Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


string last won the day on May 15 2019

string had the most liked content!

Community Reputation

25 Excellent

About string

  • Rank

Recent Profile Visitors

5820 profile views
  1. I'm afraid I don't quite understand the question. If you ask how to quote something: It works the same way as in mails: >Lorem ipsum Ok!
  2. Description This module for WHMCS allows to create dependencies between the configurable options of WHMCS. With the rule builder, dependencies can also be defined among each other, so that very complex rules can be created. The module is built in such a way that no template changes are necessary in the clientarea. Features: Hide or disable configurable options. Create rules with multiple dependencies and dependency groups that must satisfy an AND / OR condition. The rules can be divided into several groups so that various rules can be created for the same products or rules. No template changes necessary. Example use cases: The server has a selectable number of hard disks. If the customer selects less than 4 disks, only RAID 0 / 1 should be selectable, but not RAID 10. You offer managed hosting as an option, but only in conjunction with Debian as the operating system. You are offering cPanel licenses with your server offers, which is only compatible with CentOS. With this module, you can create a dependency rule which specifies that if the customer selects cPanel, all other operating systems are automatically removed from the selection and the operating system is set to CentOS. Thanks to the completely user-selectable option logic, the possibilities are practically endless. Order here (19.99 € / quarterly) Demo Video & Screenshot More videos and screenshots are available here. ------------- Free Trial For all modules, a free trial is available. Click on the buy link on the top of the site to order. Please note the requirements for a free trial on the page. Compatibility The module works with WHMCS v6.0 and above.
  3. Without knowing the code, it is difficult to make a conclusion. If I were in this situation, the first thing I would do would be to see if the entry was really added (even if the ID was incremented, and that speaks for it) by looking for the ID in the database right after the insertGetId query and logging the content via: logActivity (json_encode($query->field)); If the expected content is logged, I would then grep for any hooks that change something in the announcement table. Edit: The other thing I would think of is that WHMCS may automatically remove incorrect entries. For example, if some relation is not correct. To exclude this thesis, you can place the existing values of an entry in your hook, delete the entry from the database and see what happens if you run the hook again.
  4. Whenever exec or shell\_\exec is used, it should be absolutely ensured that the user input is validated, otherwise this can end problematically. I don't see a big problem with the "domain" parameter, since WHMCS should already validate this value, but it's definitely not wrong to validate the parameters again, just in case. In addition to validation, I recommend escaping the arguments via the standard PHP function escapeshellarg. PS: I had to obfuscate shell\_\exec as otherwise the WHMCS server does block my post.
  5. You can parse the json with jQuery.each. Here is an example: https://codepen.io/deploymentcode/pen/QWvgypY
  6. https://developers.whmcs.com/advanced/creating-pages/ If you add this to your custom page, the page should show a login page to guests, instead of the error message:. $ca->requireLogin();
  7. Spam Control only checks imported mails. It doesn't check anything if the ticket is created via the ticket form. You would need to create a hook to block the email address from submitting tickets. Ideally you would return not an error message, but a success message so that he does not adjust his method.
  8. 6.0.7 isn't affected by these CVEs 🙂 Maybe that works. If you are forced to stay on WHMCS 7.10 and later on a security vulnerability becomes known, you can at least try that. If this does not work, it would be possible write a wrapper so that it still works (i.e. restore compatibility via custom PHP code). However, i wouldn't suggest that if you are not a dev. And even if you are a dev, the recommended way would be to keep WHMCS up to date. Even though I know how annoying the version cycle of WHMCS is.
  9. According to the file "/vendor/phpmailer/phpmailer/VERSION", WHMCS uses the version 6.1.5 which is not affected by CVE-2020-36326. 6.1.5 is not affected by this.
  10. The information is stored in the table "tblticketspamfilters".
  11. You need to increase the value of the session.gc_maxlifetime parameter in your php.ini. This will keep the PHP session longer in case of inactivity.
  12. Did you remove the /vendor directory and then reupload it? Your message sounds like you reuploaded everything else, except the vendor directory. Also note: You need to remove the directory first, to remove all old files, which are possibly in conflict with the new version.
  13. I had a similar problem. The cause was that the upgrade script of WHMCS did not remove some obsolete files. I suggest to download the WHMCS version which you upgraded to, remove the /vendor directory (it's in the root WHMCS directory) and reupload it from the downloaded archive.
  14. I suggest to inspect the content of $vars. E.g.: function generate_custom_invoice_number_4Client_hook($vars) { logActivity (json_encode($vars)); $invoiceid = $vars['InvoiceID']; $customnumber = 'WTW'.date("Y").str_pad($invoiceid,5,"0",STR_PAD_LEFT); //if (isset($customnumber)) { // would be always true... if (!empty($invoiceid)) { try { $updatedInvoiceNumber = Capsule::table('tblinvoices') ->where('id', $invoiceid) ->update(['invoicenum' => $customnumber,]); } catch (\Exception $e) { logActivity ($e->getMessage()); } } } add_hook('AfterShoppingCartCheckout', 1, "generate_custom_invoice_number_4Client_hook"); Then check the WHMCS activity log to see what $vars contains. This will also reveal whether the hook is executed at all.
  15. I don't usually create threads like this since this probably happens often and is not worth discussing, but the audacity I just experienced is grandious. I was analyzing a problem of a customer who bought a module. His WHMCS was behaving quite strangely. I quickly realized that the problem must be caused by another plugin and so I started to search. After a short time I found out that the problem is caused by the plugin API Whatsapp from the "developer" mmhospedagem.com.br. So I looked to see what it was doing - the source code was not encrypted - and realized that the module was using code from one of our modules. Our module is encrypted, so they decrypted it and took parts of it. Now the bizarre thing - they didn't even rename the function names or the MySQL table. They just copied the code 1:1. Probably the module is also otherwise thrown together from code from Stackoverflow 😄 But it goes even bolder. So I looked to see if mmhospedagem once bought the module in question (it's called "Auto Login From Mails") and yes, he did. After the purchase he opened a PayPal dispute and wanted his money back. Well, he lost the case, if I remember correctly. I don't really know what the thread is supposed to accomplish, I guess I just had to share what I have experienced. If another developer sees the thread here and gets an order from these people, well, your property is in danger i would say 🤦‍♂️
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated