Timothy

Version 3.0.7 is now available. You can download it in the Client Area.

This is a patch release that corrects issues with 3.0.0.

Patching Blesta

See Patching Blesta in the User Manual for instructions.

Release Notes - Blesta Core - Version 3.0.7
## Version 3.0.7 2013-12-20 ### Bug * [CORE-873] - Favicon missing * [CORE-877] - Security: Support Manager: XSS vulnerability in support manager * [CORE-882] - Line item setup fees do not observe setup fee tax setting * [CORE-887] - Updating a package to change a module group back to Any does not save this change * [CORE-888] - Contacts::add/edit rule validation should ensure only one 'primary' type per client_id * [CORE-890] - Universal Module: Fields fail to validate when pending services approved via cron. * [CORE-897] - Autodebit may reattempt same invoice in same day if payment failed * [CORE-906] - AmazonS3 Backup fails with period (.) in bucket name * [CORE-907] - Client numbers fail to increment when clients_start is greater than current max number * [CORE-915] - 2Checkout: Fails to approve live transactions * [CORE-919] - Root web directory replacement not case-insensitive * [CORE-920] - PayPal: Validate should check either business or receiver_email for match on account * [CORE-921] - Report Manager does not exit after streaming file data for download * [CORE-927] - Client contact numbers appear on the same line in the client interface * [CORE-931] - Security: XSS vulnerability in client payment process * [CORE-932] - Security: Potential XSS vulnerabilities in use of Html::concat() * [CORE-933] - Backup settings incorrectly set messages * [CORE-934] - PHPIDS: Blank minimum impact rating is treated as zero instead of disabling action * [CORE-938] - Services::setFields may cause deadlock * [CORE-940] - Client setting for auto suspension does not disable auto suspension ### Task * [CORE-879] - Exchange rates through Google Finance no longer working ---

This is only the beginning.

CORE-935, thanks for the suggestion! No ETA at the moment, but it's in our system.

Fraud Record, for Blesta would be amazing in my opinion, it checks a database for unwanted customers, it's a bit like a neighbourhood watch team, but for webhosting.
 
Any fraud gets submitted to the database, and you can check to ensure you don't get the same unwanted customers.
 
 Stop Fraud Clients, Report Abusive Customers. Combine your efforts to fight misbehaving clients.
 
I used to use it on the last billing system I used and it helped much better than Maxmind, because bad clients are bad clients.
 
http://www.fraudrecord.com/
 
 
API: http://www.fraudrecord.com/developers.php

Configurable options are definitely what you want for charging extra for RAM, Disk, IP's etc. All customers will be eligible to download the beta when it's released. The beta will be available in the download area, to authenticated customers only (You have to login to see it). We're getting close.

Already reported and fixed for 3.0.7.

I wasn't thinking of a specific environment, as anybody can install the libs in a centralised location for all apps to use, but FreeBSD, via ports, does put the main database in /usr/local and updates it via cron.

Glad I could help

That looks like a issue with PHP. The imagecreatefrompng function is part of GD library. This tends to be a separate package/port
from the base PHP install.

Can you verify you have that installed? It would be called php55-gd or php5-gd or some variation of that depending on your operating
system.

Make sure you have a currency selected on the order form. This will be near the bottom of the form right above the gateway settings. If you do not have a currency selected the order forms will not show any packages.

You don't need a admin folder to restrict by path. For Apache servers  you can use the location example as stated above to do it. More information can be found at https://httpd.apache.org/docs/current/mod/core.html#location
 
For security you should probably rename your /admin area to something else. Change the following line in the route.php file.
 
Configure::set("Route.admin", "admin"); to something like Configure::set("Route.admin", "ziggyzoo"); to change the path to /ziggyzoo.

Hope that helps.

You don't need a admin folder to restrict by path. For Apache servers  you can use the location example as stated above to do it. More information can be found at https://httpd.apache.org/docs/current/mod/core.html#location
 
For security you should probably rename your /admin area to something else. Change the following line in the route.php file.
 
Configure::set("Route.admin", "admin"); to something like Configure::set("Route.admin", "ziggyzoo"); to change the path to /ziggyzoo.

Hope that helps.

I would like to suggest we have a banned status (We have a Active, Inactive, Fraud Status at the moment) but when a user is classed as Fraud, they can still make support tickets, and I'm not sure if they can make new orders. We don't have any other way of removing rude customers. 
 
Eg:
 
False information on account, acted like a immature person opening a ticket in gibberish. Closed ticket, set customer as fraud... Few minutes later another support ticket from that client. In the end had to ban them in the firewall.

+1 on both.
 
Thank you for making this.

CORE-824 is fixed in 3.0.5.

CORE-842 is fixed for 3.0.5.

What payment gateways do you need that aren't currently included? Having all the same payment gateways doesn't mean much, if you don't actually need them. We are building more, and prioritizing by demand.
 
We do have plans to create new and unique order forms, ones that work well with a particular product like shared hosting, or virtual hosting, etc. One page AJAX forms, multi-step, and more. It's not as simple as making something work just like a particular hosting company when the order form needs to support a diverse range of products and services. We try to build things that are versatile, but we also see the need to build things that are targeted to a particular offer.
 
Aside from any tweaks to the existing order templates, our plans for more templates will follow a conversion of the client area to bootstrap. It will be significantly easier to create new and unique and awesome looking order forms once this has taken place. This will be after 3.1, which adds configurable options (among other things), which we see as a critical first step.