Jump to content

eval(base64_decode

WebyHosting

By WebyHosting
in Using WHMCS

 Share

Recommended Posts

Eduardo G. Senior Member

Eduardo G.

Posted
Posted

I'm answering you here, too :-)

 

First, check you have applied specific patch:

http://forum.whmcs.com/showthread.php?t=43462

 

Then you can take a look at this post about spam control rules to avoid those tickets:

http://forum.whmcs.com/showpost.php?p=207853&postcount=3

(full thread: http://forum.whmcs.com/showthread.php?p=207853#post207853)

0
Link to comment
Share on other sites
croc Junior Member

croc

Posted
Posted

I happen to be one of little understanding. I did replace the file with the patched file but I have no idea what a hook is or how to make one. Can I get more info please?

 

Thanks

 

 

 

You will still get the messages through, unless you have a hook setup to just ditch them.

 

If you have patch then you should have nothing to worry about.

0
Link to comment
Share on other sites
bear Senior Member

bear

Posted
Posted

Matt posted this elsewhere, so I take no credit for it.

Create a brand new php file, and call it whatever you like, in this folder: whmcs/includes/hooks

In it:

<?php
$checkvars = array('subject','message');
foreach ($checkvars AS $checkvar) if (strpos($_REQUEST[$checkvar],'{php}')!==false) die("no thanks");
?>

If a message comes in with that subject or message, it should offer a blank page with "no thanks" on it. Edit to suit.

0
Link to comment
Share on other sites
  • 4 weeks later...
SilverNodashi Senior Member

SilverNodashi

Posted
Posted
Matt posted this elsewhere, so I take no credit for it.

Create a brand new php file, and call it whatever you like, in this folder: whmcs/includes/hooks

In it:

<?php
$checkvars = array('subject','message');
foreach ($checkvars AS $checkvar) if (strpos($_REQUEST[$checkvar],'{php}')!==false) die("no thanks");
?>

If a message comes in with that subject or message, it should offer a blank page with "no thanks" on it. Edit to suit.

 

This "extra" also blocks you (WHMCS administrator) from editing any email templates.

This, and every other template I tried to edit was blocked:

 

<p>Dear {$client_name},</p>
<p>You requested that you be reminded of your Client Area Login Details. They are as follows:</p>
<p>Email Address: {$client_email} <br /> Password: {$client_password}</p>
<p>You can login at {$whmcs_url}</p>
<p>{$signature}</p>

0
Link to comment
Share on other sites
zomex Senior Member

zomex

Posted
Posted
The spam controls do not work, as the support ticket is not submitted by email

 

This is true, on webhostingtalk.com someone post a very good hook that stops people being able to use {php} in tickets. It's a shame that spam controls wasn't able to achieve this.

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept