Custom Shopping Cart

[bleomycin]

I am trying to integrate my custom shopping cart with whmcs. I have created a php script which queries the whmcs database and returns a xml file which is then used to propagate a form using javascript.

 

The problem that I am having is that the whmcs cart program is obfuscated with ioncube, so I have no idea what to do with the values collected from the custom form I made. I tried walking through the templated order page using burp but it seems to be stateful (requiring a series of posts and get requests in sequence). The point of my cart is so that we have one single page which will executes all steps of the ordering process.

 

I want to think that I could fill the whmcs db with the order information and whmcs would see the order and execute the add on module to setup the server, but i have a feeling that wont work.

 

Is there any information which could help me integrate my shopping cart such as what is occurring on the back end of whmcs?

[jayward]

Well, there are a couple ways to go about this, since there is no way you are going to get the unencrypted source files.

 

The first is to use some other WHMCS purchase path, like the one page sign up or something and see if you can get tweak the template enough to achieve what you want. It will probably take a bit of tweaking and some cunning to do, but it is probably the easiest method.

 

Then there is always doing a man-in-the-middle type script where your file gathers the info, and posts it to the WHMCS script on the back end. It will be rather annoying to have to parse out the WHMCS response and get any errors that occur, but it is possible.

 

However you are probably going to get the most flexibility by reverse engineering and seeing what include files you will need and what functions therein you need to run in order to simulate the cart page. That sounds like a big pain, but if it's what you want the get_defined_functions and get_included_files functions are going to be invaluable. You can also turn on the general MySQL log (assuming you have access to do so on your server), run through the signup process, and try to figure out how the cart script generates the info being inserted and updated in the DB.

 

Lots of luck, though! Sounds like fun.

[Emerson]

Maybe you can use the API?

 

http://wiki.whmcs.com/API:About

[bleomycin]

Thanks for reply guys. I probably should have looked through the whmcs api first .

 

Just to clarify in the api says to use:

 

$postfields["configoptions"] = base64_encode(serialize(array("1"=>"Google")));

 

for the configoptions in the example line above is the value 1 the id value in the tblproductconfigoptions table?

 

And what is

regperiod = 1,2,3,etc...

[bleomycin]

One more thing. In the example above is the string "Google" the value in optionname in the tblproductconfigoptionssub table?

[RomanV]

ok i spent some time today fighting with that issue.. and also did not found any examples of using config options in api..so posting it here..migh tbe help to other guys

ok wil be short..suppose we have a line

$postfields["configoptions"] = base64_encode(serialize(array("78"=>"221","77"=>"219","76"=>"217")));

here

78 - id from the tblproductconfigoptions table and 221 is id of the value you need of that option form the tblproductconfigoptionssub table where configid=78..

the 77 and 76 defining similar..

hope that will help someone and save the time guessing

Thanks