Static Website or Dynamic? Your choice.

[ChrisTERiS]

If you want to let your clients, and potential clients, to be active in your website, then, go a step ahead and build a dynamic community where they can discuss, ask questions, suggest something, even to let their feedback for your site. This way they'll be sure that all those "What they clients wrote.." in your homepage are real and not fake posts.

I'm happy to announce that I just finished a new module for WHMCS, KiS (Keep it Simple) Community. In a short:

• What I like more on this is the simplicity in use and the nice interface.
• It's a Community module, but not heavy as the community module. As I said I focus to be simple. Your visitors will love to use it.
• It Supports 4 types of posts.
  • Discussions
  • Questions (with Best Answer support)
  • Suggestions (with Up/Down voting)
  • Ratings (Testimonials)
• Does not supports categories but it supports searchable Tags. This makes the module more flexible as each post can have multiple tags.
• Is totally independent from your clients data as it has it's own registration functions.
• You can easily turn On/Off any section that maybe you don't want to use.
• I follow the well known Facebook interface which (even if in person I don't like it), people are familiar with. This means there is no separate page for post, but there is Expand/Collapse function for long tests, and the comments (replies), are exactly the same as in Facebook.
• Powerful Search

In general, these are the current features. In the next version which will release very soon, I'll add:

• SEO Urls. Actually, they exist even in the current version, but I've disabled them as there is a bug with User Profile Modal window.
• Photo Gallery for the main post
• Activity Stream

If you want to give a look on it, you can do it in my dev site:

https://whmcs.teriakis.com/portal.php?do=main&prefixid=4

I've created 3 demo users in case that you want to login:

demouser1 - demopass1

demouser2 - demopass2

demouser3 - demopass3

I wish you the best and keep yourself safe !!

Chris

[yggdrasil]

Wow, that looks really nice !!! I actually did something similar but not using WHMCS but another CMS instead and then bridged the logins with WHMCS. I had the same idea, keep it as simple as possible but your WHMCS integration looks way better.

The design interface looks very friendly and usable. Is the code editable on purchasing your modules?

Edited March 23, 2021 by yggdrasil

[ChrisTERiS]

@yggdrasil Thank you for you kind and supporting words. Yes, last months I changed my mind and started coding simple mods. For years I had the thought that as more features as better, but finally I realized that I was wrong. eg My WHMUp Foro module. Has so many features. Nobody (even me) is using them. I'm talking for use as addon module. If it was a standalone community script, ok, these features are important. But who cares for example,  for "Follow this user" in a WHMCS Module? Nobody.

As for editable code. Another pity story. First of all, 90% of my work (100% for vBulletin addons), was always totally free. I was coding them for hobby and not for living. Now life changed, and I'm coding for living. But again for 4 years and till the end of 2020, I was releasing all my mods with 100% visible source code and without any license check. I was aware that this way most clients should make a 2nd, maybe 3nd, maybe even more installations. But talking honestly, I don't care for it as long as all the extra installations are for their own domains. I found many clients operating more than one webhosting website. So, for me, the multiple installations for own use, was not a problem. Actually, I also did it once with a dating script. So, can't blame anybody for it.

But on December, I seen something that made me really upset. I found people selling my modules. And mostly, I found designers having my mods (especially Legal Agreements) as part of their templates. They don't even spent sometime to change a bit the interface, not even the filename 🙂 . After all I decided to encrypt my code and add license check. But is so boring. I hate myself to spend time for encoding, keeping multiple versions etc etc. So most probably, I'll remove it. I'm not totally sure, but this is what I've in mind. Finally "Smarty" people will be always around. They're part of the world in any field, not only in software piracy. Lazy people who the only that they know is to try to earn some dollars standing on the hard work of someone else.

Again thank you for your comments.

Chris

 

Edited March 23, 2021 by WHMUp

[yggdrasil]

Actually, that community module also looks very nice. I think it's a different type of usage. Some might prefer a full community to build a brand community around its company. I think it's also a great module. I have no idea what I did not found this before. I don't think a lot of people are even aware a full community module exists for WHMCS instead of having to bridge a third party software.

As for the encoding, here is my view:

If you develop modules for something like vbulletin, its more a hobby market, people will abuse some of your licenses. WHMCS is a different type of market in my experience. People that use WHMCS are trying to run a business. A web design company, a hosting company, cloud services. It's usually a person that is selling something to someone else, and usually B2 to B2. That means some are registered businesses, they will not mess around with using pirate software or breaking legal licenses. And even those are just individual business, it would destroy their reputation if they use a pirated WHMCS or modules because gaining trust online is very hard and if they use your module or another one breaking the licenses, today you can't keep things in secret. Everyone would be aware quickly as things spread fast online. By just making a single post here or in a social network. That person would be so ashamed they would buy your module and claim it was a mistake. Hence, piracy actually brings customers for this type of business software.

Speaking of that, you cannot really stop someone really willing to pirate software. It's an impossible task no company could solve. You can slow them down but not stop them. Neither can WHMCS. PHP runs on user's hardware/servers. Ioncube is just obfuscation, it can be broken and someone with energy and intentions will not have a hard time doing it. Now, that person would be somehow experienced with computers and coding, at that point I don't think someone that smart would invest time to break a code vs just paying a small fee because time is probably worth more than what it takes to break the code. And for someone that is actually going to invest that much time into breaking things, that person had never the intention to buy your software in the first place, so you never actually lost a customer as they had no motivation to pay you. In my experience this only affects valid customers that need to make modification or need trust before buying your code.

This is the big part why PHP encoded software is bad in the case of WHMCS or modules...because of the type of market they try to sell.

Like I said most people running WHMCS run a business and probably invested money in their servers and software. The people that actually have the money to pay for the software, are probably going to think 10 times before running encoded code in their servers because their data is very sensitive and if they cannot see the code, they have no idea what the developer is doing.

Is the module getting your customers data and sending them remotely to the developer? Is he getting some analytics on my business? Or worst, what if they added a backdoor that lets them hack into my servers?

At this point you really need to trust the person a lot before running their software. Would you eat a sandwich from a random person that offers you one on the street? Encoding now means that person has to trust you as a developer, either as a person or company depending on how you market your products. This is why so many WHMCS developers fail to sell their modules. Tons of people will just refuse to run code like this on their business servers that run sensitive data, WHMCS runs their whole operations and they will just not risk it with a $10 script they have no idea what is doing or if has security holes. At least serious company would not allow to just run code like that without vetting it first. This is why companies like ModulesGarden now also offer open source versions because they realized companies will not buy their encoded modules. And this is also helping them as does people probably find bugs or security holes and report them back to the developer to be fixed in a future release.

You could offer both versions. Or if you do encode, do it like Blesta, just encode some core files that are for license checking and nothing else. Don't do that WHMCS did and encoded everything they find that is causing so many problems for people with WHMCS that need to integrate their platforms to WHMCS. In fact, if you go to Blesta website, one of the things they promote the most is they are open code because that is the main reason people switched from WHMCS to them. If you are a developer, WHMCS is a nightmare to work because of their heavy encoding of everything. In the past this was better, but with newer releases they started to go extreme with this abusing their ioncube software.

As a side note, will people steal your module? Yes, but think about the following. Those people are not really your target customers. Even a developer that knows how to fix bugs in your module would just pay the renewal fees (assuming they are priced decently) because one hour of coding probably costs more than just paying the module renewal. People pay software upgrades because you are doing a job for them that would otherwise cost them more money. If a module like Modules Garden costs $50 a year in renewal. Even if I have the open source version and I can fix bugs on my own, it's not worth at all to waste time doing it for that small cost. I would rather just pay the small fee and get all the bug fixes and new features, and I also get support if I ever need it.

Even if you have cheap developers, like $10 an hour, even so it would still cost you more money every year to keep a module or software up to date vs just paying the fee to the developer, because that developer is coding for a lot of people, not just one customer, and he knows his code better than anyone. Piracy cannot be stopped if you let people run your software, but you should not care about that much about either, it's not hurting your business. You are not actually losing customers, those script kiddies that refuse to pay don't have the money and when they do, they are probably teenagers or people in Third World countries without enough money, but even those people will pay your module once they have the money. This is why Microsoft does not care about piracy anymore. They realized that it's better to have a market than none, those people are still creating a market around your product, giving you visits, and potentially customers. Its worst if nobody is using your product. This is why Github and open source code is also now that popular. Professional developers don't really care about piracy because they know the market is to build around updates, support and giving something extra. Red Hat is a billion dollar company by offering open source. As a small developer, you probably should encode some part to prevent script kiddies but also offer a fully open code version for more serious companies and businesses.

And someone reselling your module, that is just insulting, and you should just expose them in public. I don't think anyone would be willing to pay someone that does that. I surely would not. If a company is selling stolen software from someone else, I would never dare to give them my payment information as they probably are a fraudster or a crook anyway. Those people don't last long on the Internet. Its very likely they do this for other software as well and reporting them to their hosting companies or just exposing them in public gets them shut down quickly. Those people probably run pirated software on their own computers as well which means its a question of time before they get hacked as they are downloading software from non-trustable sources which is in almost all cases compromised. They also need to accept payments somehow, and they are basically running a criminal enterprise at that point if they are selling your software without your legal authorization. There are tons of way to take those crooks down with just an email reporting their activities.

As a small developer you can't sue them, but you don't need that either. Just expose them and problem solved. Anyone looking for that business online will find them in the search results assuming they are still online after a few months. In my experience people that are willing to cheat rarely last long in business, and on the Internet they last even less.

[brian!]

1 hour ago, yggdrasil said:

That means some are registered businesses, they will not mess around with using pirate software or breaking legal licenses.

and yet my bookmark list of WHMCS users here is full of those happily using nulled licenses - at best, some of them might not know, but most do with their eyes wide open.... sadly, it goes on far more than I think you imagine.

1 hour ago, yggdrasil said:

And someone reselling your module, that is just insulting, and you should just expose them in public.

I doubt Chris would be allowed to here - though he could on his own sites! 🙂

1 hour ago, yggdrasil said:

I don't think anyone would be willing to pay someone that does that.

then those sites wouldn't exist - users are definitely buying from them.

2 hours ago, yggdrasil said:

If a company is selling stolen software from someone else, I would never dare to give them my payment information as they probably are a fraudster or a crook anyway. Those people don't last long on the Internet.

oh they're definitely crooks - no libel worries on that front! 🙂

there are numerous sites out there offering MG, WSA, WGS, themes etc modules at severely discounted pricing (often 75% off) - at best, it's fraud aimed at naive users; at worst, they have access to the files (or have bought and nulled)... theoretically, I can buy 53 MG addons for $400 in total from one of them!

it's one of the reasons why when we get new posters with theme issues, I first try to figure out if they've got a legit license, or if they've bought from one of these places and have little knowledge of how to modify the themes.

2 hours ago, yggdrasil said:

They also need to accept payments somehow, and they are basically running a criminal enterprise at that point if they are selling your software without your legal authorization. There are tons of way to take those crooks down with just an email reporting their activities.

I would assume they are located outside of those avenues, .eg far east etc.... i'm looking at one site now, but they're using Cloudflare, so I can't see where they are actually based.

9 hours ago, WHMUp said:

But on December, I seen something that made me really upset. I found people selling my modules.

oh i've seen many sites selling even the most simple of hooks that i've previously posted here... sad, just sad. 😞

[yggdrasil]

13 minutes ago, brian! said:

and yet my bookmark list of WHMCS users here is full of those happily using nulled licenses - at best, some of them might not know, but most do with their eyes wide open.... sadly, it goes on far more than I think you imagine.

I doubt Chris would be allowed to here - though he could on his own sites! 🙂

then those sites wouldn't exist - users are definitely buying from them.

oh they're definitely crooks - no libel worries on that front! 🙂

there are numerous sites out there offering MG, WSA, WGS, themes etc modules at severely discounted pricing (often 75% off) - at best, it's fraud aimed at naive users; at worst, they have access to the files (or have bought and nulled)... theoretically, I can buy 53 MG addons for $400 in total from one of them!

it's one of the reasons why when we get new posters with theme issues, I first try to figure out if they've got a legit license, or if they've bought from one of these places and have little knowledge of how to modify the themes.

I would assume they are located outside of those avenues, .eg far east etc.... i'm looking at one site now, but they're using Cloudflare, so I can't see where they are actually based.

oh i've seen many sites selling even the most simple of hooks that i've previously posted here... sad, just sad. 😞

Those are probably script kiddies. Who in their right mind would use a cracked software on his server to host customers data? You will notice how sloppy those sites are rather quickly and anyone would spot something is wrong. (or should at least)

They might be in far places on which they feel untouchable by the law, but they still need to accept payments somehow right? Most payment services will make all the ID checks and it's not as easy to recover if they lose that account. If they are selling nulled software, that is basically a violation of every payment service I know. A simple abuse report or email, and they would have their account shut down, and they would not be able to process further sales. If you see those people registering here and asking for help, that also proves my other point, they are generating a market for WHMCS while not being paying customers, in the end they come to the official WHMCS site for help and they might not even get support because they are pirates, hence one more motivation to actually get legalized for them as they find out they cannot find quality help anywhere else. Not even going to mention security bugs or patches. This is the value a software company should create around its products, post sales. Getting a nulled license might be easy, but people find out very fast how useless it is without the further updates, patches and support the second they have an issue.

As for nulled licenses, of course they exist. And this just proves that ioncube will not actually protect piracy as I said, people have no problems cracking the WHMCS license check or just anything else, it happens with games and every software in existence, but you can search multiples studies over the years that this is not actually hurting business, neither music, films or video games. They are multiple investigations done over the years about this. Someone that pirates something either does not have the money or was never willing to pay in the first place. Look at cPanel or Plesk? How many people actually run a production server or sell hosting from a pirated license? I never came across someone...not at least anyone you would be even willing to give $1.

Checking the WHMCS license for a site is one minute away. I don't think any serious person uses a nulled WHMCS license, because they would be exposed and shamed quickly, even on their social network. I'm sure the sites you find are new, or just temporary sites or people that have 1 customer and never actually sold anything to even be noticeable online. They are vacation operations that come and go in a matter of weeks. WHMCS or a module developer should be looking for recurring customers, those that stay in business and will keep paying the upgrades, renewals and support year after year.

If they hide everything, and have no way to be identified, like even just accepting crypto as payment, would you trust someone like that? It would look and smell like a fraud scheme. When people completely hide themselves but ask others for money its usually something illegal. I don't think most people unless they are idiots would open their wallets to someone that gives you no trust in actually delivering anything,  more likely they will just take your money and run away.

Edited March 23, 2021 by yggdrasil

[brian!]

1 minute ago, yggdrasil said:

Those are probably script kiddies. You will notice how sloppy those sites are rather quickly and anyone would spot something is wrong. (or should at least)

oh there are some sites that pretend to be legit, this one i'm looking at is openly saying they're nulled.

6 minutes ago, yggdrasil said:

Most payment services will make all the ID checks and it's not as easy to recover if they lose that account.

8 minutes ago, yggdrasil said:

in the end they come to the official WHMCS site for help and they might not even get support because they are pirates, hence one more motivation to actually get legalized for them as they find out they cannot find quality help anywhere else.

you would be very surprised if you knew what I knew on this... i'll say no more on that (neither here or privately).

10 minutes ago, yggdrasil said:

Getting a nulled license might be easy, but people find out very fast how useless it is without the further updates, patches and support the second they have an issue.

naive.

I can think of one well-known, let's say developer, who I know 110% are selling, and installing, nulled versions of WHMCS... absolute fact... no names (it's not any of the 3 you might be thinking of), no pack drill, but they post on here., and that service includes updates.

11 minutes ago, yggdrasil said:

Checking the WHMCS license for a site is one minute away.

i've seen legitimate sites fail that test, and nulled sites pass it - it's not definitive.

13 minutes ago, yggdrasil said:

I don't think any serious person uses a nulled WHMCS license, because they would be exposed and shamed quickly, even on their social network. I'm sure the sites you find are new, or just temporary sites or people that have 1 customer and never actually sold anything to even be noticeable online. They are vacation operations that come and go in a matter of weeks. WHMCS or a module developer should be looking for recurring customers, those that stay in business and will keep paying the upgrades, renewals and support year after year.

no they're not - most  of them have been around for years.

anyone with a shred of common sense, wouldn't openly admit it when asking a question here or make it easy to find their site.

[yggdrasil]

41 minutes ago, brian! said:

Quote

 

oh there are some sites that pretend to be legit, this one i'm looking at is openly saying they're nulled.

 

But that is what I was saying before. They are accepting PayPal and other payments which means they are not completely anonymous unless they are using stolen accounts. A simple email to their payment providers and gone is their business scheme...Criminals have a hard time getting payment vendors or bank accounts.

Quote

 

you would be very surprised if you knew what I knew on this... i'll say no more on that (neither here or privately).

naive.

 

How do you log into whmcs.com without an account? You would not be able to ask for official support which is included for paying customers.

Quote

I can think of one well-known, let's say developer, who I know 110% are selling, and installing, nulled versions of WHMCS... absolute fact... no names (it's not any of the 3 you might be thinking of), no pack drill, but they post on here., and that service includes updates.

If you are that sure about that, you should not be supporting their illegal operations by not mentioning them. I don't love scammers or people stealing from others. In the end they would just hurt us paying customers as well.

Quote

i've seen legitimate sites fail that test, and nulled sites pass it - it's not definitive.

That is an entire different issue and means there is a bug or some issue with the license checker on WHMCS. I guess they fail because the license checker is actually trying to connect to those domains and they are tampering with the check with a timeout or something similar but that would be a WHMCS issue instead of using its own internal licensed database.

Quote

 

no they're not - most  of them have been around for years.

anyone with a shred of common sense, wouldn't openly admit it when asking a question here or make it easy to find their site.

 

Because maybe WHMCS doesn't really care about them anymore? If they really did, it would take them a week to take them offline. Contacting their server provider, datacenter, payment processors, etc. It takes time sure, but its not as hard or even impossible if you have the legal resources and can prove the illegal actitivies.

Sure, some might be in a criminal safe heaven host, but those are probably already  involved in alot more crimes than just using a nulled WHMCS license like credit card fraud and many other things which are far worse.

 

[bear]

29 minutes ago, yggdrasil said:

If you are that sure about that, you should not be supporting their illegal operations by not mentioning them.

Pretty sure any mentions like that would wind up getting the thread tossed. Can't have accusations here, regardless of how factual they are. 😉
I've reported those with obviously illegal installs and operations in the past, and can't recall a single one that was taken down as a result. Maybe it's just slow, or maybe the pirates are simply a cost of doing business and there's enough honest users that the bottom line is less affected by not pursuing them than to pay legal costs in chasing them down.
Maybe. 

[yggdrasil]

1 hour ago, bear said:

Pretty sure any mentions like that would wind up getting the thread tossed. Can't have accusations here, regardless of how factual they are. 😉
I've reported those with obviously illegal installs and operations in the past, and can't recall a single one that was taken down as a result. Maybe it's just slow, or maybe the pirates are simply a cost of doing business and there's enough honest users that the bottom line is less affected by not pursuing them than to pay legal costs in chasing them down.
Maybe. 

I guess this must one of the reasons maybe WHMCS was so interested in launching their marketplace... Bundle the software more with services they control on their servers to make it less attractive to illegal users as they would require a direct contact and account with WHMCS to use those features.

Not sure how that is working out for them. I personally don't want to be reselling services from another reseller which is what that is, WHMCS buys from X company and then sells it back to its customers which then again sell it back to theirs...so many third parties in the same transaction.... I rather just have a direct relationship with those companies.

[bear]

1 hour ago, yggdrasil said:

I personally don't want to be reselling services from another reseller which is what that is

Absolutely. I've no interest in the marketplace, the various mentions and reminders everywhere in the admin interface and the hoops (and hooks) needed to reduce that. 
I'd feel far better about continuing the relationship with WHMCS without that sort of "forceful addon" methodology (looking at you, SSL checks).

[yggdrasil]

38 minutes ago, bear said:

Absolutely. I've no interest in the marketplace, the various mentions and reminders everywhere in the admin interface and the hoops (and hooks) needed to reduce that. 
I'd feel far better about continuing the relationship with WHMCS without that sort of "forceful addon" methodology (looking at you, SSL checks).

But at least the SSL checks work locally on your server  and doesn't rely on some external service you need to pay. I understand this should have been optional (admin decides if enabled), but I do find the feature useful for domains. As long as you disable it for servers and other products (since it makes no sense on those scenarios) and only keep it enabled for domain names only. I don't sell any SSL from WHMCS, the check works on any domain regardless of the SSL certificate installed.

Sure the function is not rocket science, something very easy to achieve with a few lines of PHP and WHMCS implementation is bad, since it cannot limit the checks by batches or has any function at all to control the load in your server or the checks, but at least they tried to deliver something new on the user side.

[bear]

39 minutes ago, yggdrasil said:

I don't sell any SSL from WHMCS, the check works on any domain regardless of the SSL certificate installed.

Do you allow that in the client interface as well?
Since you're not selling SSL via WHMCS, the red padlock will try to link to /store, and according to WHMCS /cart if marketplace isn't enabled. I'd have been ok with it if it didn't link anywhere (if no SSL was configured), or make it optional where the link goes. Since that's not possible, I've disabled it as best we can. 

[yggdrasil]

1 hour ago, bear said:

Do you allow that in the client interface as well?
Since you're not selling SSL via WHMCS, the red padlock will try to link to /store, and according to WHMCS /cart if marketplace isn't enabled. I'd have been ok with it if it didn't link anywhere (if no SSL was configured), or make it optional where the link goes. Since that's not possible, I've disabled it as best we can. 

Yes of course, on the customer side. Its possible, I changed the links, both for domains that show a valid lock it just goes to their domain management page and for those with an invalid red lock I redirect them to my SSL selling page.

Here:

Redirect SSL lock url - Using WHMCS - WHMCS.Community

Edited March 24, 2021 by yggdrasil

[Magicklug]

I'm planning to create a community website from 0 for my portfolio and learning experience. What should I choose between static and dynamic? Since I just thought it might affect my website performance.

I know the basic difference between static and dynamic which is one is pre-built and the other is rendered from the server-side.

I have experience in react, express, axios, mongodb, and MySQL

Any suggestion?

[bear]

9 hours ago, yggdrasil said:

I changed the links

Helpful link, thanks! Shame they made it so clunky, but at least there's a way to change them for now. 

[yggdrasil]

6 hours ago, Magicklug said:

I'm planning to create a community website from 0 for my portfolio and learning experience. What should I choose between static and dynamic? Since I just thought it might affect my website performance.

I know the basic difference between static and dynamic which is one is pre-built and the other is rendered from the server-side.

I have experience in react, express, axios, mongodb, and MySQL

Any suggestion?

Since it's using the same WHMCS database, yes, it will increase SQL queries and depending on how active they are, it will affect performance. Something people should plan ahead.

[ChrisTERiS]

As a way to bring thread back to topic 😂

Does activity makes any sense to be the homepage of the community module, or is better to let only the sections?

https://whmcs.teriakis.com/portal.php?do=activity

 

[yggdrasil]

4 hours ago, WHMUp said:

As a way to bring thread back to topic 😂

Does activity makes any sense to be the homepage of the community module, or is better to let only the sections?

https://whmcs.teriakis.com/portal.php?do=activity

 

Why not make it a user choice?

Some might have the activities displayed first, some the questions... Should  be easy to implement which tab is loaded as active first.