Client Account Login Notification Hook

[brian!]

16 hours ago, Vittor said:

in mine it worked by changing $values["id"]=$primaryid; for $values["id"]=$userid;

absolutely - sorry for that.... I was asked by someone to make a version where it only sent an email when a contact (subaccount) logged in, and to identify which subaccount it was - I was copy & pasting from two different versions and didn't notice that last line. 🙄

$datenow = date('Y-m-d H:i:s');
$date = fromMySQLDate($datenow,true,true);
$command = "sendemail";
$values["customtype"] = "general";
$values["customsubject"] = "Account Login from $hostname";
$values["custommessage"] = "<p>Hello $firstname $lastname,<p>Your account was successfully accessed by a remote user at $date. If this was not you, please do contact us immediately<p>IP Address: $ip<br/>Hostname: $hostname<br />$signature";
$values["id"] = $userid;

[twhiting9275]

On 4/7/2020 at 10:45 AM, Vittor said:

in mine it worked by changing $values["id"]=$primaryid; for $values["id"]=$userid;

Yeah, that was likely just a goof on Brian's part. Primaryid isn't used in this hook, userid is

[HostyFly]

can i add location on hook 

[twhiting9275]

It's possible to add location, with the geoip module installed. You'll need to do quite a bit of legwork to get this updated though

Take a look at the geoip examples on the PHP website and go from there.

 

[Hardik Joshi]

hey @brian! is the thing is possible

when we login community then will receive an login email i the mail we got the browser or location details then is it possible to get same thing in this hook

[brian!]

On 11/04/2020 at 07:33, HostyFly said:

can i add location on hook 

location in which sense? you need to know where they "appear" to be from, e.g as Tom suggested by using geoip solutions, or because you know the user will be logged in, the location associated with their account ??

3 hours ago, hardikjoshi said:

is the thing is possible

most things are possible...

3 hours ago, hardikjoshi said:

when we login community then will receive an login email i the mail we got the browser or location details then is it possible to get same thing in this hook

the estimated location is as Tom describes and that needs geoip solutions and as your screenshot says, the information it returns might not be accurate or even vaguely correct.

the device and browser details can be obtained in a number of ways - simplest being by using http_user_agent, but there are php alternatives including get_browser - but as with geoip, the important thing to remember is that any of these results can be easily faked too... so what the script is returning may or may not be accurate.

[Vittor]

?Hello!  Does anyone know if it is possible to have a link in the email sent to the customer, so as not to receive login alerts?

[Vittor]

Olá, alguém sabe se e possível ter um campo personalizado para quando o cliente fazer o seu cadastro, tiver a seguinte opção:

 

Exemplo:

Notificações de login

Permitir notificações de login?

(    ) SIM

(    ) NÃO

 

Ou algo do tipo? 

Obrigado

[Vittor]

Hello, does anyone know if it is possible to have a custom field for when the customer makes their registration, have the following option:

 

 Example:

 Login notifications

 Allow login notifications?

 ( ) YES

 ( ) NOT

 

 Or something like that?

 Thank you

[brian!]

I would have thought that you have two options...

1. use a dropdown in the custom field, and in the select options field, have "Yes" and "No" as options (Yes, No)
2. use a tickbox - ticking will mean yes, unticked means no.

using the tickbox method would be the default one for this issue I think.

[Vittor]

1 hour ago, brian! said:

I would have thought that you have two options...

1. use a dropdown in the custom field, and in the select options field, have "Yes" and "No" as options (Yes, No)
2. use a tickbox - ticking will mean yes, unticked means no.

using the tickbox method would be the default one for this issue I think.

Could you send the modified hook code with this option?  I don't know about WHMCS codes

[twhiting9275]

On 5/15/2020 at 9:52 PM, Vittor said:

?Hello!  Does anyone know if it is possible to have a link in the email sent to the customer, so as not to receive login alerts?

Is this possible? Yes.

Is this going to be distributed for free? Likely not so much.

Why? This is much more than should be required, or asked of a free addon.

This hook is damn near 4 years old now , and has been modified quite a bit over those four years to keep up with WHMCS and changes. As far as custom additions go? Well, again, this is a free hook.

I will say that what you've asked for is being put into an update for a commercial module that I've put together. Can't say when, and it certainly won't be part of this (freely distributed), because, this is too much to ask from a simple (free) hook.

It sounds like you need to either play around with the hook yourself, or find someone to convert it into a module for you 🙂 . Relying on community to support your custom addons constantly, not really the way to go.

The dev documentation , while lacking in a lot of ways, is there to help you get started with what you've asked. Play around in there a bit.

Edited May 29, 2020 by twhiting9275

[brian!]

18 hours ago, Vittor said:

Could you send the modified hook code with this option?

i'd like to, but I would agree with Tom on this - i've been paid by other users to customise this hook for their purposes and it makes no sense to charge them, but then to share similar code for free... possibly if it was a minor tweak to the existing hook, but I don't like treading on (future) commercial projects of other developers (perhaps with 1 exception lol).

technically, what you want to do isn't difficult - it would just require a CCF being created, a query in the hook to get the CCF value for the user and then use that value to determine whether to send the login or not... the user can tick/untick the CCF in the client area to determine if they want to receive notification or not - it would require additional coding if you wanted to add a link to the email that toggles the notification setting, but I wouldn't consider that necessary.

[Hein]

This doesn't seem to work with v7.10.2 anymore .. Or have I done something wrong? 😉

Edited September 5, 2020 by Hein

[brian!]

1 minute ago, Hein said:

This doesn't seem to work with v7.10.2 anymore .. Or have I done something wrong? 😉

i'd be amazed in v7.10.2 has broken it - which version of the hook are you using from this thread ?

[Hein]

Dear Brian, as far as I can tell, the very latest version. It worked before we upgraded and now gets notified as php 7.3 incompatible/doubtful (so can't use it whilst WHCMS is trying to sort one of many issue)

[brian!]

40 minutes ago, Hein said:

Dear Brian, as far as I can tell, the very latest version. It worked before we upgraded and now gets notified as php 7.3 incompatible/doubtful (so can't use it whilst WHCMS is trying to sort one of many issue)

using Tom's first post, and removing the need for $adminuser, the hook works fine in PHP7.3

[twhiting9275]

just double checked this myself. Running php 7.3.20 and WHMCS 7.10. No issues here

[Kevin K]

Can anyone confirm if this is working for V8.0.4?  Since upgrading to V8.0.4 it seems the emails are no longer being sent out.

[brian!]

9 minutes ago, Kevin K said:

Can anyone confirm if this is working for V8.0.4?  Since upgrading to V8.0.4 it seems the emails are no longer being sent out.

as written, it won't work on v8 because the ClientLogin hook point was removed and replaced with UserLogin... you could try just changing the reference of ClientLogin to UserLogin and see if it works (i've not tested doing that).

[Kevin K]

13 minutes ago, brian! said:

as written, it won't work on v8 because the ClientLogin hook point was removed and replaced with UserLogin... you could try just changing the reference of ClientLogin to UserLogin and see if it works (i've not tested doing that).

Ya I tried that and no luck....🙁

[brian!]

in v8.0.4, i've quickly updated it to work with users that are owners... not sure if works on users that are not..

<?php

use WHMCS\Database\Capsule;

function hook_client_login_notify($vars)
{
$user = $vars['user'];
$userid = $user->id;

send_login_notify($userid);
}

function send_login_notify($userid)
{
$ip = $_SERVER['REMOTE_ADDR'] ;
$hostname = gethostbyaddr($ip);
$userinfo = Capsule::table('tblusers')->select('first_name', 'last_name')->WHERE('id', $userid)->get();
//greet them
foreach ($userinfo as $userrow)
{
	$firstname = $userrow->first_name;
	$lastname = $userrow->last_name;
}
$command = "sendemail";
$values["customtype"] = "general";
$values["customsubject"] = "Account Login from $hostname";
$values["custommessage"] = "<p>Hello $firstname $lastname,<p>Your account was recently successfully accessed by a remote user. If this was not you, please do contact us immediately<p>IP Address: $ip<br/>Hostname: $hostname<br />";
$values["id"] = $userid;

$results = localAPI($command, $values);
}

add_hook('UserLogin', 1, 'hook_client_login_notify');

[Kevin K]

6 minutes ago, brian! said:

in v8.0.4, i've quickly updated it to work with users that are owners... not sure if works on users that are not..

<?php

use WHMCS\Database\Capsule;

function hook_client_login_notify($vars)
{
$user = $vars['user'];
$userid = $user->id;

send_login_notify($userid);
}

function send_login_notify($userid)
{
$ip = $_SERVER['REMOTE_ADDR'] ;
$hostname = gethostbyaddr($ip);
$userinfo = Capsule::table('tblusers')->select('first_name', 'last_name')->WHERE('id', $userid)->get();
//greet them
foreach ($userinfo as $userrow)
{
	$firstname = $userrow->first_name;
	$lastname = $userrow->last_name;
}
$command = "sendemail";
$values["customtype"] = "general";
$values["customsubject"] = "Account Login from $hostname";
$values["custommessage"] = "<p>Hello $firstname $lastname,<p>Your account was recently successfully accessed by a remote user. If this was not you, please do contact us immediately<p>IP Address: $ip<br/>Hostname: $hostname<br />";
$values["id"] = $userid;

$results = localAPI($command, $values);
}

add_hook('UserLogin', 1, 'hook_client_login_notify');

Thanks a ton, it is now working again, 🙂

[twhiting9275]

On 11/10/2020 at 11:01 AM, brian! said:

in v8.0.4, i've quickly updated it to work with users that are owners... not sure if works on users that are not..

Sorry, I've been out and about. Took a few weeks (yay) out to enjoy friends, family and history. 

I haven't spent a ton of time analyzing the user database changes, but this code snippet will only work up to a point. After that, it may use incorrect values (again, based on my very brief analysis of the tables).
It looks like tblusers and tblclients are being used , clients for 'owners' as it were, users for everyone (owners and contacts).

When a 'contact' is added, it's thrown into tblusers. This is where the $userid is coming from. 

When an email is sent, it's coming from tblclients. 

Thusly, the $userid may not exist.

I'm in the process of upgrading this for a v6-v8 version. Hope to get something out this afternoon, but it'll take some testing to see. Until then (again, based on my very preliminary analysis), I would not recommend using this

 

-Tom

Edited December 2, 2020 by twhiting9275
further study:)

[twhiting9275]

Updated version, tested and good to go, right here. This will work with versions 6 through 8
This will not notify contacts (sub accounts, etc) on login, because SendEmail does not like tblusers any longer. I'll look into a better approach , perhaps, over time. Or, maybe WHMCS can change that API call. not sure there though, honestly
This will not notify the admins if a sub account logs in to their account. Why? Who's to say that sub account only belongs to them, so, I'm not going to add that. Maybe I'll look into something a bit more complicated there, but for now, this will do
This will not notify the user if an admin logs into the person's account. in fact, if admin session exists, it's not going to go anywhere at all, deliberately

 

<?php

/*
Client area login notifications for WHMCS (works with versions 6-8)
Created by whmcsguru
Contributions by brian!
*/

use WHMCS\Database\Capsule;
$myver = get_whmcs_version();
$isadmin = $_SESSION['adminid'];
if (!empty($isadmin))
{
	//go no farther, get out of here.. No login notifications necessary
	return;

}

function hook_client_login_notify($vars)
{
	global $myver;
	$myver = get_whmcs_version();
	if ($myver < 8)
	{
		$userid = $vars['userid'];
		send_login_notify($userid);
	}
	if ($myver >= 8)
	{
		$user = $vars['user'];
		$userid = $user->id;
		//a few paths we can take from here, handle it
		//are we a client, or contact?
	 $real_owner_id = Capsule::table('tblusers_clients')
	 ->where('auth_user_id', '=', $userid)
	 ->where('owner', '=', 1)
	 ->value('client_id');
	 if ($real_owner_id > 0)
	 {
	 	send_login_notify($real_owner_id);
	 	//nothing more to see here
	 	return;
	 }
	}



}


function send_login_notify($userid)
{
	$ip = $_SERVER['REMOTE_ADDR'] ;
	$hostname = gethostbyaddr($ip);
	$userinfo = Capsule::table('tblusers')->select('first_name', 'last_name')->WHERE('id', $userid)->get();
	//greet them
	foreach ($userinfo as $userrow)
	{
		$firstname = $userrow->first_name;
		$lastname = $userrow->last_name;
	}
	
	$command = "sendemail";
	$values["customtype"] = "general";
	$values["customsubject"] = "Account Login from $hostname";
	$values["custommessage"] = "<p>Hello $firstname $lastname,<p>Your account was recently successfully accessed by a remote user. If this was not you, please do contact us immediately<p>IP Address: $ip<br/>Hostname: $hostname<br />";
	$values["id"] = $userid;

	$results = localAPI($command, $values);
}
function get_whmcs_version()
{
	$theversion = Capsule::table('tblconfiguration')->where('setting', '=', 'Version')->value('value');
	$retver = substr($theversion, 0,1);

	return ($retver);

}
if ($myver < 8)
{
	add_hook('ClientLogin', 1, 'hook_client_login_notify');
}
if ($myver >= 8)

{
	add_hook('UserLogin', 1, 'hook_client_login_notify');
}