Jump to content
Sign in to follow this  
wellconnit

Password Reset VIA API

Recommended Posts

Hi All,

Has anyone successfully worked out a way to generate a forgotten password email from the WHMCS API?

 

It's all good to be able to login to the system but if the user has forgotten their password it's pointless getting them to sign into the WHMCS version of the site when you're using the API to make sure they don't hit that site in the first place?

It seems strange that this isn't native to WHMCS already as it aligns with the login process of the normal page?

Any help with this is greatly appreciated..

 

Thanks!

Share this post


Link to post
Share on other sites
1 hour ago, inteldigital said:

Hi @wellconnit,

Maybe this thread will be of interest to you:

Change client's password using API

You should also take a further look at the API documentation:

API - WHMCS Developer Documentation

Hi Intel,

 

That's of no help whatsoever?.

 

What part out of the two posts are going to assist with making a Forgot Password method?

Share this post


Link to post
Share on other sites
10 hours ago, inteldigital said:

Well, I'm assuming:

UpdateClient

You would have to ask someone more knowledgable than I, but I'm assuming you could then send an email to the client email on file with:

SendEmail

Just my two cents.

Yeah you could, however if someone was to type in an email address of someone that had an account it would reset their password without them actually requesting it,

 

The UpdateClient API method will allow you to update a password, but won't let you send a verification email to check that it's actually the owner of the email address that has requested the password reset in the first place, which rules that process out.

 

Unfortunately not a viable solution.

Share this post


Link to post
Share on other sites
7 hours ago, inteldigital said:

Interesting. Maybe @brian! has some answers?

@inteldigital - SendEmail would be the obvious way, but it's coded to prevent sending the password templates - I assume for security reasons...

Quote

The following email templates cannot be sent in this way:

  • Automated Password Reset
  • Password Reset Confirmation
  • Password Reset Validation

to be honest, I don't know the answer to the question.

Share this post


Link to post
Share on other sites
4 minutes ago, brian! said:

@inteldigital - SendEmail would be the obvious way, but it's coded to prevent sending the password templates - I assume for security reasons...

to be honest, I don't know the answer to the question.

I did notice that in the documentation, but I figured they may have been some secret to getting it done. Surely the API is secure enough to send those kinds of emails? I mean, if anything, doing things through the API should be more secure than an physical user logging in and doing it, no?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Similar Content

    • By TheHackRepairGuy
      For a while there I thought the bogus account creation was behind us.
      But in the past few months I've seen a major uptick in bogus European new account creation.
      Some bot out there are mass injecting new accounts nearly constantly. 

      Anyone one else seeing this?

      I see no way to stop it.
      Anyone have recommendations on reducing the number of injected accounts into WHMCS?

      Thanks.
    • By thisismatt
      Hey all
      I have a few clients who don't host either websites or email with me, just using my domain registration services and have me manage their DNS for them. Historically though, they have had one, or both, of their site/email with me, so I need to do some housekeeping!
      I found this post giving one example of how to manage these clients within WHMCS effectively, which would deal with onboarding a new 'DNS only' client and tidy up those existing clients.
      The post though is nearly 6 years old; has anyone else got any other ways to handle this scenario - which is creating a WHMCS account for a client who doesn't need web or email hosting, but their DNS records need to be managed.
      Thanks
      Matt
    • By ramf
      Hi,
      I want to send a ticket reply to the client using API.
      when I use the  AddTicketReply the new replay is added to the ticket - as if the client sent us a reply, But I want to send the reply to the client.
      Can you please advise what is the API command / documentation to send a reply to the client from the ticket (not an email - but with the ticket, it is just like the AddTicketReply is working but from us to the client and not fro, the client to us).
      Thanks!
      Ram
    • By Mathys
      Hello,
      I am having a problem with the "eNom" domain registry.
      Basically I tried to connect with the API everything is functional but when I want to switch to "Test mode" I have this error message: "Bad User name or Password Your changes have not been saved."
      However, I followed the tutorial on this page to put it in Test mode: https://docs.whmcs.com/Enom
       
      Thanks in advance to everyone who will help me

    • By JesusSuarz
      while working with the api I realized that getproducts (https://developers.whmcs.com/api-reference/getproducts/) does not bring up the field to know if the product is active or not.
      I saw someone post a similar idea several years ago: 
       
      so with a little engineer I made my own version of getproducts and uploaded it to /includes/api/
      Request Parameters "GetProductsActive"
      Parameter Type Description Required action string “GetProductsActive” Required pid int string Obtain a specific product id configuration. Can be a list of ids comma separated gid int Retrieve products in a specific group id Optional         Response Parameters
      Parameter Type Description result string The result of the operation: success or error totalresults int The total number of results available startnumber int The starting number for the returned results numreturned int The number of results returned products array An array of products matching the criteria passed I will leave the file called: getproductsactive.php
      however this may throw an api error, you have to give access in the table tblapi_roles in database, in the field: permissions add: ,"getproductsactive": 1 before closing }, This modification is due to WHMCS not showing the files added in includes/api as a role. (I do not know why).
      With this you can get the field: hidden which defines 0 if it is visible and 1 if it is hidden. (true or false also works)
      my code is a copy of includes/api/getproduct.php just add to show the hidden field (, "hidden" => $data["hidden"]), this would have been easier if WHMCS implemented it, it only took me 2 minutes to show this field.
       
      <?php if (!defined("WHMCS")) { exit("This file cannot be accessed directly"); } if (!function_exists("getCustomFields")) { require ROOTDIR . "/includes/customfieldfunctions.php"; } if (!function_exists("getCartConfigOptions")) { require ROOTDIR . "/includes/configoptionsfunctions.php"; } global $currency; $currency = getCurrency(); $pid = $whmcs->get_req_var("pid"); $gid = $whmcs->get_req_var("gid"); $module = $whmcs->get_req_var("module"); $where = array(); if ($pid) { if (is_numeric($pid)) { $where[] = "tblproducts.id=" . (int) $pid; } else { $pids = array(); foreach (explode(",", $pid) as $p) { $p = (int) trim($p); if ($p) { $pids[] = $p; } } if ($pids) { $where[] = "tblproducts.id IN (" . implode(",", $pids) . ")"; } } } if ($gid) { $where[] = "gid=" . (int) $gid; } if ($module && preg_match("/^[a-zA-Z0-9_\\.\\-]*\$/", $module)) { $where[] = "servertype='" . db_escape_string($module) . "'"; } $result = select_query("tblproducts", "tblproducts.*", implode(" AND ", $where), "tblproductgroups`.`order` ASC, `tblproductgroups`.`id` ASC, `tblproducts`.`order` ASC, `tblproducts`.`id", "ASC", "", "tblproductgroups ON tblproducts.gid = tblproductgroups.id"); $apiresults = array("result" => "success", "totalresults" => mysql_num_rows($result)); while ($data = mysql_fetch_array($result)) { $pid = $data["id"]; $productarray = array("pid" => $data["id"], "gid" => $data["gid"], "type" => $data["type"], "name" => $data["name"], "description" => $data["description"], "module" => $data["servertype"], "paytype" => $data["paytype"], "hidden" => $data["hidden"]); if ($language = $whmcs->get_req_var("language")) { $productarray["translated_name"] = WHMCS\Product\Product::getProductName($data["id"], $data["name"], $language); $productarray["translated_description"] = WHMCS\Product\Product::getProductDescription($data["id"], $data["description"], $language); } if ($data["stockcontrol"]) { $productarray["stockcontrol"] = "true"; $productarray["stocklevel"] = $data["qty"]; } $result2 = select_query("tblpricing", "tblcurrencies.code,tblcurrencies.prefix,tblcurrencies.suffix,tblpricing.msetupfee,tblpricing.qsetupfee,tblpricing.ssetupfee,tblpricing.asetupfee,tblpricing.bsetupfee,tblpricing.tsetupfee,tblpricing.monthly,tblpricing.quarterly,tblpricing.semiannually,tblpricing.annually,tblpricing.biennially,tblpricing.triennially", array("type" => "product", "relid" => $pid), "code", "ASC", "", "tblcurrencies ON tblcurrencies.id=tblpricing.currency"); while ($data = mysql_fetch_assoc($result2)) { $code = $data["code"]; unset($data["code"]); $productarray["pricing"][$code] = $data; } $customfieldsdata = array(); $customfields = getCustomFields("product", $pid, "", "", "on"); foreach ($customfields as $field) { $customfieldsdata[] = array("id" => $field["id"], "name" => $field["name"], "description" => $field["description"], "required" => $field["required"]); } $productarray["customfields"]["customfield"] = $customfieldsdata; $configoptiondata = array(); $configurableoptions = getCartConfigOptions($pid, array(), "", "", "", true); foreach ($configurableoptions as $option) { $options = array(); foreach ($option["options"] as $op) { $pricing = array(); $result4 = select_query("tblpricing", "code,msetupfee,qsetupfee,ssetupfee,asetupfee,bsetupfee,tsetupfee,monthly,quarterly,semiannually,annually,biennially,triennially", array("type" => "configoptions", "relid" => $op["id"]), "", "", "", "tblcurrencies ON tblcurrencies.id=tblpricing.currency"); while ($oppricing = mysql_fetch_assoc($result4)) { $currcode = $oppricing["code"]; unset($oppricing["code"]); $pricing[$currcode] = $oppricing; } $options["option"][] = array("id" => $op["id"], "name" => $op["name"], "rawName" => $op["rawName"], "recurring" => $op["recurring"], "required" => $op["required"], "pricing" => $pricing); } $configoptiondata[] = array("id" => $option["id"], "name" => $option["optionname"], "type" => $option["optiontype"], "options" => $options); } $productarray["configoptions"]["configoption"] = $configoptiondata; $apiresults["products"]["product"][] = $productarray; } $responsetype = "xml"; ?> Hope this helps others to show the field they need to show files and hidden products.
       
      getproductsactive.php
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated