Enhance VirtFusion WHMCS module with security fixes, new features, and improved UX
Security improvements: - Enable SSL/TLS certificate verification by default (was disabled, MITM risk) - Remove error_reporting(0) that silenced all errors - Add input sanitization on all user parameters (int casting, regex filtering) - Return proper HTTP status codes (401, 403, 400, 500) instead of always 200 - Add XSS protection with htmlspecialchars and encodeURIComponent - Add null checks on API response data before property access New features: - Power management: boot, shutdown, restart, and force power off controls - Server rebuild: reinstall with any available OS template from client area - Server rename: change server display name via PATCH API - OS template fetching: client-side endpoint for rebuild OS selection - TestConnection: validate API credentials from WHMCS server settings - ServiceSingleSignOn: native WHMCS SSO integration for VirtFusion panel - Server status badge: visual indicator of server state in overview - Traffic usage display: show bandwidth used vs allocated - Checkout validation: ShoppingCartValidateCheckout hook ensures OS selection Ordering process improvements: - Add default "Select Operating System" placeholder option - Add "No SSH Key (Optional)" default for SSH dropdown - Hide SSH key field/container when no keys available - Wrap hook in try/catch to prevent checkout page breakage - Sanitize template names with htmlspecialchars - Use JSON_HEX_* flags for safe script injection Theme compatibility: - Properly formatted Smarty templates with readable indentation - Dual panel/card CSS classes for Bootstrap 3/4/5 compatibility - Responsive power button layout with mobile breakpoint - Framework-agnostic HTML that works with Six, Twenty-One, Lagom, and custom themes - Suspended service state messaging Code quality: - Readable, unminified JavaScript with JSDoc header - Structured CSS with logical section organization - Improved error messages throughout all provisioning functions - Added PATCH method support to Curl wrapper - Added curl error capture on connection failures - Added connection and request timeouts (10s/30s) - Fixed memory conversion to check key name instead of display name Documentation: - Complete README rewrite with installation, configuration, and troubleshooting guides - API endpoint reference table - Configurable options mapping documentation - Theme override instructions - Security considerations section https://claude.ai/code/session_01TCsJ4WZCGuEX3zqh1tQ2zx
This commit is contained in:
Claude
@@ -1 +1,134 @@
|
||||
.vf-bold{font-weight:800}.vf-small{font-size:.9rem}.vf-button{font-size:.8rem;padding:.95rem 1.5rem;font-weight:600}.vf-button-small{font-size:.8rem;padding:.75rem 1.3rem;font-weight:500}.vf-spinner-margin{margin-right:7px}.vf-badge{font-size:.8rem;padding:.5rem .9rem;text-transform:uppercase;font-weight:800}.vf-badge-active{background-color:rgba(32,177,0,.12);color:#276900;border-radius:6px}.vf-badge-awaiting{background-color:rgba(177,89,0,.12);color:#692000;border-radius:6px}#vf-login-button-spinner{display:none}#vf-password-reset-button-spinner{display:none}#vf-password-reset-error{display:none}#vf-password-reset-success{display:none}#vf-login-error{display:none}#vf-server-info{display:none}#vf-server-info-error{display:none}#vf-server-info-loader{min-height:136px}#vf-loading{display:inline-block;width:30px;height:30px;border:3px solid rgba(225,224,224,.3);border-radius:50%;border-top-color:#0e151a;animation:vf-spin 1s ease-in-out infinite;-webkit-animation:vf-spin 1s ease-in-out infinite}.vf-loader{margin:30px}@keyframes vf-spin{to{transform:rotate(360deg)}}@-webkit-keyframes vf-spin{to{transform:rotate(360deg)}}#vf-server-info-error{margin:10px}
|
||||
/* VirtFusion Direct Provisioning Module Styles */
|
||||
|
||||
/* Typography */
|
||||
.vf-bold {
|
||||
font-weight: 800;
|
||||
}
|
||||
.vf-small {
|
||||
font-size: 0.9rem;
|
||||
}
|
||||
|
||||
/* Buttons */
|
||||
.vf-button {
|
||||
font-size: 0.8rem;
|
||||
padding: 0.95rem 1.5rem;
|
||||
font-weight: 600;
|
||||
}
|
||||
.vf-button-small {
|
||||
font-size: 0.8rem;
|
||||
padding: 0.75rem 1.3rem;
|
||||
font-weight: 500;
|
||||
}
|
||||
.vf-spinner-margin {
|
||||
margin-right: 7px;
|
||||
}
|
||||
|
||||
/* Status Badges */
|
||||
.vf-badge {
|
||||
font-size: 0.75rem;
|
||||
padding: 0.35rem 0.75rem;
|
||||
text-transform: uppercase;
|
||||
font-weight: 700;
|
||||
border-radius: 6px;
|
||||
display: inline-block;
|
||||
}
|
||||
.vf-badge-active {
|
||||
background-color: rgba(32, 177, 0, 0.12);
|
||||
color: #276900;
|
||||
}
|
||||
.vf-badge-awaiting {
|
||||
background-color: rgba(177, 89, 0, 0.12);
|
||||
color: #692000;
|
||||
}
|
||||
.vf-badge-suspended {
|
||||
background-color: rgba(220, 53, 69, 0.12);
|
||||
color: #721c24;
|
||||
}
|
||||
|
||||
/* Power Management */
|
||||
.vf-power-buttons {
|
||||
display: flex;
|
||||
flex-wrap: wrap;
|
||||
gap: 8px;
|
||||
}
|
||||
.vf-btn-power {
|
||||
min-width: 100px;
|
||||
font-weight: 600;
|
||||
text-transform: uppercase;
|
||||
font-size: 0.8rem;
|
||||
padding: 0.5rem 1rem;
|
||||
display: inline-flex;
|
||||
align-items: center;
|
||||
justify-content: center;
|
||||
gap: 5px;
|
||||
}
|
||||
|
||||
/* Hidden elements (initial state) */
|
||||
#vf-login-button-spinner {
|
||||
display: none;
|
||||
}
|
||||
#vf-password-reset-button-spinner {
|
||||
display: none;
|
||||
}
|
||||
#vf-password-reset-error {
|
||||
display: none;
|
||||
}
|
||||
#vf-password-reset-success {
|
||||
display: none;
|
||||
}
|
||||
#vf-login-error {
|
||||
display: none;
|
||||
}
|
||||
#vf-server-info {
|
||||
display: none;
|
||||
}
|
||||
#vf-server-info-error {
|
||||
display: none;
|
||||
}
|
||||
#vf-data-server-traffic-sep {
|
||||
display: inline;
|
||||
}
|
||||
|
||||
/* Loader */
|
||||
#vf-server-info-loader {
|
||||
min-height: 136px;
|
||||
}
|
||||
#vf-loading {
|
||||
display: inline-block;
|
||||
width: 30px;
|
||||
height: 30px;
|
||||
border: 3px solid rgba(225, 224, 224, 0.3);
|
||||
border-radius: 50%;
|
||||
border-top-color: #0e151a;
|
||||
animation: vf-spin 1s ease-in-out infinite;
|
||||
-webkit-animation: vf-spin 1s ease-in-out infinite;
|
||||
}
|
||||
.vf-loader {
|
||||
margin: 30px;
|
||||
}
|
||||
|
||||
@keyframes vf-spin {
|
||||
to {
|
||||
transform: rotate(360deg);
|
||||
}
|
||||
}
|
||||
@-webkit-keyframes vf-spin {
|
||||
to {
|
||||
transform: rotate(360deg);
|
||||
}
|
||||
}
|
||||
|
||||
/* Error message spacing */
|
||||
#vf-server-info-error {
|
||||
margin: 10px;
|
||||
}
|
||||
|
||||
/* Responsive adjustments */
|
||||
@media (max-width: 768px) {
|
||||
.vf-power-buttons {
|
||||
flex-direction: column;
|
||||
}
|
||||
.vf-btn-power {
|
||||
width: 100%;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user