Jump to content

Why all the patches?

isdoo

By isdoo
in Feedback

 Share

Recommended Posts

PWPH Member

PWPH

Posted
Posted
Why all the patches?

 

Better to have security patches then no patches at all.

 

Being a WordPress user for 8 years I have seen many security patches over the years in that blogging software. In the long run nothing is safe on the internet, not even WHMCS.

 

Let's just hope the WHMCS Team is getting an external security audit done as we speak, that could cut down some security problems in the future.

0
Link to comment
Share on other sites
twhiting9275 Senior Member

twhiting9275

Posted
Posted
Why don't you go make your own and leave us alone... I'm tired of your trolling comments

There's this awesome thing called an 'ignore list'. I'd suggest you make use of it, and welcome to it. If all you're going to do is complain about someone else's opinion, yeah, the problem isn't with someone else, it's with you.

 

As far as you calling me a 'troll':

Just because you don't like my opinion doesn't mean I'm a troll

Just because my opinion on something is not positive, happy, glowy doesn't make me a troll.

 

The reality:

I've been using WHMCS quite a bit longer than most here. Yes, what I said was harsh, but it was also true. If it weren't, then we wouldn't have injection attacks that can be launched against the earliest versions, coming out on a weekly basis now.

 

Unfortunately, my own apps are so embedded into WHMCS, it would take far too long to get into another client. That's not saying it's not been tried, it has. Unfortunately, at this time, there's nothing out there that's a realistic alternative... That does NOT however mean that I have to simply accept this and not continue to push for this spaghetti code to change!

1
Link to comment
Share on other sites
tsiedsma Senior Member

tsiedsma

Posted
Posted
There's this awesome thing called an 'ignore list'. I'd suggest you make use of it, and welcome to it. If all you're going to do is complain about someone else's opinion, yeah, the problem isn't with someone else, it's with you.

 

As far as you calling me a 'troll':

Just because you don't like my opinion doesn't mean I'm a troll

Just because my opinion on something is not positive, happy, glowy doesn't make me a troll.

 

The reality:

I've been using WHMCS quite a bit longer than most here. Yes, what I said was harsh, but it was also true. If it weren't, then we wouldn't have injection attacks that can be launched against the earliest versions, coming out on a weekly basis now.

 

Unfortunately, my own apps are so embedded into WHMCS, it would take far too long to get into another client. That's not saying it's not been tried, it has. Unfortunately, at this time, there's nothing out there that's a realistic alternative... That does NOT however mean that I have to simply accept this and not continue to push for this spaghetti code to change!

 

Quoting since there isn't a like button. This mess is ridiculous. The use of the mysql_ functions, the creation of their own Register Globals is absurd. WHMCS needs a ground up rewrite. I vote that 5.3.2 is a major bug fix that cleans up the code to allow them 6 months or so to do a complete rewrite with the help of cPanel who knows a thing or two about security.

 

Also, hello fellow Iowa user!

1
Link to comment
Share on other sites
gPowerHost Junior Member

gPowerHost

Posted
Posted

I really want to like WHMCS. But from the code snippets I've seen, being a programmer for 36 years, I'm horrified. I hope the put every new feature on hold. I hope they dig deep in their pockets and have the guts to seriously examine their practices and get some help. Focus every ounce of resource they can muster on reviewing, auditing and rewriting.

 

Obviously someone has it out for them. Too bad for us, the customers that have our data compromised and business on high alert. But I have no sympathy for WHMCS, they wrote the code, they should have had the guts to do serious self examination a long time ago. Because blaming hackers is just an excuse. We all have businesses that involve hackers and poorly written code. Having to help our customers steer away from poorly developed or maintained modules or scripts is a daily thing. Thankfully, we have good firewalls and rules to stop most of this stuff, but it is only a matter of time. Please, please, please take this seriously and only look inward for blame. Because until you come clean with yourselves, you aren't going to have a hope.

 

I hope you make it. I hope you hear our pleas and take our businesses seriously.

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept