Leaderboard

Hello, It’s clear that there is an issue with your database configuration. First, try connecting to the MySQL database using the credentials provided in your configuration.php file and check whether the connection is successful.

I'd suggest that your average user that grabs a script like this will not change anything in it, especially since they're not (apparently) being told to. I've seen users not change a "CHANGE_THIS" in scripts, then ask why it's not working. I've also seen them ignore the "remove this file after use", so relying on that might not be advisable either. Best practice is not to spoon feed, keep this outside the publicly accessible directories, and instead of that simple URL parameter you reveal, make it a "secret key" that is defined within the script, with a note to change it (or better still they make their own that must be x long and have this or that in it; if empty, fail with "key needed"). Safety first.

As you might know, whmcs has a problem with stripe: when the payment is not immediately confirmed by stripe (but requires to clic "capture" on stripe dashboard), whmcs does not record the order and the customer details and does not even send any notification to whmcs admin or to the customer. We solved with a hook that sends us an email with the order details, so that: - we know that there was a order attempt - we know that there might be a payment in stripe that requires manual "capture" - if necessary, we have all the client and order details in order to recreate the both client account and order. Here is the hook. <?php if (!defined("WHMCS")) { die("This file cannot be accessed directly"); } /** * Save all checkout data to a TXT file * AND email it to admin * Runs BEFORE order/invoice creation, and before redirect to Stripe. */ add_hook('ShoppingCartValidateCheckout', 1, function ($vars) { // --- 1. Clone and sanitise incoming data ------------------------------- $data = $vars; // Mask any possible card data (good practice even if Stripe never posts it) $sensitiveFields = [ 'ccnumber', 'cccvv', 'ccexpirymonth', 'ccexpiryyear', 'password', 'password2', ]; foreach ($sensitiveFields as $field) { if (!empty($data[$field])) { $data[$field] = '***masked***'; } } // --- 2. Attach cart contents from session (products, domains, etc.) --- $cart = isset($_SESSION['cart']) ? $_SESSION['cart'] : []; $payload = [ 'timestamp' => date('Y-m-d H:i:s'), 'ip' => $_SERVER['REMOTE_ADDR'] ?? null, 'user_agent' => $_SERVER['HTTP_USER_AGENT'] ?? null, 'checkoutFields' => $data, 'cart' => $cart, ]; // --- 3. Build a text representation (for file & email) ---------------- $entry = "==============================\n"; $entry .= "Checkout submitted: " . $payload['timestamp'] . "\n"; $entry .= "IP: " . ($payload['ip'] ?? 'N/A') . "\n"; $entry .= "User-Agent: " . ($payload['user_agent'] ?? 'N/A') . "\n\n"; $entry .= "DATA:\n" . print_r($payload, true) . "\n\n"; // --- 4. Save to TXT file ---------------------------------------------- $logDir = __DIR__ . '/../../logs'; $logFile = $logDir . '/pre_stripe_checkout.txt'; if (!is_dir($logDir)) { @mkdir($logDir, 0700, true); } @file_put_contents($logFile, $entry, FILE_APPEND); // --- 5. Send email to admin ------------------------------------------- // This uses WHMCS' built-in admin notification helper. // The "system" type means it goes to the system email / admin notifications. if (function_exists('sendAdminNotification')) { $subject = 'Pre-Stripe Checkout Captured'; // Use <pre> so the print_r formatting is readable in HTML email $message = nl2br(htmlspecialchars($entry)); sendAdminNotification('system', $subject, '<pre>' . $message . '</pre>'); } // IMPORTANT: Do NOT return an error. Just let checkout continue. return; }); I suggest to implement it. It would be great if it would offer some sort of customization in the admin area.

Hi, to fix the issue go to Settings > General Settings, under Ordering Tab look for "Enable Random Usernames" uncheck it if checked.

In the v9.0 release cycle we have focused efforts on updating our dependencies - which was quite a significant undertaking - ensuring that we carefully managed the Smarty update (as that is potentially an area of high user-impact). I anticipate this work will enable the testing and validation of future PHP versions to move much faster, and we expect to deliver PHP 8.4 support in v9.1. Please see the finalised list above. TCPDF will be updated to 6.10.

Yes, this behavior is expected. The /vendor/ directory in WHMCS contains core dependency files and is not intended to be accessed directly via the browser. For security reasons, WHMCS restricts access to this directory, and attempting to access it should result in a 404 error rather than a 403. This is by design to prevent exposure of sensitive files. The .htaccess file inside the /vendor/ directory is part of this protection, but depending on your server configuration, the parent .htaccess in public_html and Apache’s rewrite rules may also influence how errors are handled. Removing or modifying the parent .htaccess can interfere with WHMCS’s routing and URL handling, which is why you noticed a change in behavior when doing so. In general, you should not need to access anything inside /vendor/ via the browser, and it’s best to leave the default .htaccess WHMCS rules in place to ensure WHMCS functions securely and correctly. These are the stock WHMCS Rules: https://docs.whmcs.com/8-13/system/general-settings/general-settings-general/#whmcs-rules I hope this information helps.

@RadWebHosting's recommendation here is brilliant, and would be my suggestion too! Of course, you can also see a list of all overdue invoices at Billing > Invoices > Overdue in the Admin Area. If you'd be interested in a new event being added to your Notifications settings for when an invoice becomes overdue, I'd recommend opening a feature request here: https://requests.whmcs.com./ I can absolutely see how this would be useful, so getting that feature request open will allow others to comment on and vote for your request. Hope this helps :-)

Feel free to contact us for support: https://radwebhosting.com/support

Hi @venkat.j, The current latest version is 8.13. This behaviour suggests the dates were set to 00/00/0000, either by an admin (in which case there should be an entry in the client's Log tab) or by a rogue after-market module (in which case there probably wouldn't). You can edit the date fields to set the actual dates and click Save Changes. The correct dates will be stored.

For anyone wanting to hide SiteJet from WHMCS here is the code I use, its a combination of a code earlier here provided by a user and addition to hide it inside the package <?php use WHMCS\View\Menu\Item as MenuItem; // Hide in Client Area Sidebar add_hook('ClientAreaPage', 1, function($vars) { $primarySidebar = Menu::primarySidebar(); if ($primarySidebar) { $serviceActions = $primarySidebar->getChild('Service Details Actions'); if ($serviceActions) { $serviceActions->removeChild('sitejet'); } } }); // Hide from Client area add_hook('ClientAreaFooterOutput', 1, function($vars) { return <<<STYLE <style> #sitejetPromoPanel{ display: none !important; } button[data-identifier="sitejet"], li[data-identifier="sitejet"]{ display:none !important; } button[data-identifier="sitejet"] + .btn-group > .btn[data-toggle="dropdown"]{ border-top-left-radius: 3.2px; border-bottom-left-radius: 3.2px; } button[data-identifier=“sitejet”] + .btn-group > .btn[data-toggle=“dropdown”], .btn-group:has(> button[data-identifier=“sitejet”]) > .btn[data-toggle=“dropdown”] { display: none !important; } </style> STYLE; }); // Adjust the Client Area display for Sitejet panel add_hook('ClientAreaFooterOutput', 1, function($vars) { return <<<SCRIPT <script> jQuery(document).ready(function($) { // Change the title text inside h3 $('#cPanelPackagePanel h3.panel-title.card-title').text("Package/Domain"); // Change col-sm-6 to col-md-3 for the image column $('#cPanelPackagePanel .col-sm-6').first().removeClass('col-sm-6').addClass('col-md-3'); // Remove the image with class card-img-top $('#cPanelPackagePanel img.card-img-top').remove(); }); </script> SCRIPT; }); This hook will do as stated earlier where the Promosplash on the frontpage of the SIX theme is showing the SiteJet, then the last code is inside the client area, it adjusts the "Package/Domain" which was always there and they changed to "SiteJet Panel" by adjusting that text back, then removing the half page, into a full 3 row page, and remove the image display so it looks like this See, I pay for the license, I don't see why there isn't a toggle switch to turn off your promotional advertisement but since that is not possible this HOOK legitimately does that, thanks to whomever wrote the first part for the splash on the main client page, but this one also edits the in client product page removing the webpros advertisement and makes it look like it did before. You can always edit that code to remove the image and or replace with yours but this will be enough for me, it keeps it clean. (The image above, Ive redacted any sensitive information but obviously it says the domain name above the Manage Domain). Thank you.