WHMCS.Community
-
WHMCS Beta Program
-
.png.a95c0416a2f5ac5f1953dbb478d775bf.png)
- 342
- posts
-
-
The Latest from the WHMCS Team
-
- 467
- posts
-
-
WHMCS.Community
-
- 150
- posts
-
- 1048
- posts
-
-
Using WHMCS
-
- 12972
- posts
-
- 4667
- posts
-
- 5145
- posts
-
- 93026
- posts
-
- 24087
- posts
-
- 452
- posts
-
-
WHMCS Showcase
-
- 7920
- posts
-
- 251
- posts
-
-
Developing & Extending WHMCS
-
Third Party Add-ons
A place to discuss third party modules, add-ons and extensions for the WHMCS platform.
- 17726
- posts
-
- 22847
- posts
-
- 54980
- posts
-
- 422
- posts
-
- 121
- posts
-
-
Community Competitions
-
- 4
- posts
-
-
General Discussions
-
- 38793
- posts
-
-
General Feedback & Assistance
-
- 8293
- posts
-
- 6
- posts
-
-
Club Forums
-
- No posts here yet
-
- 36
- posts
-
- 5
- posts
-
- 15
- posts
-
- 518
- posts
-
- 480
- posts
-
- 104
- posts
-
- 65
- posts
-
- 68
- posts
-
- 6
- posts
-
- 6
- posts
-
- 2
- posts
-
- No posts here yet
-
- 65
- posts
-
- No posts here yet
-
- 22
- posts
-
- 112
- posts
-
- WS Donations
- By wsa
-
- 6
- posts
-
- 18
- posts
-
- 3
- posts
-
.png.a95c0416a2f5ac5f1953dbb478d775bf.png){kind=icon}
-
Member Statistics
-
Community Statistics
75957
Total Topics355071
Total Posts -
Who's Online 7 Members, 0 Anonymous, 223 Guests (See full list)
-
Popular Contributors
-
Our picks
-
![[From the Blog] WHMCS Mobile V1.5 Released](//storage.whmcs.community/monthly_2021_03/whmcsmobilev15release.png.f671afc0995bafa2c9680643dc9f4a3c.png)
[From the Blog] WHMCS Mobile V1.5 Released
WHMCS Community posted a topic in News, Announcements & Blogs from WHMCS,
We are pleased to announce the release of WHMCS Mobile V1.5, now with invoicing management functionality. In this latest new release, the addition of invoicing related functionality allows you to create and manage invoices from your mobile device, view transactions and apply manual and offline payments, attempt captures from credit cards, send reminders and other emails and change invoice status. Other new functionality in WHMCS for Mobile 1.5 includes: Perform domain availability/whois...View the full blog post-
0
Reputation Points
- 0 replies
Picked By
WHMCS ChrisD, -
-
![[From the Blog] Creating an Effective Knowledgebase 1: So You Want to Start a Knowledgebase](//storage.whmcs.community/monthly_2021_03/knowledgebase-series-2021-p1.png.5baff74b8c33acff8d712cd298b54e7b.png)
[From the Blog] Creating an Effective Knowledgebase 1: So You Want to Start a Knowledgebase
WHMCS Community posted a topic in News, Announcements & Blogs from WHMCS,
If you're reading this, it's a pretty good bet that you've used a knowledgebase. Knowledgebases provide a self-serve "library" of information about products, services, or other topics. They're where you go when you need to solve a problem or accomplish a goal. When you're working with customers, having a knowledgebase is invaluable. Every support department has at least a few questions that are asked regularly, and a well-crafted knowledgebase article on the topic can stop some tickets from...View the full blog post-
0
Reputation Points
- 0 replies
Picked By
WHMCS ChrisD, -
-
![[From the Blog] Security Update 2021-02-26](//storage.whmcs.community/monthly_2021_03/security-release-2021-02-26.png.620869b13fe7aeee62ed2a43996f3af0.png)
[From the Blog] Security Update 2021-02-26
WHMCS Community posted a topic in News, Announcements & Blogs from WHMCS,
A security issue has been identified that affects all versions of WHMCS. As a result, we have published new releases for all actively supported versions of WHMCS as well as a patch which can be applied to EOL versions 7.7, 7.8 and 7.9. Patches will not be released for any earlier versions of WHMCS. The issue was reported via our Security Bounty Program and there is no evidence to suggest it is known publicly. We will not be releasing any further details about the issue at this time. What...View the full blog post-
0
Reputation Points
- 0 replies
Picked By
WHMCS ChrisD, -
-
-
Topics
-
-
Posts
-
... or if you're going to use strstr as a function rather than a modifier, then you declare it as such in the configuration file. 'mail' => array( 'php_functions' => array( 'strstr', ), ), -
in Smarty, that would be... {if $client_credit|strstr:"GBP"}If you are a UK resident you can pay via Bank Transfer by using the details below: snip{/if} ... using that format doesn't throw an error for me.
-
I do actually get the "Email Sending Failed - Email message rendered empty - please check the email message Smarty markup syntax" error message, but the line of code it mentions in the logs is any line that has this in it: I like the sounds of the hook idea rather than wasting more time on this, I'll send you a PM. -
just to add to the confusion, if I use your settings in my configuration.php file, then using strstr in an email works fine... I added a line to the invoice created template... {if $client_first_name|strstr:"Jer"}do something{/if} and the emails are sending without issue and where relevant, is outputting "do something"... although if I were to try to use strstr as it would be used in php, then it fails... I wouldn't see your error message, i'd get... and the activity log would tell me the line of code that it doesn't like. it still seems like overkill to add variables that aren't being used... hey ho. v8.1 is definitely logging and/or generating more errors than previous versions... and there are still plenty of references to Smarty env variables in the templates (both admin and client). which is why i'd add them one by one and only when necessary... i'm not even sure bock should be on that list... there is *always* jam tomorrow with WHMCS - i'm glad that i'm not going to be around when that mythical time arrives! you could use a hook to pull the value from the session array and return it to the template as a "normal" variable.. or maybe even get the hook to do the output of whatever you're doing in the template based on that value.
-
it would need to be PHP because the HTML content for the customfields is stored in an array and therefore, you will have to manipulate the array. an example hook to make a Client Custom Field readonly (or you could change to disabled if you wanted to), would be... one problem with this solution is that although you can set a field to disabled/readonly, a knowledgable user can undo that setting in the browser and then change the content of that field. if the fact the user could potentially modify the customfield readonly/disable status bothers you, then you'd probably need to use a second validation hook point to verify/prevent changes to that field. this is why I didn't post this yesterday and thought it better for you to use the default phone number field... and it would be easier to do that now after only using WHMCS fora week or so than it would be if you had been using it for 10 years. 🙂
-
By webtechwhiz · Posted
Hi Brian, Sorry for late reply. My site using TwentyOne theme and all its functions, only some design customization is done. I have raised issue with Support tkt number is #KQX-559385 and below was their reply: Now tell me where should I report my issues. Support guys do access our cpanel and admin and fixes the issues. But they redirected me to Developer community. And here you senior developers guides us for any issue, always grateful for your help but you produce instance locally not on our site. Then how this issue will get fixed? The result your are showing is clearly indicating there is no issue with the coding neither with PI or Final Invoice. Now at least guide me whom I should contact for my issue? Who will test the issue on my server and find out why it is not working? Awaiting your reply... Regards, Shubhajeet Saha -
Hi @brian!, Thanks for the quick reply. Still no luck I'm afraid: $smarty_security_policy = array( 'system' => array( 'enabled_special_smarty_vars' => array( 'session','foreach','section','block','capture','now','get','post','server','request','template','const','cookies', ), ), 'mail' => array( 'php_modifiers' => array( 'strstr', ), ), ); Generates the following error when sending an email : PHP function 'strstr' not allowed by security setting Just going back to what you mentioned last week: This was triggered when I first noticed a security policy error that was being triggered by a custom template using "$smarty.session". To fix this I set a security policy as per the WHMCS docs to allow the session variable. I then noticed a ton more errors when accessing various pages in the admin area relating to WHMCS system variables - server, capture, etc. It was at this point I got in touch with WHMCS and they advised I now needed to add all the variables used by WHMCS to the security policy and not just the variable I wanted to allow. So it looks like as soon as you create a security policy to enable a certain variable using "enabled_special_smarty_vars" anything that was previously being used when there was no security policy in place needs to be specifically added. WHMCS did say they were working on a more "graceful" way to handle this in the future but I wont hold my breath.
-
strstr shouldn't be in the enabled_special_smarty_vars array - it doesn't belong in there.
-
Hi Guys, Thanks for the responses. Unfortunately the newly formatted code doesn't work either: $smarty_security_policy = array( 'system' => array( 'enabled_special_smarty_vars' => array( 'session','foreach','section','block','capture','now','get','post','server','request','template','const','strstr','cookies', ), ), 'mail' => array( 'php_modifiers' => array( 'strstr', ), ), ); With the above code the template which uses $smarty.session works fine but the email template containing "strstr" throws up the security policy error as before. If I remove the system security policy leaving just the email policy the emails work fine. I have a ticket open with WHMCS but don't hold out much hope. As a workaround and before I spend a morning editing custom email templates, is there perhaps an alternative I can use to "$smarty.session.cart.promo" in /orderforms/configureproduct.tpl to pull the promo code used (if any) by the client? Figure it will be easier to edit that one file rather than a ton of email templates!
-
By HancoEuropa · Posted
Well, this was not what I'd expected 🙃
-
![[From the Blog] WHMCS Mobile V1.5 Released](http://storage.whmcs.community/monthly_2021_03/whmcsmobilev15release.png.f671afc0995bafa2c9680643dc9f4a3c.png)
![[From the Blog] Creating an Effective Knowledgebase 1: So You Want to Start a Knowledgebase](http://storage.whmcs.community/monthly_2021_03/knowledgebase-series-2021-p1.png.5baff74b8c33acff8d712cd298b54e7b.png)
![[From the Blog] Security Update 2021-02-26](http://storage.whmcs.community/monthly_2021_03/security-release-2021-02-26.png.620869b13fe7aeee62ed2a43996f3af0.png)
