Can someone please confirm this bug?

[saadsalman]

Hi,

 

cPanel does not allow passwords to include the username and when I do this unallowed operation via WHMCS Admin area it says:

Sorry, the password may not contain the username for security reasons.

Surely that's the way it should behave. However, when a client tries to do the same from his client area, he is not shown any such error and the new password is successfully stored in the WHMCS database. The client thinks that the password has been changed but the case is otherwise.

 

It would be great if someone can confirm this bug because I can just try it on a single installation.

 

Regards

[plusplushosting]

I guess you have the password strength option enabled in cpanel....im not sure in the recent last whmcs version but the last time i did test this was not working with whmcs...i mean, whmcs will just do nothing if the password do not meet the cpanel password strength criteria. Im not sure if is a cpanel API limitation or a whmcs one.

[saadsalman]

I guess you have the password strength option enabled in cpanel....im not sure in the recent last whmcs version but the last time i did test this was not working with whmcs...i mean, whmcs will just do nothing if the password do not meet the cpanel password strength criteria. Im not sure if is a cpanel API limitation or a whmcs one.

But had it been a WHMCS limitation it should not have been shown in WHMCS Admin panel.

[FlexiHost]

That will be correct - WHMCS should not allow the username to make up a password, as cPanel does not allow this.

[saadsalman]

That will be correct - WHMCS should not allow the username to make up a password, as cPanel does not allow this.

Again the point is that WHMCS is showing up password errors in the admin area but not in the client's panel. That's the issue!

[cenourinha]

Yes, this should be fixed in the whmcs frontend.