Detect Logged In User Outside WHMCS

[WisTex]

In a PHP script, is there a way to detect whether a user is logged into WHMCS (and which UserID is logged in)?

Situation / Criteria:

1. The PHP script is located on the same domain and hosting account as WHMCS.
2. The PHP script does not use WHMCS templates.
3. The PHP script is not a WHMCS module.
4. The PHP script is not located in the WHMCS root directory.
5. The following variables would need to be defined:
   • $loggedin (true/false)
   • $userid (from WHMCS database)

I looked through the API docs and I do not see a simple way to detect whether someone is already logged in. 

I am not looking for a way to make them login twice, once at WHMCS and once in the script. The PHP script needs to detect whether they logged into WHMCS, and the script will send them to the WHMCS login page if not logged in. WHMCS basically handles the login for the PHP script.

Is it possible to do this, preferably with some include file I can put at the top of the PHP pages?

[WisTex]

Found the solution.

The sample code provided by WHMCS assumes you want to use the WHMCS templating system. But if you do not want to use WHMCS's templating system and output your PHP code directly, then you have to take a different approach.

First, you create a file in WHMCS's root directory that accesses WHMCS's session and sets variables:

getuserid.php

<?php
// gets session variables from WHMCS

require("init.php");

$ca = new WHMCS_ClientArea();

// sets userid for the logged in user. Is set to 0 if no one is logged in.
$userid = $ca->getUserID() ;
 
// sets loggedin to true if logged in, and false if not logged in.
If ($userid > 0) { $loggedin = true; }
else { $loggedin = false; }
 
// if you want to test if it is working, uncomment this line.
// echo "User ID = " . $userid;

// if you want to test whether $loggedin variable is set, uncomment these 2 lines. 
// if ($loggedin) { echo "Logged in"; }
// else { echo "Not logged in"; }
?>

You can then include this in any PHP file you want anywhere in the file system. So if you want to put your custom code or third-party script in a subdirectory, you can.

You would include the following code and then use the variable as needed.

any.php

<?php
// use this if your file is in the same directory. 
require("getuserid.php");

// use this instead if your file is in a subdirectory. 
// require("../getuserid.php");
 
// test to make sure it is working. 
echo $userid;
 
// use if then logic to determine what to show.
if ($loggedin) { 
    
    /* insert code for logged in users here */ 
    
}
else { 
    
    /* insert code for everyone else here */ 
    
}
?>

Modify as needed, obviously. 

I hope that helps.

[bear]

1 hour ago, WisTex said:

// use this if your file is in the same directory. require("getuserid.php");

// use this instead if your file is in a subdirectory. 
// require("../getuserid.php");

That path will be wrong unless the "external" file is in or a sub of WHMCS' directory. It needs the path to the file, which if it's being called from *outside* of the WHMCS directory would be more like "require('whmcs/getuserid.php');" if on the same level as WHMCS' directory, but not in it.

Edited December 12, 2018 by bear

[WisTex]

On 12/12/2018 at 6:48 AM, bear said:

That path will be wrong unless the "external" file is in or a sub of WHMCS' directory. It needs the path to the file, which if it's being called from *outside* of the WHMCS directory would be more like "require('whmcs/getuserid.php');" if on the same level as WHMCS' directory, but not in it.

Good point.

I was thinking of "outside" as being "not in the WHMCS root directory" because the documentation on how to make pages clearly states that using the example code outside of the root directory is not supported. So a more accurate statement would have been that this is a way to create pages outside of the root directory.

Edited December 13, 2018 by WisTex

[WisTex]

Since I can't edit the previous post, I'd like to clarify that:

• This is a way to create pages that can access the WHCMS login state outside of the WHMCS root directory.

Not sure if my usage of "root" in the last sentence was clear that I meant the WHMCS root, and not necessarily the root of your website.

[Metahuman Network]

Anyone have this working with 8.x? I tried with all prior versions of 7.x as well with no luck.

When calling the file from within the WHMCS directory, all is fine. When calling from outside, the result is always 0.

 

Thanks!

[steven99]

The auto loaders probably can't handle being outside the WHMCS root.

Not 100% sure, but $_SESSION might be shared among them and if so, could check that for clientdetails and such.

[WisTex]

It did stop working a couple of updates ago. Before, having getuserid.php in the root directory, and then including it in any PHP file outside of the root directory would work. But something broke it in a recent WHMCS update.

[brian!]

because of the change to users/clients etc, I suspect $ca->getUserID() likely got deprecated... there would be alternate ways to identify a user in v8+ if you have to go down that road... they will have been discussed in other threads here.