Cody

If it's taking you to the login page it's because you were previously logged in, without logging out.

Right click on the link and select "Copy Link Location". Then open a different web browser and paste the link in the address bar. You're probably having trouble because you've already logged into a cPanel account and didn't explicitly log out. cPanel, for some reason, won't let you log in to another account using basic authentication unless you explicitly log out of the other account first.

If this is the link you're using: Then it's not .htaccess, since .htaccess must be disabled. There shouldn't be any /index.php/ in that URI when using .htaccess.

Good suggestion! You'll have to get your hands a little dirty, but you can disable sending attachments in invoice delivery emails by commenting out lines 80 - 85 in /components/invoice_delivery/invoice_delivery.php $attachments = array( /* array( 'path' => $inv_path, 'name' => $attachment_name, 'encoding' => "base64", 'type' => $this->company_settings['inv_mimetype'] ) */ );

I'm not sure there are many services out there that handle secure storage of card data. Besides the trust issues that arise from such a solution, I don't believe it alleviates PCI compliance since one of the PCI compliance questions is whether or not you share card data (which obviously you would be). I've encountered customers like the one you've described many times. I make it clear that it is simply not an option to store card security codes, and I'll often recommend merchant gateways with offsite storage (just about every merchant gateway these days). In my experience they've chosen either not to process auto debits, or have chosen a gateway that supports offsite storage. If the customer is adamant about storing card security codes then we fire the customer because that sets off a red flag for future issues with the client.

Ah yes, gmail... For when you want to send a message to the NSA but don't have their email address.

When the client clicks the link to pay the invoice they will then see the option to select the "Offline Payment" payment option. Then when they click to pay they will see the instructions for offline payment that you entered when you configured the offline payment gateway.

You can update the email template to contain the payment information the customer should use when paying an invoice. You have to assign the offline payment gateway to the order form.

Please see this thread on how to report a bug.

Another thing that would have to be done for this is a logging mechanism to keep track of when staff users access client profiles.

I think you just illustrated what I said.

You'd have to have a separate staff group with super limited access, and this feature would have to be tied into the permission system somehow. The question asked "Enter Zip/Postal Code" would have to be entirely configurable, possibly even based off of custom client fields. There would be a lot involved (UI-wise).

"Open source" didn't used to mean free, but it's gained that connotation (see FOSS).

Defcon talks are far more interesting than talks at HostingCon. No doubt about it, but Summers in Vegas are not pleasant.

I've updated the documentation to make it more obvious on what to do to enable pretty URLs on non-apache web servers.

Use curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($args)); P.S. An SDK has been released that makes API requests much easier, but it only works for version 3.0.0.b4 and newer.

More specifically: http://source-docs.blesta.com/package-blesta.app.models.html And of course, as the dev docs mention, all plugin model methods are also callable via the API (though not currently listed in the source docs).

You should have noticed a yellow message appear after you installed the plugin letting you know to set the access control permissions for the plugin. You do this under [settings] > [system] > [staff] > [staff Groups].

We have plans to expand the Portal plugin into more of a CMS, which will allow you to create custom pages. As it stands, you can create custom pages by creating custom controllers and views. So there's some coding involved, but it's pretty painless if you know what you're doing.

Fixed.

I think Paul was commenting on the use of bootstrap in the design, not related to the icon itself.

By default, Blesta uses htaccess rules to forbid access to all .pdt files.