gutterboy

Crap.... nevermind; I had the credit card option off, turned it back on and the option to pay by credit card was available. Though I guess a question is, what happens if you have multiple places turned on that accept credit cards - how does it decide what place the payment goes through!?

Installed Stripe and added the API key but the only payment option the user sees is Paypal. Why isn't stripe there?

No worries, thanks for the answer.

Yeah, but I put it inside the blesta .htaccess file. Side question: Noticed in your sig you nave a paypal express checkout on your "todo" list; is that the same as my feature request?

Hmmmmmmm....... couldn't get it to work. Oh well, will just wait for the update from Blesta I guess.

In this situation you would want AND though right!? It's basically saying if it's not that AND not that AND not that then send to forbidden? As for ranges, would this be right? RewriteCond %{REQUEST_URI} ^/admin RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1 RewriteCond %{REMOTE_ADDR} !^128\.0\. RewriteRule .* - [F]

Nicely done. As a side note, we host with KH

+1

Yeah I know haha..... but I didn't wanna target something like that in-case something else became the first child

So I just add each IP I want to allow similar to have how you have added the one there?

I know most probably use Blesta for hosting so not sure how many people would find this useful, but one of the reasons we purchased Blesta as we were told it supported automatic non-recurring payments via Paypal, but have recently found it doesn't. This would allow companies to auto-bill their users whenever they get fees accrued to their account, but the fees don't come on a recurring basis. More information - from what I have been told that is how you deal with non-recurring automatic Paypal payments.

That's a shame. Don't really wanna leave the admin open like that, like a bit more security than just be obscurity.

I am attempting to lock down our admin area by IP via .htaccess with something like this: order deny,allow deny from all allow from 123.456.78.9 <Files ~ ".(xml|css|jpe?g|png|gif|js)$"> Allow from all </Files> I have also renamed (or re-routed) our admin directory to another name; in this example let's call it "abc". So because there is no real "/abc/" directory I created one and placed this file inside it; however when I did that going to "/abc/" no longer redirected to "/abc/login/"; I had to manually go there. Is there a way I can protect via IP without affecting anything else? Thanks!

Exactly my thoughts.

Unfortunately the selection of invoice method box seems a little hard to hide as it only has a common class name of "list-group-item"; the services box on the other hand has an id so all good there. Not a huge deal, so guess we'll just have to live with the invoice method box.

Thanks. Guess that's one way to do it haha

Just wondering if it's possible to remove certain elements from showing from the client area? Such as the "Services" box (as we're not using services) and also the box on the left hand sidebar that lets the users select the way they receive their invoice; we currently only offer email so it's a bit pointless having it there TBH. Thanks!

Ok, just did some testing and yes, for anyone that is using this plugin I highly recommend that you use https when redirecting to the shared login page; you risk other beings able to login as anyone they like as long as they get their hash. Re-reading the docs for the plugin the examples do show them using https, which is good. I just think more attention should be bought towards it like with an attention icon or something.

Also, I assume when redirecting the user to Blesta to be logged in with this it's recommend to use https seeing as we are passing the hash in the URL?

I just posted this so the SDK could be improved and to give a heads up about the issue.

I have been looking into Stripe in the past as it looked awesome, so I went back to the site and had another read; seems they don't require you to have a merchant account at all - they handle everything and all you need to use are them. I guess we can use them but still would be nice to have the Paypal option for those that would prefer to pay by Paypal.

Well that's pretty inconvenient We don't have a merchant account currently so not likely to be able to use anything else, we really need the Paypal Express one I'd say.

This is one of the reasons we bought Blesta as we were told it supported it: http://www.blesta.com/forums/index.php?/topic/1120-integrating-billing-system-to-existing-site-with-api/ Check my second question.

Yep, this recently happened to me too. As soon as I uninstalled the portal plugin it worked fine.

Well yeah, don't want the recurring kind, was wanting to know how to do it so the client can be directed to paypal to "allow" us to automatically debit their account for fees when need be; I have done this with other sites, you just get directed to Paypal and then agree to the terms and then the company can debit your paypal when they need to. Was told Blesta supported that but I can't find out how to do it!?