EhsanCh

i get error on displaying qr codes : The image “http://xxxx.com/index.php?m=oath&qr=1&secret=VFFT6GHHD5BL5XS1” cannot be displayed because it contains errors. PS: solved. there was a new line in begin of my template that cause error.

Hi First thank you for your work, hope you dont bother for this question. but i am solicitous about security of this module bacause of its closed source. how can i be sure that our information will not be sent via hooks or some files to somebody ?

Only your server IP can connet to API, BUT if someone have api password (that is same as your web panel password) he can login to resellerclub control panel and access to your whole account from any ip. even change your username and password or transfering domains.

Dear Reselleclub resellers , dont forget to vote for this feature : http://feedback.resellerclub.com/forums/19909-general/suggestions/2492951-please-pay-more-attention-to-security

As WHMCS expird all customer passwords , so a working password for whmcs.com client area is enuagh for verifyning customer ! if it is unsecure so all of our whmcses is unsecure too.

And dont forget to vote for it

Dear resellerclub resellers, as you see these days , any hosting can be accessed by hackers, even WHMCS servers. so please vote for this feature to avoid losing your domains : You have to login to your resellerclub panel , then click on feedback link on top right of your control panel, then click this link : http://feedback.resellerclub.com/forums/19909-general/suggestions/2492951-please-pay-more-attention-to-security

-Company account cannot access API function and cannot be used in whmcs. -yes, we shuld take care security of our system . but nothing is 100% secure, specyally in shared hosting. every time a bug may be found in our hosting softwares or in whmcs... so ? - no permission can set for subreseller , and even if it can set it is not usefull because we need it under main account.

But if someone can access API password , he can login to resellerclub and add his ip to allowed list. he can also move all domains to another panel. someone that has api password , has unlimited access.

are you sure you did this steps : ? -save file as utf8 with signator encoding. -Make sure the following is included in your configuration.php file after convert $mysql_charset = 'utf8';

Hi friends. As you may know , resellerclub uses your full username and password for API authentication so if you were to be compromised (for example by a bug or insecure hosting) he can access to all of your domains. the solution is a separate and limited API user , and it can be done only by resellerclub. i request all of you to vote for this request on Resellerclub feedback system at folowing link : http://feedback.resellerclub.com/forums/19909-general/suggestions/2492951-please-pay-more-attention-to-security Please pay more attention to security To Vote , simply login to your resellerclub account , at TOP Right of control panel you see a feedback link , click on it to login to feedback system and click on above link. or search by subject : "Please pay more attention to security"

i use emeditor 8.06 . the key is "--default-character-set=latin1 " parametr in mysqldump. mysqldump --default-character-set=latin1 --opt --user=USERNAME -p whmcs_database > whmcs.sql Make sure the following is included in your configuration.php file after convert $mysql_charset = 'utf8';

download EmEditor 1-dump database mysqldump --default-character-set=latin1 --opt -p whmcs > whmcs.sql 2-open file as utf8 in emeditor 3-replace all "latin1" with "utf8" 4-save file as utf8 with signator 5-import new file

How to add a line to whmcs log in hooks ?

$str = substr($str,strpos($str,"_")+1,strrpos($str,"_")-strpos($str,"_")-1 );