Feature Requests
Share ideas, discuss and vote on requests from other users in community
 

Fix Annoying Autocomplete / AutoFill across WHMCS Admin

myworksdesign shared this idea 2 years ago
Under Consideration

This topic has already unfortunately been broached on a smaller issue for the SMTP fields in settings, but there is an annoying issue across all of the WHMCS admin, where any browser will autofill / autocomplete the WHMCS admin (or any saved login info) login to any username/password fields in WHMCS. This is extremely annoying in the following cases, to name a few.

- Editing / Viewing a client Profile

- Editing / Viewing custom support ticket fields that contain a username/password field

- Editing / Viewing custom module options that contain a username/password

- Editing / Viewing WHMCS General Settings > SMTP settings

- And many more scenarios.

This can be resolved very easily by either adding a hidden username/password field to the top of the page code to trap this browser autocomplete/autofill or using the autocomplete="off" css setting in the fields above.

This is a very simple fix that will save 100% of WHMCS users grief every day.

Comments (19)

photo
1

Sorry, myworks, you are just too fast for me... I edited the post while you were replying before... :)

If I paste in the code to that file I created and then browse back to my WHMCS back end the password and Username fields are still being filled in... See attached image if needed.

photo
1

No problem! LastPass might be treating those fields differently. We've confirmed our hook fix resolves the issue for normal browser autofill, like Safari or Chrome. We use 1Password internally and it doesn't automatically autofill, so we've never seen that Lastpass issue before. You might have to reach out to LastPass and ask them if there's a setting to not Autofill on a specific domain, or to turn off autofill.

photo
photo
1

Finally got it working properly!

It turns out LastPass has a setting you have to enable in order to force it to respect the autofill=off stuff. For anyone needing this info go to LastPass Preferences > Advanced > Respect AutoComplete=off: allow websites to disable AutoFill.

EDIT: You have to add the tag data-lpignore="true" to the code that myworksdesign provided. I added it to the last section as shown below. Now LastPass no longer autofills the Username or Password forms on my account pages but it still allows me to log into the back end by clicking the LastPass icon in the fields if needed.

  1. <label for="pw">Password</label> <input id="pw" readonly type="password" data-lpignore="true" onfocus="if (this.hasAttribute(&#39;readonly&#39;)) { this.removeAttribute(&#39;readonly&#39;); this.blur(); this.focus(); }" /> </form>

photo
1

Just wanted to update this topic with a finding that ios12 (Public Beta 4, at least) now tries to suggest a saved password when viewing any client summary/profile page in mobile in the WHMCS Admin - by thinking the Client Select Dropdown (used to switch to view a different client) needs to be autofilled, for some reason.

We opened this issue in a ticket with WHMCS - but in the meantime, it's easy to resolve by simply hiding this dropdown in mobile - it's not like we ever use it anyways (isn't that what the search in the top right of WHMCS is for?).

Attached the updated hooks file to share.