Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by Alk

  1. Sadly, Demowolf.com has shutdown. You can read their notice on their website and they are no longer contactable (I have tried emailing). The free videos have stopped working. I'm just making you aware of the situation because they are listed in your marketplace. Additionally, there may be other Blesta users who, without warning, now have invalid videos.
  2. Does anyone know please: How the system status widget gets its information on issues? If it is possible to also extrapolate this information oneself onto a custom page? I could then setup page monitoring on it to alert me of issues. or If it is possible to "export" the system status widget onto a custom page? Thank you.
  3. @Paul I am grateful to see Blesta looking to adhere to GDPR: https://dev.blesta.com/browse/CORE-2463 Thank you. However, it is still important for Administrators to be able to delete old (redundant) client information, to comply with UK Data Protection Laws, which will still apply alongside GDPR. Therefore, it seems an opportune time to incorporate the necessary features at the same time as CORE-2463, as there is overlap. To that end, the way I see this implemented is as follows: A Company setting called "Client cleanup". In Client Cleanup setting; specify number of days to delete clients considered to be redundant. 0 = never, 1826 = 5 years. You have a granular setting to select the Client Groups that the client cleanup will effect. This allows clients to be protected from deletion, if required for a particular purpose (that hasn't been considered). The client cleanup will be an automated task, run once a day. The client cleanup will work on clients with the following conditions met: 1. Marked as inactive in Blesta (which the admin does manually), 2. Has no active services, 3. Their last invoice was closed X days ago (as per number of days set in Client cleanup setting), 4. In client group(s) X (as per client groups set in client cleanup setting). For example, this is how I see it operating: You enable client cleanup by setting the company setting with the number of days that you want to cleanup redundant clients. eg. I set 1826 = 5 years (Blesta would ship with this setting disabled by default by having it set to 0). You then choose the "Default" client group and this will mean that the client cleanup will look for clients in the Default client group -> for any that have been marked as inactive -> have no active services -> their last invoice was closed 1826 days ago. It is debatable as to whether there is the requirement for the client to first be manually marked by the Admin as inactive. It doesn't matter either way, but could be a useful safeguard - comments on this? This comment is duplicated at: https://requests.blesta.com/topic/delete-client-for-data-protection-reasons (posted here for awareness)
  4. @Paul Yes, my suggestion is only for when "Search Tickets" is selected in the top-right Admin search box, as the Admin has selected to perform this type of search. In fact, you could go so far as having a secondary pop-up tick box for "search content" for more granularity to the "Search Tickets" option. Thereby, the Admin has explicitly acknowledged to search the contents of tickets. "Smart Search" remains as it is...searching "lightly" and is quick in it's results.
  5. Hello, I have seen the bug for the bulk updater dialog in Chrome: https://dev.blesta.com/browse/CORE-2598 But to expand on this; in Edge on Windows 10, you are unable to select anything in the drop down box for "With Selected Tickets" (eg. "Update Status"). Secondly, in Chrome, the bulk updater dialog box doesn't appear at all for Open tickets. There is something in the new version of Chrome that is causing this issue because it stopped working in 3.4.3 as well (I thought an upgrade to 4.4.2 would fix it, unfortunately it didn't) and I have tried on a different PC in Chrome. It works in Edge.
  6. Thanks Tyson. Unfortunately, I cannot decrease the strength requirement as I do not control the server. You see, with WHMCS, you can control the password complexity easily (according to the webhost). Therefore, there isn't a need for the webhost to lower the strength requirement. Additionally, as this isn't something that the webhost has purposefully increased, but is due to this change from cPanel, what would the webhost set it to... I know that it will help by adding Uppercase characters. I would also like to (potentially) increase the length of the password. Would you be able to tell me how to do that please? The documentation for the password strength calculation is here: https://documentation.cpanel.net/display/CKB/How+to+Determine+Password+Strength The document has just been created on Oct 30th! (probably due to the recent update!) Thank you.
  7. Thank you. What I'm confused about is that the max_length values are different and where it has "mt_rand(max($min_length, 5)" it has a min_length near a max word? Therefore, I'm confused as to which values I alter.
  8. Hello, I created a cPanel service the other week and let Blesta generate the password for the cPanel account - No issues. However, when Blesta is now trying to create a cPanel service and it is generating the password, I am now receiving an error response from the cPanel server, stating that the password does not meet a strength of 90. I spoke to my server host about this and they have not altered the complexity requirement. They double checked and they have a password that the other week was a password of 90 strength, now the password is registering a strength of 75. We mutually concluded that cPanel must have changed the algorithm used to calculate passed strengths. Some digging of the cPanel change log shows: It has obviously just taken a while for the release with this change in it to filter out. My thread here serves a few purposes: 1. To make the Blesta team aware of this change and potential bug (I therefore felt that the bugs forum was the best place for this topic, although I was unsure) 2. See if anyone else is experiencing the same 3. To gain instruction on how exactly to increase the complexity of the passwords that Blesta generates. On point 3, I have opened file components/modules/cpanel/cpanel.php and I find, which starts at line 1667 in v4: /** * Generates a password * * @param int $min_length The minimum character length for the password (5 or larger) * @param int $max_length The maximum character length for the password (14 or fewer) * @return string The generated password */ private function generatePassword($min_length = 10, $max_length = 14) { $pool = '[email protected]#$%^&*()'; $pool_size = strlen($pool); $length = mt_rand(max($min_length, 5), min($max_length, 14)); $password = ''; for ($i=0; $i<$length; $i++) { $password .= substr($pool, mt_rand(0, $pool_size-1), 1); } return $password; } I can see from previous examples of passwords that Blesta generates, that Blesta does not incorporate capital (uppercase) letters. I can now see this from the above code. To increase the complexity of the passwords that Blesta generates, I feel that it is just a case of adding capital letters. To do this, please could someone tell me; is it just a case of adding in the capital letters into the $pool line? Please could someone also tell me; which part of the code controls how long the password will be? (to increase its complexity) Thank you very much.
  9. I have been using Blesta for many years (I've been storing up my feature requests for years too - sorry!) and I know that this topic comes up from time to time, however, I would like to give what I believe is a strong case as to why it should be allowed to delete clients. Firstly, I realise that it is not possible to delete clients if they have an invoice or service attached and I believe that the reason for this is for accounting purposes in particular geographic locations (one of them being the UK it would seem). However, in the UK we also need to comply with Data Protection laws. This says that we must not retain personal data for longer than necessary. See here: https://ico.org.uk/for-organisations/guide-to-data-protection/principle-5-retention/ According to the above page, we are allowed to retain the data if required for tax returns and this will not be considered to be retained for longer than necessary. So far so good...but according to my research, HMRC says that you only need to keep your business income records (including sales invoices) for 5 years after the submission of the tax return: https://www.gov.uk/self-employed-records/how-long-to-keep-your-records Therefore, my feeling is that UK businesses should be removing the client records after 5 years of them ceasing the relationship with the business, thereby complying with the data protection act that says that you must not retain personal data for longer than necessary. This is how I interpret the law and in my opinion this makes a much stronger argument for the necessity to be able to fully delete client records from Blesta. Also submitted to: https://requests.blesta.com/topic/delete-client-for-data-protection-reasons (posted here for awareness)
  10. I would greatly value the ability to search the content of tickets. You see, I can't quite believe that no one has suggested this yet for Blesta or WHMCS...but I want to search the content of tickets and I can't. I've taken a look at WHMCS and you can't do it with WHMCS either. Yet, it is a pretty standard feature of helpdesk software (of which I have used many). Customers never subject title their emails correctly (if at all!) and often talk about multiple issues under one ticket (which often has a vague subject line which doesn't cover it). Therefore, the need to search the messages of tickets is a must in my eyes and if it were achievable, would be a plus point for Blesta. It is possible that this hasn't been developed already because of the strain? to search ticket content, but if other software can achieve it...surely Blesta can too? Also submitted to: https://requests.blesta.com/topic/search-content-of-tickets (posted here for awareness)
  11. Given the personal data that Blesta installations hold, in line with data protection laws, it would be appropriate for the backups feature to have encryption. Whilst the servers where Blesta are installed are likely to have extra security safeguards in place, the offsite backup locations are less likely to have the same security setups. Additionally, data may be offloaded to a different organisation which can create additional complexity. If the data were packaged encrypted, only the Blesta installation owner would have access to the data, negating any data protection issues with where the data is being offloaded to as part of the backup. Also submitted to: https://requests.blesta.com/topic/backups-encryption (posted here for awareness)
  12. It would be extremely helpful to have an email notification to the admin when there are any Blesta system issues, rather than relying on the system status widget in the staff portal. Not everyone checks the staff portal daily (there isn't necessarily a need, particularly if you are a small business and you use the support tickets via email) and, for example, the crons can get stuck and therefore it can go unnoticed that there is an issue. If you don't have a lot of business, you can't rely on the fact that you haven't heard from anyone in a while.. Also submitted to: https://requests.blesta.com/topic/system-issue-email-notifications
  13. Folks, You have missed my original thread (I was the original instigator of all of this, prior to v3.2 ), whereby I have the solution for the 2 separate buttons. See here: http://www.blesta.com/forums/index.php?/topic/2532-change-paypal-buttons/?p=19943 Everything is visually perfect with the buttons that I am using, see my screenshots and explanation... IMO, those are the buttons to use.
  14. wfitg alluded to this; we have to be careful to still comply with the EU Consumer rights directive when making our own buttons. The buttons need to be clear that there is an obligation to pay. As in my original topic, the PayPal buttons that I changed mine to say "Pay now" and "subscribe" (it would be better for the button to say "subscribe and pay" but I don't have much of a choice in order to keep consistency). I appreciate that PayPal/non-merchant gateways are likely to be doing some of this obligation for us on subsequent pages, but it is best to be absolutely clear so that there is no room for error. I also agree with Jonathan that it would be best to mention the non-merchant gateway being used. Therefore, taking all of this into consideration, Cody's quoted suggestion in the original post (from my original topic here), is the best: Cody, on 16 Jun 2014 - 4:45 PM, said:
  15. Thank you very much for the clarification and explanation Paul.
  16. Ah, the config/blesta.php file also; I hadn't realised that was also necessary, but I can see why. I'm trying to cover all bases for a disaster recovery. Thank you for your response.
  17. Hello, On top of the database, is it also necessary to backup the "uploads" folder? as there appears to be some data in there relating to support tickets (attachments it seems) along with the invoice logo. So if I were to restore the database only, would the attachments and invoice logo not be missing? Thanks!
  18. Hi Paul, Thank you very much for your help. Due to an unrelated issue, my webhost has moved my account to another server. Consequently, the SFTP backup settings are now saving correctly and I have successfully sent a backup offsite. So it must have been something about the server that my account was previously on (both servers appear to be setup very similarly with CageFS). Really odd, but I am relived that it is now working. Thanks for everyone's help and sorry to have wasted your time as this is not a bug.
  19. Sorry, it's CloudLinux/cPanel/Apache. No Cloudflare. Thanks Paul but I don't have this installed.
  20. My Blesta install is v3.4.3 with PHP 5.4 & 10.0.18-MariaDB. Importantly, I am using Blesta on https. I am using Windows 7. I am unable to configure my SFTP backup settings (Settings -> System -> Backup -> Secure FTP) on the page https://mydomain.com/admin/settings/system/backup/ftp/. I enter all of the details and click on the Update Settings button. In Google Chrome, I am then redirected back to the root address of the client portal (ie. https://mydomain.com/) and my settings are not saved. Additionally, in Google Chrome, I am unable to press "test these settings" because Google Chrome is blocking a script from an unauthenticated source (see screenshot). If I use Internet Explorer, and press to "test these settings", nothing happens. If I enter the backup details and then click on the Update Settings button, I am also redirected back to the root address of the client portal and the settings are not saved. I have a development install of Blesta on non-https (admittedly it is also on a different server) and I can test and save the connection details without issue using Google Chrome. You will see from the attached screenshot that there appears to be a bug in that the script regarding the "test these settings" is trying to load from the non-https address of my Blesta install. Consequently, I am unable to take an automated Backup of my Blesta install, which is quite an issue for me at present. Thank you for your help.
  21. Alk

    Hidden Ticket

    Perfect, thanks Tyson and sorry for my late reply.
  22. Alk

    Hidden Ticket

    Yes, sorry if this was not clear. Open a new ticket with some text Now update the ticket with an internal note Update the ticket again with a 2nd internal note Now go back to the ticket and tick the 2 internal notes and choose to split the ticket Now go back to the ticket list and you will find that whereas you used to have 1 ticket open, the ticket total on the tab will now show 2 (depending on what the original ticket's status was) - see screenshot. Lookup in the database and you will find the split ticket, yet it is not shown in the GUI.
  23. Alk

    Hidden Ticket

    Thank you Mike, but I was already aware that notes are for internal use (ie. staff only).
  24. Alk

    Hidden Ticket

    I had some notes in the ticket, intermixed with the customer's replies that shouldn't be in the ticket any more (the notes would cause confusion when referring to the ticket in the future). I really wanted to delete the internal notes but as you cannot delete individual messages/replies in tickets, I thought that by splitting the specific internal notes off to a new ticket, I would subsequently be able to close this newly created ticket, thereby removing the notes from the conversation. I hope that this is now clear.
  25. Alk

    Hidden Ticket

    Thank you, but I'm afraid that I disagree and I feel that it is a bug. It's not permissions - please see that this issue arose from splitting off internal notes in a ticket. The new ticket is now made up of internal notes, but it is hidden (which makes some sense in a way; sort of). Blesta shouldn't have allowed me to do this if it is not designed to do so. I now know not to do this, but that is not the point, so I thought that I should report the issue nonetheless.
  • Create New...