Jump to content


  • Content count

  • Joined

  • Last visited

  • Days Won


Alk last won the day on June 30 2017

Alk had the most liked content!

About Alk

  • Rank
    Advanced Member

Profile Information

  • Gender
    Not Telling
  • Location
  1. Does anyone know please: How the system status widget gets its information on issues? If it is possible to also extrapolate this information oneself onto a custom page? I could then setup page monitoring on it to alert me of issues. or If it is possible to "export" the system status widget onto a custom page? Thank you.
  2. @Paul I am grateful to see Blesta looking to adhere to GDPR: https://dev.blesta.com/browse/CORE-2463 Thank you. However, it is still important for Administrators to be able to delete old (redundant) client information, to comply with UK Data Protection Laws, which will still apply alongside GDPR. Therefore, it seems an opportune time to incorporate the necessary features at the same time as CORE-2463, as there is overlap. To that end, the way I see this implemented is as follows: A Company setting called "Client cleanup". In Client Cleanup setting; specify number of days to delete clients considered to be redundant. 0 = never, 1826 = 5 years. You have a granular setting to select the Client Groups that the client cleanup will effect. This allows clients to be protected from deletion, if required for a particular purpose (that hasn't been considered). The client cleanup will be an automated task, run once a day. The client cleanup will work on clients with the following conditions met: 1. Marked as inactive in Blesta (which the admin does manually), 2. Has no active services, 3. Their last invoice was closed X days ago (as per number of days set in Client cleanup setting), 4. In client group(s) X (as per client groups set in client cleanup setting). For example, this is how I see it operating: You enable client cleanup by setting the company setting with the number of days that you want to cleanup redundant clients. eg. I set 1826 = 5 years (Blesta would ship with this setting disabled by default by having it set to 0). You then choose the "Default" client group and this will mean that the client cleanup will look for clients in the Default client group -> for any that have been marked as inactive -> have no active services -> their last invoice was closed 1826 days ago. It is debatable as to whether there is the requirement for the client to first be manually marked by the Admin as inactive. It doesn't matter either way, but could be a useful safeguard - comments on this? This comment is duplicated at: https://requests.blesta.com/topic/delete-client-for-data-protection-reasons (posted here for awareness)
  3. Search content of tickets

    @Paul Yes, my suggestion is only for when "Search Tickets" is selected in the top-right Admin search box, as the Admin has selected to perform this type of search. In fact, you could go so far as having a secondary pop-up tick box for "search content" for more granularity to the "Search Tickets" option. Thereby, the Admin has explicitly acknowledged to search the contents of tickets. "Smart Search" remains as it is...searching "lightly" and is quick in it's results.
  4. Hello, I have seen the bug for the bulk updater dialog in Chrome: https://dev.blesta.com/browse/CORE-2598 But to expand on this; in Edge on Windows 10, you are unable to select anything in the drop down box for "With Selected Tickets" (eg. "Update Status"). Secondly, in Chrome, the bulk updater dialog box doesn't appear at all for Open tickets. There is something in the new version of Chrome that is causing this issue because it stopped working in 3.4.3 as well (I thought an upgrade to 4.4.2 would fix it, unfortunately it didn't) and I have tried on a different PC in Chrome. It works in Edge.
  5. cPanel password strength change

    Thanks Tyson. Unfortunately, I cannot decrease the strength requirement as I do not control the server. You see, with WHMCS, you can control the password complexity easily (according to the webhost). Therefore, there isn't a need for the webhost to lower the strength requirement. Additionally, as this isn't something that the webhost has purposefully increased, but is due to this change from cPanel, what would the webhost set it to... I know that it will help by adding Uppercase characters. I would also like to (potentially) increase the length of the password. Would you be able to tell me how to do that please? The documentation for the password strength calculation is here: https://documentation.cpanel.net/display/CKB/How+to+Determine+Password+Strength The document has just been created on Oct 30th! (probably due to the recent update!) Thank you.
  6. cPanel password strength change

    Thank you. What I'm confused about is that the max_length values are different and where it has "mt_rand(max($min_length, 5)" it has a min_length near a max word? Therefore, I'm confused as to which values I alter.
  7. cPanel password strength change

    Hello, I created a cPanel service the other week and let Blesta generate the password for the cPanel account - No issues. However, when Blesta is now trying to create a cPanel service and it is generating the password, I am now receiving an error response from the cPanel server, stating that the password does not meet a strength of 90. I spoke to my server host about this and they have not altered the complexity requirement. They double checked and they have a password that the other week was a password of 90 strength, now the password is registering a strength of 75. We mutually concluded that cPanel must have changed the algorithm used to calculate passed strengths. Some digging of the cPanel change log shows: It has obviously just taken a while for the release with this change in it to filter out. My thread here serves a few purposes: 1. To make the Blesta team aware of this change and potential bug (I therefore felt that the bugs forum was the best place for this topic, although I was unsure) 2. See if anyone else is experiencing the same 3. To gain instruction on how exactly to increase the complexity of the passwords that Blesta generates. On point 3, I have opened file components/modules/cpanel/cpanel.php and I find, which starts at line 1667 in v4: /** * Generates a password * * @param int $min_length The minimum character length for the password (5 or larger) * @param int $max_length The maximum character length for the password (14 or fewer) * @return string The generated password */ private function generatePassword($min_length = 10, $max_length = 14) { $pool = 'abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()'; $pool_size = strlen($pool); $length = mt_rand(max($min_length, 5), min($max_length, 14)); $password = ''; for ($i=0; $i<$length; $i++) { $password .= substr($pool, mt_rand(0, $pool_size-1), 1); } return $password; } I can see from previous examples of passwords that Blesta generates, that Blesta does not incorporate capital (uppercase) letters. I can now see this from the above code. To increase the complexity of the passwords that Blesta generates, I feel that it is just a case of adding capital letters. To do this, please could someone tell me; is it just a case of adding in the capital letters into the $pool line? Please could someone also tell me; which part of the code controls how long the password will be? (to increase its complexity) Thank you very much.
  8. I have been using Blesta for many years (I've been storing up my feature requests for years too - sorry!) and I know that this topic comes up from time to time, however, I would like to give what I believe is a strong case as to why it should be allowed to delete clients. Firstly, I realise that it is not possible to delete clients if they have an invoice or service attached and I believe that the reason for this is for accounting purposes in particular geographic locations (one of them being the UK it would seem). However, in the UK we also need to comply with Data Protection laws. This says that we must not retain personal data for longer than necessary. See here: https://ico.org.uk/for-organisations/guide-to-data-protection/principle-5-retention/ According to the above page, we are allowed to retain the data if required for tax returns and this will not be considered to be retained for longer than necessary. So far so good...but according to my research, HMRC says that you only need to keep your business income records (including sales invoices) for 5 years after the submission of the tax return: https://www.gov.uk/self-employed-records/how-long-to-keep-your-records Therefore, my feeling is that UK businesses should be removing the client records after 5 years of them ceasing the relationship with the business, thereby complying with the data protection act that says that you must not retain personal data for longer than necessary. This is how I interpret the law and in my opinion this makes a much stronger argument for the necessity to be able to fully delete client records from Blesta. Also submitted to: https://requests.blesta.com/topic/delete-client-for-data-protection-reasons (posted here for awareness)
  9. I would greatly value the ability to search the content of tickets. You see, I can't quite believe that no one has suggested this yet for Blesta or WHMCS...but I want to search the content of tickets and I can't. I've taken a look at WHMCS and you can't do it with WHMCS either. Yet, it is a pretty standard feature of helpdesk software (of which I have used many). Customers never subject title their emails correctly (if at all!) and often talk about multiple issues under one ticket (which often has a vague subject line which doesn't cover it). Therefore, the need to search the messages of tickets is a must in my eyes and if it were achievable, would be a plus point for Blesta. It is possible that this hasn't been developed already because of the strain? to search ticket content, but if other software can achieve it...surely Blesta can too? Also submitted to: https://requests.blesta.com/topic/search-content-of-tickets (posted here for awareness)
  10. Backups encryption

    Given the personal data that Blesta installations hold, in line with data protection laws, it would be appropriate for the backups feature to have encryption. Whilst the servers where Blesta are installed are likely to have extra security safeguards in place, the offsite backup locations are less likely to have the same security setups. Additionally, data may be offloaded to a different organisation which can create additional complexity. If the data were packaged encrypted, only the Blesta installation owner would have access to the data, negating any data protection issues with where the data is being offloaded to as part of the backup. Also submitted to: https://requests.blesta.com/topic/backups-encryption (posted here for awareness)
  11. It would be extremely helpful to have an email notification to the admin when there are any Blesta system issues, rather than relying on the system status widget in the staff portal. Not everyone checks the staff portal daily (there isn't necessarily a need, particularly if you are a small business and you use the support tickets via email) and, for example, the crons can get stuck and therefore it can go unnoticed that there is an issue. If you don't have a lot of business, you can't rely on the fact that you haven't heard from anyone in a while.. Also submitted to: https://requests.blesta.com/topic/system-issue-email-notifications
  12. Folks, You have missed my original thread (I was the original instigator of all of this, prior to v3.2 ), whereby I have the solution for the 2 separate buttons. See here: http://www.blesta.com/forums/index.php?/topic/2532-change-paypal-buttons/?p=19943 Everything is visually perfect with the buttons that I am using, see my screenshots and explanation... IMO, those are the buttons to use.
  13. wfitg alluded to this; we have to be careful to still comply with the EU Consumer rights directive when making our own buttons. The buttons need to be clear that there is an obligation to pay. As in my original topic, the PayPal buttons that I changed mine to say "Pay now" and "subscribe" (it would be better for the button to say "subscribe and pay" but I don't have much of a choice in order to keep consistency). I appreciate that PayPal/non-merchant gateways are likely to be doing some of this obligation for us on subsequent pages, but it is best to be absolutely clear so that there is no room for error. I also agree with Jonathan that it would be best to mention the non-merchant gateway being used. Therefore, taking all of this into consideration, Cody's quoted suggestion in the original post (from my original topic here), is the best: Cody, on 16 Jun 2014 - 4:45 PM, said:
  14. Thank you very much for the clarification and explanation Paul.
  15. Ah, the config/blesta.php file also; I hadn't realised that was also necessary, but I can see why. I'm trying to cover all bases for a disaster recovery. Thank you for your response.