Leaderboard

I don't see how having many files is a security risk. If I manage to upload a backdoor on your system, nothing prevents me from burying it in includes/api, naming it addclients.php and obfuscating it with ionCube so that you will never know what is going on. More intelligently I could simply inject my backdoor in an official file of WHMCS. For example I can deobfuscate clientarea.php, add my backdoor and make it accessible with a specific query string. Then I re-obfuscate the entire thing to complete my job. Unless you are constantly watching access log you can't realize what is going on. Not to mention I could hide myself even better using a query string that looks as standard as possible. Personally I protect my system against this kind of problems running a script every couple of hours that compares the checksum of every file I have on the server with the ones included in the official release of WHMCS (same version). If I find a mismatch, the script makes this file harmless (eg. renaming it clientarea.php.suspicious) and sends me an email. Similarly the script also detects php files that are not part of the official release of WHMCS. In this case I review all these potential intruders on a panel where I can whitelist them in case it's a false positive (eg. my own scripts) or destroy them and make further analisys. I was going to release this toy for free on Github but things happened.

Hi @WebHostingPeople I'm pleased to see that our support team were able to help explain the Billing Logic operation, and how deleting invoices was blocking further invoices from being generated. In the broad context; WHMCS will never generate duplicate invoices for the same service on the same Next Due Date. If a service renewal invoice is deleted, but you wish to generate a new invoice for a similar period, edit the client's Products/Service to move the Next Due Date forward by 1 day, then Save Changes. This will allow a new invoice to be generated for almost the same period. Additionally it was my personal pleasure to explain the operation of the Store Client Data Snapshot feature in the follow-up questions in your ticket. If you have any further questions, please don't hesitate to get back in touch.

Great idea as long as he has that installed. Saves time on future coding and upgrades.

Just a quick update, today we released Lara v8.4.0, which is fully compatible with WHMCS v8.4.0 (released 2 days ago!).

Sounds like an issue on Paypal's side, I think. Little bit of a side note but you may want to consider switching to Stripe. Fees are about the same (maybe a little less) and then you could just store the customer's card number and use auto debit. It could save you a lot of time and hassle. https://stripe.com/pricing

Hello everyone, Just want to let you know that e-mail aliases are now supported for OX in WHMCS 8.4: https://docs.whmcs.com/Version_8.4_Release_Notes#OX_App_Suite_Email_Aliases If you experience any issues with this, please reach out to our support team and we will assist in resolving them.

Hi Sjpals, Yes, WHMCS comes with integrations to more than one platform (including cPanel) so that a hosting account or service can be provisioned automatically when an order is received: https://docs.whmcs.com/Server_Modules Similarly to provisioning hosting, domain names can be registered or transferred in an automated way. Here you find a list of the registrar modules that come with out our software: https://docs.whmcs.com/Domain_Registrars Yes. If the product or service offered does not strictly fall into the web-hosting category, you may create a product as type 'Other' and use WHMCS to simply receive orders, generate invoices and reminders. We do have some explainer videos which might help with understanding what WHMCS can do: https://go.whmcs.com/1629/product-tour

It's a little bit hidden. Try this: Login then go to the dropdown where your name is (upper right corner) and click 'account settings'. Next page, click 'Business Information' from the left side menu. On that next screen, click 'update' next to your Business Name. You can edit your logo, address, etc there.

WHMCS have just launched v8.4 which sees many new features. We have updated all of our WHMCS Templates & modules with full support and created guides on how to update your existing product. Learn More: https://www.zomex.com/clients/announcements.php?id=256

Ho provato qualche ora fa ad accere a quella stessa fattura "blu" (simboleggia che l'XML è stato generato) e mi risulta che l'XML è stato rimosso dal nodo FTP. Di fatto mi propone se voglio o meno fare il detach dal database ovverosia dire al modulo di dimenticarsi di quell'XML. Per caso hai risolto? C'erano problemi con il percorso del nodo oppure hai un qualche genere di automatismo che sposta o elimina gli XML? p.s. Ti consiglio di rimuovere lo screenshot o quanto meno cambiare il path amministrativo da "admin" a qualche altra cosa per questo motivo.

This is the kind of news I would like to read in "next release announcement" of yours ... IMHO much, much more useful than any "with this new version you can manage SSL Site Seals!!!" (seriously?!)

Hi all, I can confirm that CORE-14055 was resolved in 8.4.0 Beta 1. We'll get the release notes updated shortly, My apologies for the confusion.

I checked their changelog 'til RC1 and CORE-14055 did not appear. That's why we did not start testing this feature. Let me check this within the rest of this week, latest starting next week. Kai

I've seen there's a feature request submitted 7 years ago about bulk auto recalculate. I know you can do that from phpMyAdmin or with a script but enough is enough. <? /** * Bulk Auto Recalculate Client Domain & Products/Services * * @writtenby Kian * */ use WHMCS\Database\Capsule; add_hook('AdminAreaHeaderOutput', 1, function($vars) { if ($vars['filename'] == 'clientssummary' AND $_GET['userid'] AND in_array($_GET['kata'], array('bulkAutoRecalculateP', 'bulkAutoRecalculateD'))) { $adminUsername = ''; // Optional for WHMCS 7.2 and later if ($_GET['kata'] == 'bulkAutoRecalculateP') { foreach(Capsule::table('tblhosting')->where('userid', '=', $_GET['userid'])->pluck('id') as $v) { localAPI('UpdateClientProduct', array('serviceid' => $v, 'autorecalc' => true), $adminUsername); } header('Location: clientssummary.php?userid=' . $_GET['userid']); die(); } elseif ($_GET['kata'] == 'bulkAutoRecalculateD') { foreach (Capsule::table('tbldomains')->where('userid', '=', $_GET['userid'])->pluck('id') as $v) { localAPI('UpdateClientDomain', array('domainid' => $v, 'autorecalc' => true), $adminUsername); } header('Location: clientssummary.php?userid=' . $_GET['userid']); die(); } } return <<<HTML <script> $(document).ready(function(){ $('[href*="affiliates.php?action=edit&id="], [href*="clientssummary.php?userid="][href*="&activateaffiliate=true&token="]').closest('li').after(('<li><a href="#" id="kata_BulkAutoRecalculate"><i class="fas fa-fw fa-sliders-h" style="width:16px;text-align:center;"></i> Bulk Auto Recalculate</a></li>')); $('#kata_BulkAutoRecalculate').on('click', function(e){ e.preventDefault(); $('#modalAjaxTitle').html('Bulk Auto Recalculate'); $('#modalAjaxBody').html('<div class="container col-md-12"><div class="row"><div class="col-md-6 text-center"><div class="panel panel-default"><div class="panel-body"><p><i class="fas fa-box fa-5x"></i></p><p><small>Auto Recalculate Customer\'s <strong>Products/Services</strong></small></p><p><a href="clientssummary.php?userid={$_GET['userid']}&kata=bulkAutoRecalculateP" class="btn btn-info btn-block">Recalculate Now »</a></p></div></div></div><div class="col-md-6 text-center"><div class="panel panel-default"><div class="panel-body"><p><i class="fas fa-globe fa-5x"></i></p><p><small>Auto Recalculate Customer\'s <strong>Domains</strong></small></p><p><a href="clientssummary.php?userid={$_GET['userid']}&kata=bulkAutoRecalculateD" class="btn btn-info btn-block">Recalculate Now »</a></p></div></div></div></div></div>'); $('#modalAjax .modal-submit').addClass('hidden'); $('#modalAjaxLoader').hide(); $('#modalAjax .modal-dialog').addClass('modal-lg'); $('#modalAjax').modal('show'); }) }) </script> HTML; });

Not sure about doing it in bulk but you can manually update them so you stop losing money. Basically, update your price tables (System settings > domain pricing) and then go to each domain (use the search to make it a little faster or method below) and recalculate each domain. It's not the best way but ultimately stops you from losing any more money. Is it for multiple TLDs? You can also go to Clients > Domain Registrations and then search by TLD. Then open each one in a new tab, recalculate and save.

Hi John, I disabled the automatic backups and that worked! Thanks alot for your help.

Hi @Joelj, How have things been going with the backup disabled? If it's been working since, then it would indicate the backup generation was using up all the available resources on your hosting account. To confirm, you can re-enable it and run the daily automation tasks from the command line , this should show a resource exhausted error on-screen: https://help.whmcs.com/m/automation/l/683269-advanced-cron-troubleshooting If you don't have WHMCS installed on a cPanel server, then I can suggest exploring other external backup options which don't require PHP to operate as an alternative (such as Jetbackup).

Looking at the docs, yup, referral: So surprising.

logActivity is been triggered by WHMCS (or modules/hooks). With this hook index, you can catch the description and then run your code. Just use strpos on $vars[‘desciption’]

I am more than glad to discuss this since it gives me the opportunity to prove that what moves me. Surely I'm not the best business man and developer of the world but I have a lot of direct experience since I'm playing with WHMCS since 2007. Let's go. If I had a euro for every time I heard that, I would own a Ferrari. There are probably 50k providers using WHMCS. Can you imagine how many developers and CEOs are out there? Ones that use this software on a daily basis sharing the same needs and requirements. There are many opportunities and potential customers to fulfill the growth of multiple companies. There's room for everyone. This market is rich and can provide for everyone. That being said, apart from the usual Modulesgarden and few more companies, I can't see anyone showing up with a module that solves something relevant and that is maintained for more than a couple of weeks. Why is it like this? Short answer: easier said than done & the devil is in the details. WHMCS gives people the perception to be a developer-friendly environment. One sees action hooks, API and concludes that making modules and adjustments is not a big deal till you begin coding for real and relize that this is far from being true. When I started in 2007 there were tens of developers actievely releasing modules. They all disappeared. Today there are less than 5 companies left and probably only 1 or 2 are capable of assisting you decently while they maintain their softwares in this WHMCS that keeps growing bugs, bloats and stupid ideas. It is also worth to underline that many of these companies are focusing on meeting small and trouble-free needs like creating templates, micro-management scripts, integrating some kind of services with API and payment gateways. With very few exceptions, nothing can match the complexity of Modulesgarden works. In essence we are talking about a market with almost no competition so two questions arise. First. Why in such a rich market with almost no competition and many needs that are waiting to be satisfied no one is investing money into module development? Second. If this market is rich and creating modules is easy, why Modulesgarden and others are expanding or moving to other markets? For me the answer is that creating modules for WHMCS is not like creating plugins for WordPress where tens of thousands of devs are welcome. In WHMCS no one gives a flying duck of your work. They never valued nor considered the job of third-party developers that are helping them to sell their product. This shouldn't surprise us as they don't even care about their own customers. Also don't forget that as a developer you are required to pruchase WHMCS in order to start coding. As for me, I started building this monster (Billing Extension) in 2014 exactly because I had the idea that coding in WHMCS was relatively easy and profitable. I was wrong as hell. Unfortunately I couldn't predict years or bad twists by WHMCS. To make matters worse, unlike most of my competitors, I focused on the dark side of WHMCS aiming to fix its issues and add missing features. If I could go back in time, I would stay away from billing. Profit-wise, creating a template or couple of payment gateways would have been the best decision but I don't regret it since I learned many things and met many people. So today I have a module so complex that would take a company of the size of Modulesgarden to support customers and maintain its code. I tried to scale-up. I hired developers, added more funds, merged modules rebuilding them from scratch with the same framework (1 year of work), wrote 500+ pages of docs in two languages, tried to increase prices (...) but it was still not enough. All while WHMCS from day to night release once another a version that breaks the mega-complex script that took you one month of work and that still needs to work in the old way only for people running older versions of WHMCS 🥵 After 3 consecutive years of Ok-ish results and nightmares due to WHMCS releases, I was still dealing with the same problem. I needed more funds to hire more developers but customers didn't want to support us with price increases because (I quote) «We don't need support», «Your module can't cost us more than WHMCS, Plesk or cPanel licenses», «I only use one feature». Fair enough, got it. Ironically few years later WHMCS increased prices up to $1.299.95/mo and put an end to life-time licenses 🤔 In retrospect, I should have raised prices anticipating the trend started by WHMCS, Plesk, cPanel and competitors. You can't grow customers and face increased complexity and challenges driven by poor management of WHMCS keeping the same cheap price. You end up investing tons of man-hours debugging the impossible and money doesn't grow on trees. In conclusion for me it was time to let it go. Funding such an unsustainable business just because you happen to have other sources of income doesn't make it better. You are just prolonging an agony. And for what? Cons: More nightmares, working on 25 December, at night, 12-hours per day (even 16 during emergencies 😑), being permanently unable to keep up with the so-called "stable" releases of WHMCS, receiving five new tickets every time you close one, being "stalked" and "hated" by customers, negative reviews, dealing with all the crazy stuff involving billing and e-invoicing and that unexpected change that forces you to update your module so that it works with: five, six, twentyone, ThemeMetro, Swiftmodders, bootstrap 3, 4, my uncle, my grandmother... give me a break. Pros: some profit that doesn't repay you for the toxicity you have been subjected to. In all honesty it is not worth the effort. I prefer to invest in a grid bot to buy low and sell high on a random crypto. It feels better even when I lose 1k in less than a minute. This reminds me the 2007-2012 period when I was running a quite successful game hosting provider. Everything was going fine. Good vibes, revenues, high dedication, passion for what I was doing till people started playing with ddos attacks to fulfill their egos and live the "hacker-life". At that time anti-ddos protection was very costly. I was spending 28 times the money spent by attackers to ddos me. When you spend 80% the money just to cover firewall and bandwidth costs with servers still lagging, you know it is time to sell your toy and move on. Many years later on a different market and for different reasons the story repeated with WHMCS. Ask me anything but when it comes to gameservers and WHMCS my wallet is closed and my time is better spent on a bycycle in the attempt to win a race on Zwift even if it hurts and leaves you panting like a lizard on a hot rock. Atm I' happily working on a different market that is way more complex than WHMCS but it is still more rewarding. There's a bigger pool of talents and teaching stuff is easier. Not to mention we can plan incomes, expenses and predict changes well ahead simply because there's no entity like WHMCS that feels the urge to pump out sloppy updates driven by nothing that resembles user feedback not couting shady collabs. In my opinion these are only ways to perform well as third-part developer of WHMCS: Making small scripts that are not subjected to WHMCS decisions Work for providers with deep pockets Find a way to gather tens of software developers, designers and specialistys in various fields Embracing open source hoping providers sponsor your project and that other devs come to help. If I had to choose I'd go for open source but considering risks and the fact that WHMCS doesn't care about you, why should I spend my reputation for them? Why should I keep supporting them in chains? At this point I would create my own system

7.10.3 and 8.3.2

You can add it to Google Tag Manager

Thank you I believe that just did it!

in your template edit this file: clientareadetails.tpl add this code: <script type="text/javascript"> $(function() { $("#customfieldXX").attr("readonly", "readonly"); });</script> Replace customfieldXX with your customfiled address like: customfield44 for prevent to Bypass the code add file whit this name: PreventChangesToClientCustomFields.php in includes/hooks <?php use WHMCS\Database\Capsule; add_hook('CustomFieldSave', 1, function($vars) { $ReadOnlyFields = array('43', '63'); // IDs of Custom Fields that cannot be edited $DisallowAdmin = false; // true = Even Administrators are not allowed to edit | false = Administrators can freely update Custom Fields /* Do not edit below */ $IsAdmin = (basename($_SERVER['PHP_SELF']) == 'clientsprofile.php' ? true : false); $IsNewClient = (in_array(basename($_SERVER['PHP_SELF']), array('register.php', 'cart.php')) ? true : false); if (in_array($vars['fieldid'], $ReadOnlyFields) AND (($IsAdmin AND $DisallowAdmin) OR (!$IsAdmin)) AND !$IsNewClient) { return array('value' => Capsule::table('tblcustomfieldsvalues')->where(['fieldid' => $vars['fieldid'], 'relid' => $vars['relid']])->first(['value'])->value); } }); replcae array('43', '63') with your custon filed item like: $ReadOnlyFields = array('44')

We've already established that WHMCS could care less about fixing bugs and they'll tell you 'you're the only one raising an issue about this'. Which registrar are you using? If it's Resellerclub or LogicBoxes based, Marco at ResellerClub-Mods has a module or two that should help with this.

Hello! Over the last year I've clocked up quite a few questions that I don't seem to be able to find answers for here. I'm 99% sure this is due to a poor search method issue on my end, but I've tried, I swear! Saying hi and apologising before I fill the forums with questions that have almost certainly already been answered. Cheers!

I highly suggest to check if a registrar has a dedicated team assigned to 3rd-party Software Integrations. Most of the registrars don't have this in place and will lack in support when it comes to issues or problems. We at CentralNic are there for our brands (HEXONET, RRPproxy, et al)

I hope you noticed me pointing on the security/data breach of epik.com? You should not consider working together with an unsecure registrar, if you highly consider your customer interests. I guess, customers worry more about security than about keeping services in the US.

Preview: Code: use WHMCS\Database\Capsule; add_hook('AdminAreaHeaderOutput', 1, function($vars) { if ($vars['filename'] == 'invoices' AND $_GET['id']) { $Data = Capsule::select(Capsule::raw('SELECT id, type, relid FROM tblinvoiceitems WHERE invoiceid = "' . $_GET['id'] . '"')); $Data = json_encode($Data, true); $output .= <<<HTML <script type="text/javascript"> $(document).ready(function(){ var rel = {$Data}; var rows = $('.datatable td > input[name^="itemids"]').first().closest('tbody').children('tr'); $.each(rows, function(i,e){ $(e).children('*').last().clone().html('').insertBefore($(e).children('*').last()); }) rows.first().children('th').eq(-2).text('Meoooow!'); $.each(rel, function(i,e){ if (e.type == 'Hosting') { var url = 'clientsservices.php?id=' + e.relid; var faicon = 'fa-server'; } else if (e.type.includes('DomainRegister', 'DomainTransfer', 'Domain')) { var url = 'clientsdomains.php?id=' + e.relid; var faicon = 'fa-globe'; } if (url) { $('input[name^="itemids"][value="'+ e.id +'"]').closest('tr').children('*').eq(-2).html('<a href="'+ url +'" target="_blank"><i class="fas '+ faicon +'"></i></a>'); } else { $('input[name^="itemids"][value="'+ e.id +'"]').closest('tr').children('*').eq(-2).html('<img src="https://katamaze.com/templates/kata/img/stuff/nyan-cat.png" style="height: 27px;width: 100px;">'); } }) }) </script> HTML; return $output; } }); For domains there's the "globe" icon and for hosting accounts "server" one. You can do the same for coupons, late fees, upgrades etc.

INSERT INTO tblbannedemails (domain) VALUES ('hotmail.com'), ('gmail.com');

<?php use WHMCS\Database\Capsule; add_hook('AfterCronJob', 1, function($vars) { $adminUsername = ''; // Optional for WHMCS 7.2 and later foreach(Capsule::table('tblhosting')->pluck('id') as $v) { localAPI('UpdateClientProduct', array('serviceid' => $v, 'autorecalc' => true), $adminUsername); } foreach (Capsule::table('tbldomains')->pluck('id') as $v) { localAPI('UpdateClientDomain', array('domainid' => $v, 'autorecalc' => true), $adminUsername); } });

Hi @jvwjgames, The error "Failed to perform early file copy during WHMCS file relocation: init.php" means that the auto-updater was unable to move the init.php file. Please adjust the permissions and ownership of this file so it can be manipulated by a PHP script.