Hooks Require security question selection if empty

WHMCS Hooks
whmcsguru

whmcsguru

Chief Guru
Staff member
Jan 11, 2018
37
0
8
51
This hook will allow you to require a client to select a security question. Additionally, when a security question is changed, the client will be notified of it via mail (more coming soon).

Save the following code snippet into a php file in includes/hooks/

PHP: 
<?php

//redirect clients to security questions page if they don't have one setup. Nothing else.
//provided by https://www.whmcs.guru
use Illuminate\Database\Capsule\Manager as Capsule;
$isadmin = $_SESSION['adminid'];
function check_client_security($vars)
{

    //are we logged in? If not, then return
    $uid  = $_SESSION['uid'];
    if (empty($uid))
    {
        return;
    }


    $displayTitle = $vars['displayTitle'];
    $securityq = Capsule::table('tblclients')->where('id', '=', $uid)->value('securityqid');
    if (empty($securityq))
    {

        if ($displayTitle == "Security Settings")
        {
            //we are already here, assign the variable
            $extraVariables = [];
            $extraVariables['ctest'] = 'Please establish a security question for your account<br />This will be used to validate your account should we ever need to<br />';
            return $extraVariables;
        }
        $myver = get_whmcs_version();

        if ($displayTitle != "Security Settings")
        {
            if ($myver >= 8)
            {
                header('Location: /index.php?rp=/user/security');
            return;
            }
            if ($myver < 8 )
            {
                header('Location: /clientarea.php?action=security');
            return;
            }
        }

    }
}
    function get_whmcs_version()
    {
        $theversion = Capsule::table('tblconfiguration')->where('setting', '=', 'Version')->value('value');
        $retver = substr($theversion, 0,1);
        
        return ($retver);

    }
    
    $qrows = Capsule::table('tbladminsecurityquestions')->select('id') ->count();
    if ($qrows > 0)
    {
        if (empty($isadmin))
        {
            add_hook('ClientAreaPage', 1, "check_client_security");
        }
    }
 
Template edits:

If you want to get the phrase shown to the client, you'll need to edit a template for this one. This is not required

For V7 and lower:
edit templates/yourtemplate/clientareasecurity.tpl
after
PHP: 
{if $securityquestionsenabled && !$twofaactivation}

   <h2>{$LANG.clientareanavsecurityquestions}</h2>
add
PHP: 
  {if $ctest}
       {include file="$template/includes/alert.tpl" type="error" errorshtml=$ctest}

For V8
edit templates/yourtemplate/usersecurity.tpl
after
PHP: 
   {if $user->hasSecurityQuestion()}
            <div class="form-group">
                <label for="inputCurrentAns" class="control-label">{$user->getSecurityQuestion()}</label>
                <input type="password" name="currentsecurityqans" id="inputCurrentAns" class="form-control" autocomplete="off" />
            </div>
        {/if}

add
PHP: 
        {if $ctest}
       {include file="$template/includes/alert.tpl" type="error" errorshtml=$ctest}
        {/if}
 
You must log in or register to reply here.

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)
Top Bottom