Biscuit1001

You're most welcome. Thank you for the tone of the response...that's all I need to know. And yes, rookies. Leaving a 3.4.2 generator tag in the WP code, total rookie move.

http://w3techs.com/sites/info/blesta.com WordPress 3.4.2 (77% of sites use a newer version) PHP 5.3.3 (47% of sites use a newer version)

I considered Blesta a couple years ago and decided against it, though I couldn't remember why, but there was something that really put me off then. I think I may have just found what it was. Looking at the source code of your own site, which runs WordPress <meta name="generator" content="WordPress 3.4.2"/> I thought, wow, there's no way they could be running such an old, out-dated and unsecure version of WordPress...especially with all the focus on the security of the Blesta software. I realize the two could very well be mutually exclusive, but it's not a good sign. I went to Sucuri to do a site check, and I urge you to do the same: http://sitecheck.sucuri.net/results/www.blesta.com Malware is found specifically in the resellers section. Malware entry: MW:EXPLOITKIT:BLACKHOLE1 I've never found Sucuri to be wrong, but I'm not ruling out that possibility. According to Sucuri you ARE running WordPress 3.4.2. PLEASE tell me that's not true, that Sucuri is somehow wrong. Because if it is true... with all due respect you have no room to be criticizing any other billing systems' code. Running such an outdated install of WordPress is beyond a rookie mistake. Again, let me make my position clear: I'm really hoping this IS a false positive or in error. According to Google, your site is clean. http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=blesta.com Sucuri may possibly be making assumptions based on the severely outdated WP Generator tag left behind (though that in itself is a boneheaded move...sorry, but it is).

I've been really happy with OCC (OnlineChatCenters). Goofy name, but it just plain works. Took me a while to get used to hosted (though we migrated to hosted for a reason, and away from LiveZilla that we used for years), but it works well, very quick response and light resource usage, and is very reasonably priced. In WHMCS it was relatively easy to set up a connection between the LiveChat transcripts (a new support department) and WHMCS. I'm assuming it will be the same with Blesta. You don't get the full intergration as with Stardevelop, but you get a much better Chat system IMO.

i believe in one of your posts you said the best way to import would be to import into a clean/new install of Blesta. I'm wondering though, would it be better to first create the admins, packages, support departments, etc in Blesta? Or would that be counter-productive?

I went a few 'rounds with them on that issue, never got anywhere. Kind of validating to see it wasn't just me.

*sticks nose into thread for a second* Hi there, we shared some tweets today, re "that other company" Back on topic, I'm wondering if breaking the importer down into just doing a table at a time (or a few related ones) might work? I don't know if that's even possible, just a random idea I'm throwing out there. I've had to do that with other applications and very large databases.

Excellent... because I'm looking to jump off that (very possibly) sinking ship.

Report it ethically, and document contact; then go public if, and only if, the exploit isn't patched, AND make that clear in your public disclosure. That's the way it's always been done, that's the right way to do it, and I couldn't respect anyone going about it any other way than ethically. I'm here as a prospective customer/refugee-from-the-name-that-shall-not-be-mentioned... but let me say this. I won't buy anything from a company who isn't ethical and I don't respect their practices. Think about it: not doing things "the right way" is what might sink that other ship. Don't be that guy.