Jump to content
  • 0
mferry

Storing Variable

Question

Folks,

I'm working on my first module with WHMCS.

I'm still getting a feel for file layout and design.   I see where to add options/fields for user input.
Those variables are stored inside WHMCS db.

 

On the new server setup page....  My user is going to enter a username/password and when they click save the system will reach out with that info to our server.
Obtain a API Key and Secret and return it.

This KEY/Secret needs saved to the DB, but not visible to the GUI.

is this possible?     How does the module reference it in the future ?

Share this post


Link to post
Share on other sites

4 answers to this question

Recommended Posts

  • 0

Hi,

I suppose that you're developing an Addon module. You'll probably have something like follows:

<?php

if (!defined("WHMCS"))
	die("This file cannot be accessed directly");

function YourModule_config()
{
	$configarray = array(
		"name" => "Your Module",
	    "description" => "Ping pong",
		"version" => "1.0",
		"author" => "MindYourBusiness Ltd.",
		"fields" => array(
		    "username" => array ("FriendlyName" => "Username", "Type" => "text", "Size" => "25", "Description" => "Your Username", "Default" => ""),
                    "password" => array ("FriendlyName" => "Password", "Type" => "password", "Size" => "25", "Description" => "Your Password", "Default" => ""),
		));
	return $configarray;
}

"Type" => "hidden" is not available therefore you have to use a different approach. As soon as your server provides API Key and Secret, run this query:

INSERT INTO `tbladdonmodules` (`module`, `setting`, `value`) VALUES ('YourModule', 'ApiKey', 'qwerty');
INSERT INTO `tbladdonmodules` (`module`, `setting`, `value`) VALUES ('YourModule', 'Secret', 'asdfgh');

Both values will be stored in the same table used for Username and Password but they will be invisible to customers. Anyway there's a nicer way to do that. What if your customer keeps triggering the "Send me API Key and Secret" to your server? As you can imagine you don't want this to happen:

YourModule	Username	mark
YourModule	Password	black
YourModule	ApiKey		qwerty
YourModule	Secret		asdfgh
YourModule	ApiKey		anotherqwerty
YourModule	Secret		anotherasdfgh
YourModule	ApiKey		anotherqwerty2
YourModule	Secret		anotherasdfgh2
YourModule	ApiKey		anotherqwerty3
YourModule	Secret		anotherasdfgh3

Before you run the INSERT you should run a SELECT to make sure that ApiKey and Secret doesn't exist yet otherwise you need to run UPDATE query. Sadly you can't use ON DUPLICATE KEY UPDATE since this table doesn't have an A_I. It's a bit boring process so here's the workaround:

<?php

function YourModule_activate()
{
	# Create Custom DB Table
        $query = "
        INSERT INTO `tbladdonmodules` (`module`, `setting`) VALUES ('YourModule', 'Username');
        INSERT INTO `tbladdonmodules` (`module`, `setting`) VALUES ('YourModule', 'Password');
        INSERT INTO `tbladdonmodules` (`module`, `setting`) VALUES ('YourModule', 'ApiKey');
        INSERT INTO `tbladdonmodules` (`module`, `setting`) VALUES ('YourModule', 'Secret');";
	$result = full_query($query);
}

Since you already know that you need to store ApiKey and Secret, create both records from the start when customer clicks Activate. This way all you need to do when "Send me API Key and Secret" gets triggered is the following:

UPDATE `tbladdonmodules` SET `value` = 'qwerty' WHERE `module` = 'YourModule' AND `setting` 'ApiKey' LIMIT 1;
UPDATE `tbladdonmodules` SET `value` = 'asdfgh' WHERE `module` = 'YourModule' AND `setting` 'Secret' LIMIT 1;
23 hours ago, mferry said:

How does the module reference it in the future ?

It's very easy:

<?php

function YourModule_output($vars)
{
	echo 'Your Username is ' . $vars['Username'] . ' and your password is ' . $vars['Password'];
  	echo '<hr>';
        echo 'Your APIKey is ' . $vars['ApiKey'] . ' and your Secret is ' . $vars['Secret'];
  	die('Bye');
}

 

Edited by Kian

Share this post


Link to post
Share on other sites
  • 0
On 9/26/2019 at 7:16 AM, mferry said:

This KEY/Secret needs saved to the DB, but not visible to the GUI.

 

Keep in mind that however you store this, it's going to be visible. 
If you store this in the database, it's easily obtainable through any number of editors (or directly through the CLI interface)

On 9/27/2019 at 6:47 AM, Kian said:

$result = full_query($query);

Please don't recommend deprecated functionality (especially to someone just starting out). Capsule is the way going forward. mysql_xxx query stuff is dead and shouldn't be used anywhere. Who knows where that's going in the future (likely removed).
 

Share this post


Link to post
Share on other sites
  • 0
21 minutes ago, twhiting9275 said:

Please don't recommend deprecated functionality (especially to someone just starting out). Capsule is the way going forward. mysql_xxx query stuff is dead and shouldn't be used anywhere. Who knows where that's going in the future (likely removed).

Good point but it is written in documentation 😅 I just copy/pasted the snippet 😛 That page should be updated.

Sadly I didn't notice it the full_query() statement because it means nothing to me. I stopped using the "deprecated way" years before it was deprecated and I don't use Capsule for a lot of good reasons. It was not my intention to recommend anything about DB connection.

Edited by Kian

Share this post


Link to post
Share on other sites
  • 0
4 hours ago, Kian said:

That page should be updated.

There's a LOT about their documentation that needs to be updated. It's sorely lacking, unfortunately

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated