All Activity

You should reinstall the vendor directory for the WHMCS version you are running

Hi everyone, I searched the community first but could not find an exact match for this behavior. I’m trying to determine whether this is expected behavior, a security hardening change, or a possible regression/bug in WHMCS 9.0.4. Environment: - WHMCS version: 9.0.4 - Upgrade path: 9.0.3 to 9.0.4 using the official incremental patch - PHP version: 8.3 - ionCube Loader: 14.4.x - Server module: cPanel/WHM - Client login method involved: Google Sign-In - cPanel/WHM Single Sign-On enabled Issue: After updating to WHMCS 9.0.4, a client reported that the “Login to WHM” / “Login to cPanel” action from the Client Area failed with: Action Failed Unable to auto-login. Please contact support. Reproduction details: 1. Client logs in to the WHMCS Client Area using Google Sign-In. 2. Client opens the product/service details page for an active cPanel/WHM hosting service. 3. Client clicks the “Login to WHM” or “Login to cPanel” button. 4. WHMCS shows the error above. Expected result: The client should be logged in to WHM/cPanel via SSO. Actual result: The SSO action fails with “Unable to auto-login”. Important details: - This issue appeared to affect only this specific client/user. Other clients with cPanel/WHM services were able to use Client Area SSO normally after the 9.0.4 update. - The affected user was the account owner. - The client account had SSO enabled. - In the database, tblclients.allow_sso = 1. - In tblusers_clients, the affected user had owner = 1 and permissions = NULL, which I understand is normal for the account owner. - Admin-side access/SSO worked. - “Login as Client” from the WHMCS admin area worked. - cPanel API connectivity itself did not appear to be broken. - Other checks did not point to Cloudflare, ModSecurity, tmp path, cPanel API token, or server connectivity. What resolved it: The client usually logged in using Google Sign-In and apparently did not have a local WHMCS password set from the Client Area. After asking the client to define a local WHMCS password, the cPanel/WHM SSO action immediately started working. After that, SSO worked in both scenarios: - when logging in with email + password - when logging in again using Google Sign-In So the local password only had to be set once. After that, Google Sign-In also allowed the cPanel/WHM SSO action to work. Additional checks: - I checked for NULL or empty tblusers.password values and did not find any. - All password fields I checked had bcrypt-style $2y$ prefixes, so checking for NULL/empty passwords does not seem to identify this condition. - I also found a few unrelated clients with allow_sso = 0 and corrected those, but this affected client already had allow_sso = 1. Questions: 1. Is WHMCS 9.0.4 expected to require the account owner to have a local password set before allowing Client Area SSO actions such as cPanel/WHM login? 2. Could this behavior be related to the 9.0.4 Client Area authorization/security hardening? 3. Is this intended behavior, or should it be reported as a bug/regression? 4. Is there a reliable way to identify users who authenticate via Google Sign-In but may not have completed local password setup, if tblusers.password is not NULL/empty? I’m not looking for details about the security issue itself. I’m only trying to confirm whether this new behavior is intentional and how to detect or prevent it for other clients. Thanks.

Version: 5.8.4 Fixed: Email Variable Issue Fixed: Custom Field on checkout Fixed: Custom Field while Printing Fixed: Accept Checkbox placement on product terms Fixed: Expired Quotes Removed: Support for WHMCS V8.12.x Improved: Attachment storage removal

We are excited to announce a new update for the WHMCS GST Addon Module v3.0.0 with major improvements focused on GST reporting, compliance, invoice enhancements, and overall user experience. This release introduces advanced GST reporting capabilities, export summaries, HSN/SAC management improvements, signature support, and a completely refined interface across the module. ✨ What's New in This Release 📊 Advanced GST Reporting Features Added Indian State-wise GSTR-1 Reports for better GST filing and state-level tax reporting. Added Global Export Summary support for foreign/international clients. Added Tax Summary by Tax Type for easier tax analysis and reconciliation. Added HSN/SAC Summary Reports and Credit Notes Summary. 🏷️ HSN/SAC Code Management Added new settings to map HSN/SAC Codes directly with products and services for accurate GST compliance and automated reporting. ✍️ Signature Support Added support for: Manual signature upload Draw signature functionality directly within the module This helps generate more professional invoices and documents. 🎨 Improved UI/UX Experience Refined the layout and user interface across all sections of the addon module. Improved navigation and usability for a smoother experience. 🧾 Invoice & PDF Improvements Refined the View Invoice page design. Enhanced the Invoice PDF Layout with a cleaner and more professional appearance. 🔧 Why Upgrade? This update is designed to simplify GST compliance, improve invoice presentation, and provide more detailed reporting for businesses using WHMCS in India. We highly recommend upgrading to the latest version to take advantage of these new features and improvements. 💬 We’d Love Your Feedback Your feedback helps us continue improving the module. Feel free to share your suggestions, feature requests, or experiences with the latest release. Thank you for choosing our WHMCS GST Addon Module!

Hi, A client of mine experienced this issue. I opened a ticket and the bug was confirmed. It was suggested to change the PHP version, which wasn't feasible for us, so we updated to the new patch 8.13.3-release.2 instead, and that resolved the issue. Download 8.13.3-release.2 - https://www.whmcs.com/members/dl.php?type=d&id=1949

Frankly, I'm going to stop throwing time at this, though I appreciate your effort. I open the page, hit minimize and it stays minimized on page changes. That will have to do. Loads of effort for a small niggle that WHMCS could add with little effort, but have no apparent interest in doing. Giving up, but thanks.

@bear I did some further testing and I think this is what you want. Curious to hear your feedback. I have 8.13.3 installed. <?php /** * WHMCS Hook: Hide Admin Sidebar by Default (Without Breaking Page Grid Rows) * Compatible with WHMCS 8.13.x and hopefully 9.x Blend Layout */ if (!defined("WHMCS")) { die("This file cannot be accessed directly"); } add_hook('AdminAreaHeaderOutput', 1, function($vars) { if (isset($vars['template']) && (strpos($vars['template'], 'blend') !== false)) { return <<<HTML <script> document.addEventListener("DOMContentLoaded", function() { // 1. Target the native WHMCS minimize button var minBtn = document.getElementById('sidebarClose'); // 2. Target the native WHMCS hidden layout flag class var isAlreadyHidden = document.body.classList.contains('sidebar-hidden'); // 3. If the sidebar is present and not already natively minimized, trigger a native click if (minBtn && !isAlreadyHidden) { // A tiny 10ms timeout lets WHMCS paint its grids first, preventing column row-drops setTimeout(function() { minBtn.click(); }, 10); } }); </script> HTML; } });

Using blend, that hook doesn't do anything. On first page load, sidebar is open. Why this is not a built in option is baffling.

Hello, since v9 upgrade, when a customer request a cancellation of a service, the item is not removed from the invoice. How to fix?

I'll give that a try, thanks. I couldn't find this in the docs. Is it really necessary to use AI to figure out hooks in the newer versions?

I have not tested this because I'm not using 9.x but this is an AI generated response that you could try on a test install by adding a hook and a small amount of code to clientareaproductdetails.tpl <?php /** * Fix: DivisionByZeroError when upgrading to a one-time product * Affected: WHMCS 9.x + PHP 8.x — upgradefunctions.php::SumUpPackageUpgradeOrder() * * Root cause: PHP 8.x throws a DivisionByZeroError where PHP 7.4 silently * returned 0. When upgrading to a one-time product, WHMCS attempts to * divide by the billing cycle days, which is 0 for one-time products. * * Save as: /includes/hooks/fix_upgrade_onetime_division.php */ // Hook files are loaded before upgrade.php runs its calculations, // so we can register an exception handler here at file level to // intercept the DivisionByZeroError before it becomes a fatal crash. if ( isset($_SERVER['SCRIPT_FILENAME']) && basename($_SERVER['SCRIPT_FILENAME']) === 'upgrade.php' ) { // Capture any existing handler so we can chain it for unrelated errors $previousUpgradeExceptionHandler = set_exception_handler(null); set_exception_handler(function (\Throwable $e) use ($previousUpgradeExceptionHandler) { // Only intercept the specific bug — let everything else propagate normally if ( $e instanceof \DivisionByZeroError && strpos($e->getFile(), 'upgradefunctions.php') !== false ) { $serviceId = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : 0; header( 'Location: clientarea.php?action=productdetails' . '&id=' . $serviceId . '&upgrade_error=onetime' ); exit; } // Not our error — pass to the previous handler or PHP default if (is_callable($previousUpgradeExceptionHandler)) { call_user_func($previousUpgradeExceptionHandler, $e); } else { restore_exception_handler(); throw $e; } }); } /** * After the redirect, display a clear notice on the product details page * so the client knows what happened and what to do next. */ add_hook('ClientAreaPageProductDetails', 1, function ($vars) { if (empty($_GET['upgrade_error']) || $_GET['upgrade_error'] !== 'onetime') { return []; } return [ 'upgradeOnetimeError' => true, 'upgradeOnetimeMessage' => 'Upgrading to a one-time payment product is not ' . 'supported via the self-service upgrade tool. Please contact support ' . 'and we will arrange this for you manually.', ]; }); Add to clientareaproductdetails.tpl {if $upgradeOnetimeError} <div class="alert alert-warning"> {$upgradeOnetimeMessage} </div> {/if}

@bear This works with the Blend theme <?php add_hook('AdminAreaHeadOutput', 1, function($vars) { return '<script> document.addEventListener("DOMContentLoaded", function() { document.body.classList.add("sidebar-collapse"); }); </script>'; }); From Claude: The new Blend admin theme in WHMCS is built on AdminLTE, which collapses the sidebar by adding a sidebar-collapse class to the <body> tag — it no longer uses the minsidebar variable from the old theme.

One common issue is running the installer but not finalizing the module registration step. After installation: Check if modules were actually copied into the correct directory Refresh the admin panel fully (hard reload) Rebuild the module index if your system supports it Sometimes the UI shows success, but the modules are not registered in the system database yet.

,

Hi Jackson First, make sure you’ve completed all prerequisites: Correct PHP version installed Composer available (if required) Proper write permissions on /modules or installation directory Clean cache after installation A lot of “missing modules” issues come from the cache not refreshing after install.

Any update on this ?

It was a product that someone was bound to make sooner or later. It’s about time. Thank you.

Blend, as mentioned.

What template are you using? Standard WHMCS templates or lagom?

Just moved to the latest WHMCS, and a lot of my older hooks no longer work correctly. A basic one would be to hide the admin sidebar until I click to expand. The code below was working (courtesy Brian!). Now it hides the content, but the sidebar still takes up the space it would occupy (blend template in admin). function hook_admin_minimise_sidebar($vars) { return array("minsidebar" => true); } add_hook("AdminAreaPage", 1, "hook_admin_minimise_sidebar"); Have I missed something? Hs this hook point been changed? Docs don't specifically mention this, but the hooks don't seem to have significantly changed between versions. I have several other useful hooks, and all seem to be non functional.

I’ve added: $allow_adminarea_invoice_mutation = true; Honestly, this change is a nightmare for our daily workflow. We need to edit invoices every day, and with this new restriction, what used to be a simple operation has become an everyday problem. In my opinion, this was a very bad decision from a usability point of view, especially for companies that manage billing operations daily and need flexibility when handling invoices.

I’m trying to install ModulesStack from https://modulesstack.com/installation/ I followed the steps, but I’m not sure if I’m doing it correctly. The installer runs, but the modules don’t appear in my admin panel. Has anyone successfully installed it? What am I missing?

Changelog 6.2.5 Added: support for the WHMCS "Nexus" theme Added: SMS Manager Integration Improved: The License System Improved: Help Page Improved: Blacklist Services Updated: Support WHMCS 8.13.x & 9.0.x Updated: Requires ionCube Loader v14 Fixed SMS Package Removed: Old SMS Integration Removed: Remove Support for WHMCS V8.11.x to 8.12.x Removed: Support for PHP 8.1

Please post the error message(s) as verbose as possible. Along with the error logging and debugging options in WHMCS, you can also check in your cPanel File Manager in your WHMCS installation for a PHP error file, or in cPanel Errors to view what might be happening. As for the /vendor/smarty folder, I believe it has to be from the 8.13 version and not ver 9.0 of WHMCS as they did get rid of the Smarty files and hooks in ver 9. They need to continue working with the out-dated modules/addons that aren't working with ver. 9. What other modules and addons are you using that might not be updated to work with ver 9.0 and interfering with the new version of WHMCS? For me it was ResellerClub-Mods and my Lagom Theme files.

Hi everyone, I wanted to share a great new module I recently discovered that could be a game‑changer for anyone running IPTV or OTT services with WHMCS. It’s a fully featured IPTV/OTT Billing Module for NXT Dash, designed specifically to integrate seamlessly with WHMCS and streamline your service billing, management, and automation. 🔗 Check it out here: https://www.whmcsmodules.com/index.php?m=product_page&pid=68&name=iptv|ott-billing-module-for-nxt-dash-(owner)