Jump to content

string

Members
  • Content count

    33
  • Joined

  • Last visited

Community Reputation

15 Good

About string

  • Rank
    Newbie

Recent Profile Visitors

896 profile views
  1. string

    Frequently Logged out from client area.

    Maybe you need to increase the PHP session lifetime on your server.
  2. Another way would be to run a hook (maybe AfterCronJob) or cronjob to adjust the expire date of eNom .EU domains to -3 days (e.g. calculated based on the next invoice date to prevent multiple minus 3 days calculations for the same domain). But this could cause confusion, since the WHMCS invoice then shows a different expiration date than in the domain details. Another hook would be required to adjust the expire date on the invoice. Though there will be still an inconsistency because during ordering because WHMCS clearly state "1 year". But I think that this would attract the least attention. Seems like a lot of work and headache, maybe it's better to change the registrar.
  3. string

    Translation in Hook understanding

    You can use Lang::trans('infotext') within the hook. This should help: WHMCS Internal Class Documentation.
  4. If the PHP session must be writeable again, you need to resume the session after your long_query_function() with the PHP function session_start() I have not tested it, but i can imagine that if session_write_close() is used within a hook, you may must resume the session afterwards so that WHMCS continues to work properly. But note: to continue the existing session, you need the session id:
  5. Depending on what the page do, you may be able to use session_write_close() to prevent session locks. This articel explains it pretty good.
  6. string

    cPanel Password Security

    @rarija @baffinsabino Probably it would be a good idea if you compare (via PM) which modules you have installed. This could give hints to the module that may have caused the problem. The common way would be to check the webserver access logs so you should be able to find out what happened. The installation of a WAF (Web Application Firewall) and IDS, especially for such critical systems like WHMCS, is quite recommendable. At least a large part of the common attacks can be detected and prevented with that.
  7. According to the documentation you just have to disable the twitter integration to only show the announcements (General Settings -> Social -> clear "Twitter Username" field). Alternatively you can remove the following part of the file /templates/<your_template_name>/homepage.tpl to display the announcements: {if $twitterusername} <h2>{$LANG.twitterlatesttweets}</h2> <div id="twitterFeedOutput"> <p class="text-center"><img src="{$BASE_PATH_IMG}/loading.gif" /></p> </div> <script type="text/javascript" src="templates/{$template}/js/twitter.js"></script> {elseif $announcements} .... .... .... And at the end of the file remove the line {/if}. Or more simple: Just rename {if $twitterusername} to {if $twitterusername_disabled}
  8. WHMCS does not provide such function. There are addons on the marketplace listed with the possibility to generate PINs: Click the search button to get results You could create a custom field.
  9. MariaDB should work fine. But you should make sure that strict mode is disabled in the MariaDB configuration. Since MariaDB 10.2.4 this is activated by default: Disabling MySQL Strict Mode
  10. That is correct. But WHMCS uses several third party libraries, including PHPMailer (see the security advisory from WHMCS). This CVE came to mind spontaneously as an example that the vulnerability does not necessarily have to be in the WHMCS core. Older WHMCS versions naturally contain older third party libraries 🙂 My comment on this is more generally related to v5. I think that @Kian does not only refer to the "latest" v5 version.
  11. Public exploits exists for WHMCS v5. I think the security risk does not require any discussion. It's not just about public exploits, but also about things like CVE-2016-10033 (I know that this vulnerability is likely to be exploited with luck, but be that as it may). WHMCS v6 is EOL, thereforce i would not call it safe to use. However, I can not find any public exploits right away, but that does not mean that there are no non public exploits. Longer LTS releases would be desirable, but I think that will not change in the future.
  12. string

    7.5.2->7.6 Failed

    According to the error message, the table 'tblioncube_file_log' does not exist. Executing the following SQL query probably helps you: CREATE TABLE IF NOT EXISTS `tblioncube_file_log` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `filename` text COLLATE utf8_unicode_ci NOT NULL, `content_hash` varchar(512) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', `encoder_version` varchar(16) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', `bundled_php_versions` varchar(128) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', `loaded_in_php` varchar(128) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; Normally this table should be created when upgrading to version 7.5.0. Version 7.5.0 also did the following on upgrade: INSERT INTO `tbladminperms` (`roleid`, `permid`) VALUES (1, 146); It is probably in your interest to check if the permid 146 exists in your database. If not, something went wrong at the upgrade. Then i recommend to contact the WHMCS support.
  13. Since my last post, several releases have been released. Please take a look into the release notes. The feature highlight of the last release: IPMI and KVM Proxy: Customers can access private IPMI and KVM IPs without VPN or similar. More information can be found at the proxy informations page.
  14. Version 2.0.4 was released on 06.02.2018 Full VPS support VPS auto setup IP manager More infos at the release notes Demovideo & screenshots Version 2.0.4 includes a new clientarea template:
  15. You see this messages because you have enabled the Hooks Debug Mode. When you disable these setting, no messages should be logged anymore to your activity log.
×

Important Information

By using this site, you agree to our Terms of Use & Guidelines