Check Client Details Hook for WHMCS to prevent hackers.
It prevents when registration or update client details, to use blocked words like AES, tbladmin, php, … UPDATEABLE by admin
A) Edit $fields to add or remove fields to check (by default all fields with type “string” that are supported in the current WHMCS release are included).
B) Edit $blocked to add or remove words that are blocked (by default I’ve included a few words that seem to be the most common for automated SQL Injections).
C) Edit text in $error to fit your language or preference.
When it blocks:
- It block the IP as AUTOBAN, adding the log so you can see what hacker entered
- It is stored as log for admin check in
- It sends an alert to admin by email