Takito Posted August 11, 2022 Share Posted August 11, 2022 (edited) Hello, Recently I've upgraded from WHMCS 7.9.2 to 8.5.1 (yes, I know, it's been a while) and now I noticed that when the client is submitting the ticket(probably not logged in) WHMCS doesn't assign it to the client, instead showing as GUEST while the email is exactly the same as existing client has. I haven't changed anything after upgrading and can't find the reason behind that. Maybe I have missed something. Any help is appreciated. Thank you Edited August 11, 2022 by Takito 0 Quote Link to comment Share on other sites More sharing options...
pRieStaKos Posted August 13, 2022 Share Posted August 13, 2022 Is the email registered to a client or a user for a client ?? 0 Quote Link to comment Share on other sites More sharing options...
leemahoney3 Posted August 13, 2022 Share Posted August 13, 2022 Do you allow people open support tickets without being logged in? Likely that's what's happening. 0 Quote Link to comment Share on other sites More sharing options...
bear Posted August 13, 2022 Share Posted August 13, 2022 8 minutes ago, leemahoney3 said: Do you allow people open support tickets without being logged in? Likely that's what's happening. We do, and if an email matches it associates them with the account. Not on the most recent version of WHMCS, so maybe that's changed recently. 0 Quote Link to comment Share on other sites More sharing options...
leemahoney3 Posted August 13, 2022 Share Posted August 13, 2022 I don't think its just you, happens in our place also. If the client doesn't sign in and just inputs their email, the system treats them as a guest as anyone really can type in an email and try impersonate a client. 0 Quote Link to comment Share on other sites More sharing options...
bear Posted August 13, 2022 Share Posted August 13, 2022 1 hour ago, leemahoney3 said: I don't think its just you, happens in our place also. If the client doesn't sign in and just inputs their email, the system treats them as a guest as anyone really can type in an email and try impersonate a client. To what end? They won't see responses and can't do any mischief as a result of "spoofing" a ticket. 0 Quote Link to comment Share on other sites More sharing options...
leemahoney3 Posted August 13, 2022 Share Posted August 13, 2022 1 hour ago, bear said: To what end? They won't see responses and can't do any mischief as a result of "spoofing" a ticket. They can view the ticket after opening it, if they had opened the ticket asking for account information for example and a support agent replies, they would see it. They could also potentially request a change on the clients account, e.g. cancel a service etc.. 0 Quote Link to comment Share on other sites More sharing options...
bear Posted August 13, 2022 Share Posted August 13, 2022 (edited) 2 hours ago, leemahoney3 said: They can view the ticket after opening it How? The link, if any, is sent in the email response, to an email account they can't access. I'm guessing we're talking about two different things here. I've been referring to tickets opened via email. Edited August 13, 2022 by bear 0 Quote Link to comment Share on other sites More sharing options...
leemahoney3 Posted August 13, 2022 Share Posted August 13, 2022 Ah, I meant if they open it from the client area by accessing the submitticket.php page directly when not logged in. If its happening to tickets that are opened via email, then I have no clue and that does not sound like normal behavior. 0 Quote Link to comment Share on other sites More sharing options...
Takito Posted August 15, 2022 Author Share Posted August 15, 2022 On 8/14/2022 at 12:10 AM, leemahoney3 said: Ah, I meant if they open it from the client area by accessing the submitticket.php page directly when not logged in. I was referring to this also, but your case scenario is very rare I believe. Also, this can be fixed by a support pin or just another email for double confirmation if it is something critical requested. Quote If its happening to tickets that are opened via email, then I have no clue and that does not sound like normal behavior. Actually, I don't know how that ticket was opened through a website or email. 0 Quote Link to comment Share on other sites More sharing options...
Takito Posted August 15, 2022 Author Share Posted August 15, 2022 On 8/13/2022 at 12:45 PM, pRieStaKos said: Is the email registered to a client or a user for a client ?? client 0 Quote Link to comment Share on other sites More sharing options...
WHMCS Support Manager WHMCS John Posted August 15, 2022 WHMCS Support Manager Share Posted August 15, 2022 2 hours ago, Takito said: Actually, I don't know how that ticket was opened through a website or email. If the ticket was opened via the contact form, there will be an IP address at the bottom of the first message. If a message was imported from an email, you'd also see an entry in the Configuration > System Logs > Ticket Mail Import Log. 0 Quote Link to comment Share on other sites More sharing options...
Takito Posted August 15, 2022 Author Share Posted August 15, 2022 4 minutes ago, WHMCS John said: If the ticket was opened via the contact form whilst unauthenticated, there will be an IP address at the bottom of the first message. If a message was imported from an email, you'd also see an entry in the Configuration > System Logs > Ticket Mail Import Log. Right, thank you. It has an IP, so it was opened whilst unauthenticated. Can you please tell us whether the logic has changed or this is some kind of bug? And if there are any workaround? Thank you 0 Quote Link to comment Share on other sites More sharing options...
WHMCS Support Manager WHMCS John Posted August 15, 2022 WHMCS Support Manager Share Posted August 15, 2022 Hi @Takito, I can confirm this is the intended behaviour and always has been, for the reasons leemahoney3 explained. Once you've confirmed the request genuinely comes from the customer, staff can assign it to the Client Account via the Options tab. 0 Quote Link to comment Share on other sites More sharing options...
Takito Posted August 15, 2022 Author Share Posted August 15, 2022 5 minutes ago, WHMCS John said: Hi @Takito, I can confirm this is the intended behaviour and always has been, for the reasons leemahoney3 explained. Once you've confirmed the request genuinely comes from the customer, staff can assign it to the Client Account via the Options tab. I see.... But that wasn't the case in v7... Another question is whether the support staff and\or owners know how that new behaviour works? At first I thought it's some sort of bug and assigned tickets manually without knowing that the ticket was opened without authentication(how would I know that?). Also, how would I know that the email used to open a ticket is a client of mine? Now I need to check every unauthenticated ticket's email o_O. I assume there are a lot of people who don't bother and just assign tickets to the correct client and don't even know how it works. I don't like this behaviour, unnecessary work on my end. WHMCS could add some tip showing that the client with exact email exist and a little explanation at least. Any workaround to make it work like v7? 0 Quote Link to comment Share on other sites More sharing options...
WHMCS Support Manager WHMCS John Posted August 15, 2022 WHMCS Support Manager Share Posted August 15, 2022 Hi @Takito, I can confirm WHMCS has always operated this way. In v8.0 we added the labels like "Guest" to make this more obvious. A note if a matching account was found sounds like it could be a nice addition in future, we welcome feature requests online at http://requests.whmcs.com Feel free to suggest this as a new idea for comment and voting upon by other WHMCS users. The more votes an idea receives, the more likely it is to be considered by our development team for potential inclusion in a future feature update. -1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.