Enables Cloudflare's Turnstile Captcha service in abandonware WHMCS. This is currently a proof-of-concept, please report issues.
This fork has modifications to support RSStudio Lagom2 theme for WHMCS.
For this to work with Lagom2 you must add this custom CSS below to get positioning correct. Go to RStheme --> Styles --> Modern --> Custom CSS and add the following code then clear cache.
.cf-turnstile {
height: 65px;
margin-bottom: 12px;
}
.register-page .form-actions{
display: flex;
flex-direction: column;
justify-content: flex-start;
align-items: flex-start;
}
.page-contact .form-actions{
flex-direction: column;
}
.page-supportticketsubmit-steptwo.lagom-not-portal .form-actions{
display: block;
}
By default WHMCS offers two types of captchas, the built-in-easily-cracked GD based captcha and the easily-cracked-privacy-violating reCAPTCHA by Google. Because WHMCS fails to maintain their product, we developed this simple to use hook which enables Turnstile while completely bypassing WHMCS' logic.
Please note that this implementation required some filthy JS query code to make it work, because WHMCS is a complete mess: in some pages they used HTML buttons for forms, on other pages they used input submits, with or without IDs, inside divs, without divs, no use of IDs. Meaning that there was no streamlined way to do this clean and proper. Here are some awkward examples:
<input class="btn btn-lg btn-primary" type="submit" value="Register">
<button id="login" type="submit" class="btn btn-primary">Login</button>
<button type="submit" name="validatepromo" class="btn btn-block btn-default" value="Validate Code">Validate Code</button>
<button type="submit" class="btn btn-primary">Send Message</button>
<a href="/cart.php?a=checkout&e=false" class="btn btn-success btn-lg btn-checkout disabled" id="checkout">Checkout</a>- Enables Turnstile captcha on login, register, checkout, ticket, contact pages.
- Support for themes (auto/dark/light).
- Ability to disable credits and have it fully white labeled.
- Ability to exclude captcha when client is logged in.
- PHP 8.x (tested on 8.1.27)
- WHMCS 8.x (tested on 8.9.0)
- Download the latest release and unzip it in the root of your WHMCS installation.
- Get your Turnstile Site Key and Secret Key from your Cloudflare dashboard.
- Edit and add the following settings in either your
configuration.phpor at the top of the hook file:
const hybulaTurnstileEnabled = true;
const hybulaTurnstileCredits = true;
const hybulaTurnstileExcludeLogin = true;
const hybulaTurnstileSite = '';
const hybulaTurnstileSecret = '';
const hybulaTurnstileTheme = 'auto';
const hybulaTurnstileError = 'Something went wrong with your captcha challenge!';
const hybulaTurnstileLocations = ['login', 'register', 'checkout', 'ticket', 'contact'];Contributions are welcome in a form of a pull request (PR).
This project is developed and sponsored by Hybula B.V.
Apache License, Version 2.0 and the Commons Clause Restriction