irh

Awesome. Could not change the value of the $systemStatus variable, I don't think it is passed by reference, but used {if $systemStatus == 'Active' and $groupname|lower neq 'groupname'} in the custom template, which does what I need. Thanks heaps!!! Where do I send some beer?

Perfect, thank you. This is what I was mising - $service = Menu::context('service');

For specific service group, I need to remove the HTML that is provided by WHMCS cpanel integration: see this screenshot: But I cannot find any way to achieve this. Ideally I want to use hook and avoid modifying the template files. Or alternatively specify my own template file, based on the service group ID. I tried this to specify an alternative template file (even unconditionally) with no luck: add_hook('ClientAreaPageProductDetails', 0, function($vars) { $vars['templatefile'] = 'clientareaproductdetailscms'; }); The template file gets ignored.

I need to alter the sidebar to remove login to cPanel/webmail links for specific product group. I have implemented a custom hook as advised in the documentation, which does this unconditionally: add_hook('ClientAreaPrimarySidebar', 1, function (MenuItem $primarySidebar) { $serviceDetails = $primarySidebar->getChild("Service Details Actions"); if (empty($serviceDetails)) { return; } $service_ids = [33]; $serviceDetailsChildren = $serviceDetails->getChildren(); $keysToUnset = ['Change Password', 'Login to cPanel', 'Login to Webmail']; foreach($serviceDetailsChildren as $key => $service_details_child) { if (in_array($key, $keysToUnset)) { $serviceDetails->removeChild($key); } } }); However, I cannot find a way to determine product/service (or even better - service group) based on the `id` query string. Any help?

My Password and credit card. Enough? Any secure host will have equipment to mitigate DoS and DDoS attacks. Purely WHMCS managers' fault to fail host in proper environment.

Hi, Matt. Have you heard of security teams? Many respectful web application have it (http://drupal.org/security-team). The major work is to ensure your web app is secure (I was shocked when received an email about mysql injection vulnerability reported by an "ethical programmer"). In other words, if the "ethical programmer" would not report it - you wouldn't even know about it. The security team's main responsibilities are to write (and maintain regularly) variety of tests to run them testing vulnerabilities of your web application and modules. Other responsibilities are: provide a means for your clients to report them. At the moment this forum is the only way to communicate with you. I was recently working with Onverify SMS order validation - a user contributed module - and I was ABSOLUTELY HORRIFIED by the code of the module. Inaccurate, impossible to read and written badly, all MySQL queries have no values validation/cleaning assuming they all are clean. I had to rewrite if for our site to ensure MySQL injection is impossible. My guess is lots of community modules are the same. Please update us (the WHMCS community) with the following: 1. Your plans about having a dedicated security team (refer to http://drupal.org/security-team) for best practices. 2. Introducing and maintaining coding standards for community modules. 3. Having central repository (e.g. Git, SVN or similar) for community modules, so we do not download them from "who nows what we are getting". 4. Moderators reviewing yours and the community modules (Onverify is a good example) to comply with coding standards and security team testing the modules. 5. Your plans about secure hosting (e.g. FireHost or alike).