uname-r

Hi, We wanted to do the same with whmcs. ...we asked for this during the first beta of a previous version, while features were looking like to be still a little open for this. Matt answered this was out of question. Then i found another solution that does this. We did it. We sold block of hours on our website. ...and few months later : i understood why Matt did not liked that idea. You'll get more money by going on a per hour basis. Also : you need to discuss of a task with a customer anyway before you perform it. If the client have a block of hours, it means he can ask you for everything. The reality is you cannot do everything : there's stuff you don't know : always. There will be projects you won't want to work on : always. The customer don't want to pay 200$ for a 1 hour task, and then leave the remaining cash in a sleeping state in he's account. You'll get more clients by going on a per hour basis : sounds more professional also. We changed this on our side. Better now. Projects are getting more interesting for everyone. Clients are peoples we want to work with only, and they understand better when we ask them for more time, because what they asked takes time . Also : we are having more clients on the development side now than at the time we were selling blocks of time on our website. Most clients won't buy and will go somewhere else just because they don't know how much time they need to buy from you. Also : let's say you go with the idea to sell block of hours to your clients... ...before they purchase a block of time, clients will always ask for an evaluation anyway, so you'll have to tell them exactly how much time they need to purchase, and then they will rush you like hell to complete always in the provided time frame, because they purchased a block of time, so they think they already paid their development. ...if they don't ask for an evaluation, then most of the time it will means they may be clients refused / untrusted by every other developers or with very complicated projects that will take a month to complete while they will be rushing you like hell always to complete within the purchased block of time. Beleive me : chances are you won't want to work like this anymore 1-2 years after you started BUT : if you still want to do it, why not using something like http://www.wbteampro.com/ and ask them to perform some more development on their tool if they don't deliver such feature (did not verified, but i think you should have more chances by going this way). or you may ask http://modulesgarden.com for this. They are nice peoples out there, always willing to give a hand on something. I have discussed a few times with their developers : it's seems pretty easy to work with them, and achieve your goals with whmcs. I won't promote the solution i found to manage this since i didn't like it. Hope that help

Hi, Is there any quick tricks i may not be aware of to invoice a customer for more than 3 years? The thing is this part of whmcs is ioncube encoded, so i'm wondering if there is a way to modify this? We would like to do a promo for clients who are paying their hosting package for more than 3 years. How can i achieve this with whmcs? Any idea? Thank you in advance

That's possible.. ...but just take a look at the whmcs website : they are using wordpress, but they do no seems to share the login between whmcs, wordpress, vbulletin, and the feature request tool Yes, i know : it's nice to have a single sign in, but if there is a security issue with, let's say, a wordpress plugin (that will happen for sure!) then your whmcs will be at risk! whmcs handle your client passwords. don't take any chances, and don't share the login unless you absolutely need to do it. But, if you still want to do this, then go with http://docs.whmcs.com/AutoAuth - - - Updated - - - ...but don't start downloading encrypted wordpress share login plugins : you'll end up with troubles imho and if you do this : don't use any plugins unless you reviewed all their code. I would recomment you to use an iframe if you want to embed into your website - if you start with html. if you know html and css, then you can do very great things with whmcs without having to share the login. ...just match it with your website, and split your website sections into sub-domains. peoples will understand the login to forum.yourdomain.com is different than the login at client.yourdomain.com

Hi, The answer is here : http://forum.whmcs.com/showthread.php?72911-WHMCS-Idera-R1soft-module&goto=newpost No need for a full integration, but instead : just fetch the amount of data transfered, and send an invoice. As far as i can see, you do not seems to be using r1soft already. R1soft have the following users: - admin - resellers - users You can fetch all of the infos, and manage the backups for each of those users through the API. Here is the feature request for this (you will get better results if you want this by voting there for this feature) https://requests.whmcs.com/responses/add-r1soft-cdp-enterprise-server-version-3-with-reseller-features

what's the goal of such module exactly? If you don't know how to edit a htaccess file : why are you doing hosting?

Hi, Possible for you to send us a screenshot of those options without any name, so we can see what are those options? ...have you tried using a default language file? Sometimes, when this happen, it's because there is something missing in the language file. possible? - - - Updated - - - is it the tokens?

Hi, I think you will need to create a session. <?php $url = "http://www.yourdomain.com/whmcs/includes/api.php"; # URL to WHMCS API file $username = "Admin"; # API user username goes here $password = "demo"; # API user password goes here $postfields["username"] = $username; $postfields["password"] = md5($password); $postfields["action"] = "addinvoicepayment"; #action performed by the [[API:Functions]] $postfields["invoiceid"] = "1"; $postfields["transid"] = "TEST"; $postfields["gateway"] = "mailin"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 100); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields); $data = curl_exec($ch); curl_close($ch); $data = explode(";",$data); foreach ($data AS $temp) { $temp = explode("=",$temp); $results[$temp[0]] = $temp[1]; } if ($results["result"]=="success") { # Result was OK! } else { # An error occured echo "The following error occured: ".$results["message"]; } ?> ...and then post the domains : http://docs.whmcs.com/API:Register_Domain

I know this post if very old, but i am also looking for the same thing. Someone know how we can post from an external form to the bulk one? Thank you in advance!

I prefer to only disable on a per path basis. Here is a very good documentation about how to manage the rules : http://www.atomicorp.com/wiki/index.php/Mod_security ...but i still think some of those rules should be improved to work better with whmcs... Anyhow, as i mentionned, most of them are now fixed or disabled by id since a long time... ...but i would much prefer to do not exclude some of those i excluded, even if it's only a few paths

Is it working with Idera CDP 3 enterprise or only the version 2?

Someone can provide feedback about this module? Have you tried it?

Bonjour kyrotomia I am also from Québec Don't worry about the 3 decimals. It's ok to round up : our money no longer include penny anyway. Everything is rounded up I would like to point you to this : http://cccd-rcc.org/fr/revendication/notice20120705.asp It say : "Après plusieurs échanges avec des représentants du ministère des Finances, ce dernier a confirmé au CCCD qu'il sera toujours possible pour un détaillant, comme par le passé, d'utiliser des facteurs mathématiques arrondis à deux points décimaux lorsque le système de caisse enregistreuse utilisé ne permet pas de déterminer la TVQ au taux réel de trois décimales (art. 69.3.1L.R.Q., chapitre T-0.1, Loi sur la taxe de vente du Québec). Des modifications seront apportées à l'article 69.3.1 à l'automne afin de clarifier la procédure." so nothing to worry about this. ...peoples are used now to get everything rounded up, and i don't think they will bother about this. Hope that help

bump??!!?? Someone have an idea of what can be done to hide a div if the double factor is enabled? Thank you!

Hi, If i only want to div to appear on the clientarea homepage for users who did not enabled the two factor authentication.... what should i do? I am trying with {if $twofastatus} smarty tag, but this do not work. Thank you!

Hi, I am having many problems setting up mod_security with WHMCS on a Ubuntu server. I was not having any problem with the last branch (whmcs 5.1.x) The same problem seems to happen also on CentOS with the exact same ruleset, from OWASP : http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.5.tar.gz Possible for someone who know about mod_security owasp rule set to tell me if i should continue with theses rules, or if there are better ones i should use with whmcs? All of theses are just false positives... I do not want to disable the rules : i want to protect the server with mod_security, so i would like to improve them, or get better rules. ...i am wondering if this one (the first rule below) is related to programing issues with whmcs or if this is something i need to improve on the side of the server config. imho, i think this is related to whmcs : [Tue Mar 26 08:55:40 2013] [error] ModSecurity: Warning. Pattern match "(.*?)=(?i)(?!.*secure.*)(.*$)" at RESPONSE_HEADERS:Set-Cookie. [file "/etc/modsecurity/activated_rules/modsecurity_crs_55_application_defects.conf"] [line "99"] [id "981185"] [msg "AppDefect: Missing Secure Cookie Flag for WHMCSWK3SD9jYz3vn."] [tag "WASCTC/WASC-15"] [tag "MISCONFIGURATION"] [tag "http://websecuritytool.codeplex.com/wikipage?title=Checks#cookie-not-setting-secure-flag"] [hostname " "] [uri " "] [unique_id "UVFii8BfN1wAAGavEAwAAAAG"] I am also getting theses : [Tue Mar 26 09:02:34 2013] [error] [ ] ModSecurity: Rule 7f392f069280 [id "950901"][file "/etc/modsecurity/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"][line "77"] - Execution error - PCRE limits exceeded (-: (null). [hostname " "] [uri " "] [unique_id "UVFkKsBfN1wAAGgtASkAAAAD"] [Tue Mar 26 17:57:32 2013] [error] [ ] ModSecurity: Warning. Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*){4,}" at ARGS:tos. [file "/etc/modsecurity/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "171"] [id "981173"] [rev "2.2.5"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "-privee"] [hostname " "] [uri " "] [unique_id "UVHhi8BfN1wAABvtaiAAAAAF"] [Tue Mar 26 17:53:45 2013] [error] [ ] ModSecurity: Warning. Pattern match "(/\\\\*!?|\\\\*/|[';]--|--[\\\\s\\\\r\\\\n\\\\v\\\\f]|(?:--[^-]*?-)|([^\\\\-&])#.*?[\\\\s\\\\r\\\\n\\\\v\\\\f]|;?\\\\x00)" at ARGS:message. [file "/etc/modsecurity/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "49"] [id "981231"] [rev "2.2.5"] [msg "SQL Comment Sequence Detected."] [data "---"] [tag "WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname " ] [uri " "] [unique_id "UVHgqcBfN1wAACpadloAAAAH"] [Tue Mar 26 17:37:18 2013] [error] [ ] ModSecurity: Warning. Pattern match "(/\\\\*!?|\\\\*/|[';]--|--[\\\\s\\\\r\\\\n\\\\v\\\\f]|(?:--[^-]*?-)|([^\\\\-&])#.*?[\\\\s\\\\r\\\\n\\\\v\\\\f]|;?\\\\x00)" at ARGS:message. [file "/etc/modsecurity/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "49"] [id "981231"] [rev "2.2.5"] [msg "SQL Comment Sequence Detected."] [data "7#tab3\\x0d"] [tag "WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname " "] [uri " "] [unique_id "UVHczsBfN1wAACpvgiQAAAAJ"] [Tue Mar 26 17:37:18 2013] [error] [ ] ModSecurity: Warning. Pattern match "\\\\W{4,}" at ARGS:message. [file "/etc/modsecurity/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "155"] [id "960024"] [rev "2.2.5"] [msg "SQL Character Anomaly Detection Alert - Repetative Non-Word Characters"] [data ",\\x0d\\x0a\\x0d\\x0a"] [hostname " "] [uri " "] [unique_id "UVHczsBfN1wAACpvgiQAAAAJ"] [Tue Mar 26 17:53:46 2013] [error] [ ] ModSecurity: Warning. Operator GE matched 5 at TX:inbound_anomaly_score. [file "/etc/modsecurity/activated_rules/modsecurity_crs_60_correlation.conf"] [line "37"] [id "981204"] [msg "Inbound Anomaly Score Exceeded (Total Inbound Score: 20, SQLi=3, XSS=): Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [hostname " "] [uri " "] [unique_id "UVHgqcBfN1wAACpadloAAAAH"] [Tue Mar 26 12:24:42 2013] [error] [ ] ModSecurity: Warning. Operator LT matched 5 at TX:inbound_anomaly_score. [file "/etc/modsecurity/activated_rules/modsecurity_crs_60_correlation.conf"] [line "33"] [id "981203"] [msg "Inbound Anomaly Score (Total Inbound Score: 3, SQLi=, XSS=): Common SPAM/Email Harvester crawler"] [hostname " "] [uri " "] [unique_id "UVGTisBfN1wAABb9wN8AAAAH"] Thank you in advance for your assistance on this