Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PreventChangesToClientCustomFields.php #43

Open
Heink opened this issue Feb 21, 2022 · 0 comments
Open

PreventChangesToClientCustomFields.php #43

Heink opened this issue Feb 21, 2022 · 0 comments
Assignees
@Kian987
Labels
bug Something isn't working

Comments

@Heink
Copy link

Heink commented Feb 21, 2022
edited

FYI :-)

We upgraded to WHCMS v8.4 and had some issues creating a client from admin side. It would never finish (but sort of create 'most' of the new client anyway. (I can only talk from our environment and yes, we have a 'few' extra addons running but they al seem to play nice together ;-) )

We reached out to the WHCMs and they found out it wasn't actually an issue with whcms (which we expected) but with this script.

Their explanation etc:

Digging into this, I was able to determine that this is being caused by the PreventChangesToClientCustomFields.php hook installed in the /includes/hooks folder due to it using the CustomFieldSave hook point to override the "value" for custom field 21 to a null string, which WHMCS then tries to insert into the tblcustomfieldsvalues database table and triggers that error from MySQL (which doesn't allow null values, only empty or some text, for text type columns):

`<?php

/**

use WHMCS\Database\Capsule;

add_hook('CustomFieldSave', 1, function($vars)
{
$ReadOnlyFields = array('21', '28'); // IDs of Custom Fields that cannot be edited
$DisallowAdmin = false; // true = Even Administrators are not allowed to edit | false = Administrators can freely update Custom Fields

/* Do not edit below */
$IsAdmin = (basename($_SERVER['PHP_SELF']) == 'clientsprofile.php' ? true : false);
$IsNewClient = (in_array(basename($_SERVER['PHP_SELF']), array('register.php', 'cart.php')) ? true : false);

if (in_array($vars['fieldid'], $ReadOnlyFields) AND (($IsAdmin AND $DisallowAdmin) OR (!$IsAdmin)) AND !$IsNewClient)
{
    return array('value' => Capsule::table('tblcustomfieldsvalues')->where(['fieldid' => $vars['fieldid'], 'relid' => $vars['relid']])->first(['value'])->value);
}

});
`

The hook is failing to take into consideration that admins can add clients via the clientsadd.php page for the admin area, and assumes that clients can only be created by the specific registration page on the client area (register.php) or during the order process (cart.php). As such, it runs when an admin tries to create a client via the clientsadd.php page and fails because the query being used to override the value will return a null and cause the above mentioned scenario to occur.

In summary, this issue isn't due to an issue with WHMCS, but rather a poorly coded customisation. The developer will either need to adjust the code to ensure it doesn't run when using clientsadd.php as well, or it will need to be removed from your installation to resolve this.
@Heink Heink added the bug Something isn't working label Feb 21, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Kian987 Kian987

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Heink @Kian987