* | The sub-template that the login application calls after it loads the `main.tmpl` template: `access_denied` — Access the `templates/access_denied.tmpl` template.`fourohfour` — Access the `templates/fourohfour.tmpl` template.`login` — Access the `templates/login.tmpl` template.`passthrough` — Access the `templates/passthrough.tmpl` template.`referrer_denied` — Access the `templates/referrer_denied.tmpl` template.`token_denied` — Access the `templates/token_denied.tmpl` template. |
| `reset_pass` | *Boolean* | Whether to display the *Reset Password* link: `1` – Display`0` – Do not display. |
### templates/passthrough.tmpl
This template generates the page that displays when a user authenticates successfully after a *Token Denied* error.
**Template variables**
| **Variable** | **Type** | **Description** |
| --- | --- | --- |
| `cp_security_token` | *string* | The security token to use in the URL. |
| `form_ref` | *hash* | A hash of the form variables to pass with the request. The system sends this hash to the location that the `redirect_uri` variable specifies. |
| `redirect_uri` | *string* | The URL to which the system will redirect the user. |
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# goto_uri - The uri that the user requested
# cp_security_token - cPanel Authentication token
%]
[% locale.maketext('Security token updated.') %]
[% locale.maketext('The system has validated your login credentials. Redirecting …') %]
```
### templates/referrer_denied.tmpl
The system accesses this template whenever the server returns a *Referrer Denied* error. The system returns this error if the server rejects the user's reference link.
| **Variable** | **Type** | **Description** |
| --- | --- | --- |
| `dest_uri` | *string* | The URL to load after a user authenticates. This URL does **not** contain the security token. |
| `error_msg` | *string* | The error message to display. |
| `form_ref` | *hash* | A hash of the form variables to pass with the request. The system sends this hash to the location that the `redirect_uri` variable specifies. |
| `parameterized_form` | *hash* | A hash of form variables that the user provided as a URL query string. |
| `theme` | *string* | The theme to load. |
| `user` | *string* | The username to authenticate. |
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# referrer - Invalid Referrer to display to the user
%]
[% WRAPPER 'templates/_error_wrapper' -%]
[% referring_url = referrer.html(); -%]
[% locale.maketext('You do not have permission to access this page from "[_1]".', "$referring_url") %]
[% END -%]
```
### resetpass.tmpl
This template generates the page that instructs users to reset their passwords. Advanced users can update this template to modify the way in which the system processes user input.
**Template variables**
This template does not use template variables.
**Advanced use**
The `resetpass` application loads the `resetpass.tmpl` template to determine how the system processes user input when users reset their passwords. The `resetpass` application uses the `resetpass-email.tmpl` and `resetpass-email-html.tmpl` templates when it sends a confirmation email to the user.
**Application parameters**
The `resetpass` application uses the following parameters, which are **only** available in templates that use the `resetpass.tmpl` parent template:
| **Parameter** | **Type** | **Description** |
| --- | --- | --- |
| `notice_class` | *string* | The HTML class for the `notice_text` notice. |
| `notice_text` | *string* | The notice to display, if one exists. |
| `page_to_show` | *string* | The sub-template that the `resetpass` application calls after it loads the `resetpass.tmpl` template: `resetpass_confirmation` – Access the `templates/resetpass_confirmation` template. `resetpass_no_user` – Access the `templates/resetpass_no_user.tmpl` template.`resetpass_success` – Access the `templates/success.tmpl` template. |
**Global objects**
The `Template::Toolkit` module does **not** allow scoping. For more information, read our [Guide to Template Toolkit in cPanel & WHM](/guides/guide-to-template-toolkit) documentation.
When you modify the way in which this template processes input, you can also use the following global objects:
| **Global object** | **Type** | **Description** |
| --- | --- | --- |
| `display_locales()` | *function* | This function retrieves a list of the locales that are available on the server.The function returns this list of locale information in an array of hashes.This function does not accept arguments. |
| `get_theme_url()` | *function* | This function searches the `/usr/local/cpanel/base/unprotected/` directory and its subdirectories for a specified file and returns its location. Use this function to ensure that the system displays the correct image for the server's current login theme.This function matches against the filename that you request, regardless of the application name. For example, if you use this function to search for the `logo.png` file, the function would also search for the `logo_whostmgr.png` file.You **must** pass values through the `MagicRevision()` function after you pass them through this function. For example, the following code passes the filename `logo.png` to the `get_theme_url()` function, and then passes the file through the `MagicRevision()` function:`` |
| `locale` | *`Cpanel::Locale` hash object instance* | This global object contains the current user's locale. For more information, read our [How cPanel & WHM Determines a Browser's Locale](https://docs.cpanel.net/knowledge-base/cpanel-product/how-we-determine-a-browser-locale/) and [Guide to Locales](/guides/guide-to-locales) documentation. |
| `MagicRevision()` | *function* | This function provides a caching system. Use this function to improve load times for users and decrease system I/O.URLs that you pass through the `MagicRevision()` function contain the file's modification time in the URL path.The `cpsrvd` daemon recognizes URL paths that contain a file modification time, and serves files as the browser cached them if no new changes have occurred. |
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# notice_text - Contents of the notice message to be displayed on page
# entry_point - From where did the user come to get to this page (invitation / resetpass btn)
# Currently the only two modes are debug and release, but this
# might be expanded in the future.
IF CPANEL.is_debug_mode_enabled();
SET mode = 'debug';
SET optimized = 0;
ELSE;
SET mode = 'release';
SET optimized = 1;
END;
SET disp_apps = {
'whostmgrd' => 'WHM',
'webmaild' => 'Webmail',
'cpaneld' => 'cPanel',
};
SET disp_app = disp_apps.item(app_name) || 'cPanel';
SET app_images = {
'whostmgrd' => 'whm-logo_white.svg',
'webmaild' => 'webmail-logo.svg',
'cpaneld' => 'cpanel-logo.svg',
};
# get app modules based on $app_name
SET app_image = app_images.$app_name || app_images.cpaneld;
SET app_image = MagicRevision(get_theme_url("images/" _ app_image));
SET stylesheets = [];
IF optimized;
stylesheets.push(
MagicRevision(get_theme_url('fonts/open_sans/open_sans.min.css')));
stylesheets.push(
MagicRevision(get_theme_url('style_v2_optimized.css')));
ELSE;
stylesheets.push(
MagicRevision(get_theme_url('fonts/open_sans/open_sans.css')));
stylesheets.push(
MagicRevision(get_theme_url('style_v2.css')));
END;
-%]
[%- IF entry_point == 'resetpass' -%]
[% locale.maketext('Reset Password') %]
[%- ELSIF entry_point == 'invitation' -%]
[% locale.maketext('Set a password for your new account.') %]
[%- END -%]
[% FOR source IN stylesheets-%]
[%- END -%]
[% IF mode == 'debug' %]
[% END %]
```
### templates/resetpass_confirmation.tmpl
This template generates the page that displays when a user clicks *Reset Password* and has entered a username in the *Username* text box.
* When the system accesses this template, it also sends a confirmation code to the user via email. This email message uses either the `resetpass-email.tmpl` or `resetpass-email-html.tmpl` template, based on whether the user's email client can display HTML.
* The user **must** enter the confirmation code that they receive in order to reset the password.
**Template variables**
This template does not use template variables.
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# user - Reset password user
%]
[%# marker for testing%]
```
### templates/resetpass_failure.tmpl
This template generates the page that displays when the system cannot reset the user's password. The system displays an error message.
**Template variables**
This template does not use template variables.
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
%]
[% locale.maketext('The system failed to reset your account's password. Additional information may exist in the server error log. Contact your server administrator or hosting provider.') %]
[%# marker for testing%]
```
### templates/resetpass_no_user.tmpl
This template generates the page that displays when a user clicks *Reset Password* without a username in the *Username* text box.
**Template variables**
This template does not use template variables.
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
SET reset_url = "/resetpass";
IF !https;
USE ApplicationUrl;
SET secure_url = ApplicationUrl.get_secure_url(
host => SERVER_NAME,
port => SERVER_PORT,
proxysubdomains => cpconf.proxysubdomains);
SET reset_url = secure_url _ reset_url;
END;
%]
[% IF !https %]
[% ELSE %]
[% END %]
[%# marker for testing%]
```
### templates/resetpass_set_password.tmpl
This template generates the confirmation page that displays when a user requests a password reset.
**Template variables**
This template does not use template variables.
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# user - Reset password user
SET application_dir = 'cpanel';
SET file = 'resetpass';
%]
[% PROCESS '_assets/cjt2_header_include.tt' %]
[%# marker for testing%]
```
### templates/resetpass_success.tmpl
This template generates the confirmation page that displays when a user resets a password successfully.
**Template variables**
This template does not use template variables.
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# user - Reset password user
# service_names - List of affected services
# next_steps - List of invitation step objects
# {
# key => Key identifying the step type
# instructions => Instructions for that specific step
# services => List of services associate with that step
# }
#
# logins - List of login service objects
# {
# id => Dom Element ID
# url => url the button will direct them to when clicked
# button_text => label for the button
# }
%]
[% locale.maketext('Your change affects the following account services: [list_and,_1]', service_names) %]
[% FOREACH step IN next_steps %]
[% IF step.value.services.size() %]
[% step.value.instructions %]
[% END %]
[% END %]
[% FOREACH login IN logins -%]
```
### templates/resetpass_suspended.tmpl
This template generates the page that displays when a user attempts to reset the password on a suspended account.
**Template variables**
This template does not use template variables.
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
%]
[% locale.maketext('Your account is suspended. Please contact the billing or support department or your server administrator.') %]
[%# marker for testing%]
```
### securitypolicy_footer.html.tmpl
This template generates the *Security Policy* page's footer. Users set the security questions for their accounts through this page.
**Template variables**
This template does not use template variables.
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
%]
```
### securitypolicy_header.html.tmpl
This template generates the *Security Policy* page's header. Users set the security questions for their accounts through this page.
**Template variables**
This template does not use template variables.
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# action - Type of securty action being taken (setquestions, challenge)
# app_name - What application is loading this interface (cpaneld, whostmgrd, webmaild)
# error - Error being presented to the user
# warning - Warning being presented to the user, possibly overriden in the template
IF action == 'setquestions';
SET warning = locale.maketext('You have not set up security questions for your account.')
_ " " _ locale.maketext('Please take a moment to set up your security questions.');
ELSIF action == 'challenge';
SET warning = locale.maketext('You appear to be logging in from an unknown location.')
_ " " _ locale.maketext('Please verify your identity by answering the following security questions:');
END;
SET body_class = '';
SWITCH app_name;
CASE 'cpaneld';
SET app = 'cPanel';
SET body_class = "cp";
CASE 'whostmgrd';
SET app = 'WHM';
SET body_class = "whm";
CASE DEFAULT;
SET app = 'Webmail';
SET body_class = "wm";
END;
SET title = locale.maketext('[_1] Login Security',app);
SET app_images = {
'whostmgrd' => 'whm-logo_white.svg',
'webmaild' => 'webmail-logo.svg',
'cpaneld' => 'cpanel-logo.svg',
};
SET app_image = app_images.$app_name || app_images.cpaneld;
SET app_image = MagicRevision(get_theme_url("images/$app_image"));
-%]
[% title %]
[% IF warning -%]
[% warning %]
[% END -%]
[% IF error -%]
[% error %]
[% END -%]
```
### templates/token_denied.tmpl
The system accesses this template whenever the server responds with a *Token Denied* error.
**Template variables**
| **Variable** | **Type** | **Description** |
| --- | --- | --- |
| `dest_uri` | *string* | The URL to load after a user authenticates. This URL does **not** contain the security token. |
| `error_msg` | *string* | The error message to display. |
| `form_ref` | *hash* | A hash of the form variables to pass with the request. The system sends this hash to the location that the `redirect_uri` variable specifies. |
| `parameterized_form` | *hash* | A hash of form variables that the user provided as a URL query string. |
| `theme` | *string* | The theme to load. |
| `user` | *string* | The username to authenticate. |
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# goto_uri - The uri that the user requested
# user - Username requesting access
# app_name - What application is loading this interface (cpaneld, whostmgrd, webmaild)
# theme - The current cPanel theme that the user is using
# parameterized_form - A dump of the postdata that is uri encoded
%]
[% WRAPPER 'templates/_error_wrapper' -%]
[% PROCESS "templates/external_auth_header.tmpl" %]
[% locale.maketext('Invalid Security Token') %]
[% locale.maketext('The requested [output,acronym,URL,Uniform Resource Locator] does not contain your session's correct security token.') %]
[% locale.maketext('You may have reached this error by copying and pasting a URL from a different cPanel, WHM, or Webmail session into your browser's address bar. To resolve this situation, please take one of the following steps:') %]
[% locale.maketext('[output,url,_1,Go back one page,_2,_3] and reload the URL, making sure that the [output,class,/cpsess ... /,_4] section of the URL remains the same.','javascript:history.back()','class','page-link','code') %]
[% locale.maketext('Re-enter your account's password below. This will assign your session a new security token. This new token will prevent you from using other pages of this application that may be open in other tabs.') %]
) %])
[% IF msg_code == 'link_account' %]
 ) %])
` |
| `locale` | *`Cpanel::Locale` hash object instance* | This global object contains the current user's locale. For more information, read our [How cPanel & WHM Determines a Browser's Locale](https://docs.cpanel.net/knowledge-base/cpanel-product/how-we-determine-a-browser-locale/) and [Guide to Locales](/guides/guide-to-locales) documentation. |
| `MagicRevision()` | *function* | This function provides a caching system. Use this function to improve load times for users and decrease system I/O.URLs that you pass through the `MagicRevision()` function contain the file's modification time in the URL path.The `cpsrvd` daemon recognizes URL paths that contain a file modification time, and serves files as the browser cached them if no new changes have occurred. |
**Default template example**
```
[%
#----------------------------------------------------------------------
# Arguments received by this template:
# This list may not be exhaustive, and other parameters may be added or available.
#
# notice_text - Contents of the notice message to be displayed on page
# entry_point - From where did the user come to get to this page (invitation / resetpass btn)
# Currently the only two modes are debug and release, but this
# might be expanded in the future.
IF CPANEL.is_debug_mode_enabled();
SET mode = 'debug';
SET optimized = 0;
ELSE;
SET mode = 'release';
SET optimized = 1;
END;
SET disp_apps = {
'whostmgrd' => 'WHM',
'webmaild' => 'Webmail',
'cpaneld' => 'cPanel',
};
SET disp_app = disp_apps.item(app_name) || 'cPanel';
SET app_images = {
'whostmgrd' => 'whm-logo_white.svg',
'webmaild' => 'webmail-logo.svg',
'cpaneld' => 'cpanel-logo.svg',
};
# get app modules based on $app_name
SET app_image = app_images.$app_name || app_images.cpaneld;
SET app_image = MagicRevision(get_theme_url("images/" _ app_image));
SET stylesheets = [];
IF optimized;
stylesheets.push(
MagicRevision(get_theme_url('fonts/open_sans/open_sans.min.css')));
stylesheets.push(
MagicRevision(get_theme_url('style_v2_optimized.css')));
ELSE;
stylesheets.push(
MagicRevision(get_theme_url('fonts/open_sans/open_sans.css')));
stylesheets.push(
MagicRevision(get_theme_url('style_v2.css')));
END;
-%]