Jump to content

eNom Extended

n2972s

By n2972s
in Third Party Add-ons

 Share

Recommended Posts

JstHost Junior Member

JstHost

Posted
Posted
Download a WHMCS trial, set it up locally, turn on a packet sniffer and run through each page of the script. That should let you know if it's sending him any info.

 

The information doesn't have to be sent to you for you to access it :) There are other ways and means.

 

I'm not saying that you are stealing information or anything like that, but I'm not going to take the risk. When it comes to security, it needs to be top notch, and when adding stuff like this from users without a big reputation, it could become an issue.

0
Link to comment
Share on other sites
  • Replies 373
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

herpherp Senior Member

herpherp

Posted
Posted

 

If you believe it is all just eNom API commands and no work went into putting this together you are free to code this up yourself.

 

My apologies, that probably came out wrong, I wasn't trying to degrade your work... I fully understand you probably spent quite a bit of time on it...

 

I would personally want to be able to utilize it but the risk out weighs the value is all...

 

It seems to be a great piece of work and I fully understand that you want to encode it so that you can sell it at a later point and wish you nothing but success in doing so.

 

I'm sure(but obviously can't be positive) you have no ill intentions and everything is probably on the up and up but there could also be something insecure that you are unaware of...

 

My apologies again if I seem to be trying to discourage anyone from utilizing your script, I was just providing some feedback, it would actually be a benefit to me if you were to inject a few things into our competition :-)

0
Link to comment
Share on other sites
merlinpa1969 Senior Member

merlinpa1969

Posted
Posted

Question, your using whmcs correct?

these files are encoded. I realize that whmcs has a rep but they didnt start that way....

it started just like this mod one line at a time......

 

you need to think about all the programs that you use

which ones actually affect customer information,

how many of them are encoded.......

0
Link to comment
Share on other sites
herpherp Senior Member

herpherp

Posted
Posted
Question, your using whmcs correct?

these files are encoded. I realize that whmcs has a rep but they didnt start that way....

it started just like this mod one line at a time......

 

you need to think about all the programs that you use

which ones actually affect customer information,

how many of them are encoded.......

 

In the case of whmcs the value out weighs the risk :-)

0
Link to comment
Share on other sites
othellotech Senior Member

othellotech

Posted
Posted

I'm willing to load this up on one of our test setups to see what the module has that our own enom enhancements are missing, but sadly it'll never get near the live setup until I've seen the code for myself, our billing system is just too important to risk both potential security and potential database integrity

0
Link to comment
Share on other sites
n2972s Member

n2972s

Posted
  • Author
Posted
I'm willing to load this up on one of our test setups to see what the module has that our own enom enhancements are missing, but sadly it'll never get near the live setup until I've seen the code for myself, our billing system is just too important to risk both potential security and potential database integrity

 

I would appreciate any feedback you can provide test environment or otherwise.

 

why do you have it set to show the enom password in plain text?

 

I meant to make that a hidden field. It will be fixed and encrypted on the next go around.

 

Thank you for the feedback.

0
Link to comment
Share on other sites
n2972s Member

n2972s

Posted
  • Author
Posted
I can tell you that for someone that deals with ALOT of domain name transfers this is seriously kool

 

I agree with you I have always wanted this functionality, it is always such a pain to have to manually notify the client that the transfer failed or completed etc. etc.

 

Please if you see anything wrong please let me know. I am running this live with my customers now and I am finding it quite useful.

0
Link to comment
Share on other sites
zigzam Senior Member

zigzam

Posted
Posted

Just something minor here. Could you make the SSL certificate and CSR boxes a little larger so the entire output shows. Also could you include the -----BEGIN CERTIFICATE----- and -----BEGIN CERTIFICATE REQUEST----- and the endings -----END CERTIFICATE----- and -----END CERTIFICATE REQUEST-----

 

Otherwise they need to be added manually each time you want to install.

 

Im not sure if this is possible, but could the certificates also be configured from that page?

0
Link to comment
Share on other sites
fetish-hosting Member

fetish-hosting

Posted
Posted
I meant to make that a hidden field. It will be fixed and encrypted on the next go around.

 

Thank you for the feedback.

 

Hi

 

I realise that you have only just released a version of this but do you have any idea when this next version will be released. If it is going to be a few days then I will wait but if we are talking about weeks or months then I'll install and upgrade

 

Thanks

Ian

0
Link to comment
Share on other sites
n2972s Member

n2972s

Posted
  • Author
Posted
Hi

 

I realise that you have only just released a version of this but do you have any idea when this next version will be released. If it is going to be a few days then I will wait but if we are talking about weeks or months then I'll install and upgrade

 

Thanks

Ian

 

I am going to put out another set of files this evening with bug fixes of things reported to date, client side SSL certificates, and some security enhancements since that seems to be the topic of the day.

 

That will probably be it for a few weeks.

0
Link to comment
Share on other sites
n2972s Member

n2972s

Posted
  • Author
Posted

BETA 0.2 - Download - Instructions

 

If there are any problems please post them here or PM me, I am aware of the active domain / expired domain swap for a few people and am working to resolve that issue.

 

  • Prevent a change in domain status email to client when there is a failure in communication with eNom.
  • Prevent access to files via browser unless you are in WHMCS.
  • Added the ability to provide the client with their SSL Certificate
  • Added the ability to provide the client with their Transfer Status
  • Added the ability to turn off Curl Verification of SSL
  • eNom username and password are now encrypted.
  • Removed password in plain text on the config page.
  • OUSTANDING BUG: On homepage and summary box the active domains and expired domains are swapped ( two reports )

0
Link to comment
Share on other sites
n2972s Member

n2972s

Posted
  • Author
Posted
Just something minor here. Could you make the SSL certificate and CSR boxes a little larger so the entire output shows. Also could you include the -----BEGIN CERTIFICATE----- and -----BEGIN CERTIFICATE REQUEST----- and the endings -----END CERTIFICATE----- and -----END CERTIFICATE REQUEST-----

 

Otherwise they need to be added manually each time you want to install.

 

Im not sure if this is possible, but could the certificates also be configured from that page?

 

The problem I am having with making the textarea box larger for the one line cert is that it expands the page too far and is not very nice to look at.

 

I missed the BEGIN and END statements around the one line in 0.1 I put that back in 0.2

 

I do not believe that is possible ( configured ), well I should not say that. I am not sure if that is possible.

 

The only issue that I am seeing after configuring everything is that I am seeing the domains show as expired. Will this change when the Crons run?

 

Completely seperate issue, I recieved your PM and have yet to resolve it. I will be in touch I may need to look at the output from the eNom API to figure out what is going on.

0
Link to comment
Share on other sites
redrat Senior Member

redrat

Posted
Posted

@ n2972s: Thanks for beta 0.2

The problem I am having with making the textarea box larger for the one line cert is that it expands the page too far and is not very nice to look at.
It's fine as it is thanks and I agree with you that 'not nice to look at' sucks. :) Great work so far! ;)
0
Link to comment
Share on other sites
n2972s Member

n2972s

Posted
  • Author
Posted
Ok we have had our first glitch,

Your IP has been logged for not following the rules. Please access this file in the correct manner. xx.xx.xx.xx

 

I thought that may happen to some, contacting you. If anyone else gets this error when trying to use this please send me a PM.

0
Link to comment
Share on other sites
redrat Senior Member

redrat

Posted
Posted

I'm also getting some smarty errors following installing the new files. I now have the following appearing between the 'Quick summary' and 'enom' boxes in a broken admin display:

Warning: Smarty error: file:/clientarea/modules/admin/enom_extended/smarty/admin_homepage.php is not readable in /home/redrat/public_html/clientarea/libs/Smarty.class.php on line 1095

 

Warning: Smarty::include() [function.include]: Failed opening '' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/redrat/public_html/clientarea/libs/Smarty.class.php on line 1925

Also, I have a second issue which might be related although it's hard to understand why; I am getting blank pages for all Knowledgebase category and article links in the Client Area. I'm running 3.8.1.

 

Any help appreciated.

0
Link to comment
Share on other sites
n2972s Member

n2972s

Posted
  • Author
Posted
I'm also getting some smarty errors following installing the new files. I now have the following appearing between the 'Quick summary' and 'enom' boxes in a broken admin display:Also, I have a second issue which might be related although it's hard to understand why; I am getting blank pages for all Knowledgebase category and article links in the Client Area. I'm running 3.8.1.

Any help appreciated.

 

Make sure you upload that admin_homepage.php file in binary and try it again.

 

The second one is unrelated to this module unless you are trying to include the files from this addon in those specific templates for some reason.

0
Link to comment
Share on other sites
redrat Senior Member

redrat

Posted
Posted

Thanks n2972s. I'll try what you suggest. I've solved the second matter which, as you rightly say, is completely unrelated I discover. It was caused by me not fully understanding SE friendly URLs and how to configure that correctly.

 

Thanks again for a very useful mod. ;)

0
Link to comment
Share on other sites
redrat Senior Member

redrat

Posted
Posted

Hey there again. OK, I've tried re-uploading the entire package and also specifically the admin_homepage.php file in binary mode but to no avail. The same errors as I listed above remain. (My FTP client is mostly set to binary btw) I even tried clearing my cache. :?

 

Any help with overcoming this is appreciated.

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept