So we recently purchased a number of companies who use Ubersmith as their billing system.
As I’ve mentioned before, we use WHMCS. Ubersmith weren’t overly helpful with extracting our customers’ credit card data, so I had to spend some time playing about with ubersmith. As it turned out, it wasn’t hard at all to pull credit card data out. Most of my required code was in re-encrypting it to store it back into the database with a encryption format so we can pull it out with our standard merge scripts to import into our WHMCS install.
First we want a table to store the data in.
|
1 2 3 4 5 6 |
create table whmcs_merge_carddata ( billing_info_id INTEGER NOT NULL, cc_num VARCHAR(64), cc_cvv2 VARCHAR(64), cc_issuenr VARCHAR(64) ); |
I then placed the below script in the ubersmith web root. And popped a copy of lib_crypt.php (from https://sourceforge.net/projects/warp-cms/files/smart-framework/ library) into the parent directory – just so it wasn’t polluting the ubersmith install.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
<?PHP $_SERVER['SERVER_NAME'] = $_SERVER['argv'][1]; require_once( 'incs.php' ); require_once('../lib_crypt.php'); // This is a temporary hash to be used by our import routine later $new_cc_encryption_hash='ApPTRYWQCF4LqMvYObfENwlaVd4VzBeZQUJyJwfb29NiM97qbcVOy6Ok9J6zbbpR'; $he_key2 = md5 (md5 ($new_cc_encryption_hash)) . md5 ($new_cc_encryption_hash); $he_new = new hash_encryption($he_key2); class ExtractCard extends sb_ccbackend { public function getRaw($id) { return parent::_get_raw($id); } } $backend = new ExtractCard(); $result = $_SESSION['DB']->query("select i.billing_info_id, c.class_id, i.cc_num from billing_info i JOIN CLIENT c ON c.clientid=i.clientid where c.active=1 and i.payment_type='cc'"); $results = []; while (($row = $result->fetchRow())) { $results[] = $row; } foreach ($results as $row) { $card = $backend->getRaw($row['billing_info_id']); $sql = "INSERT INTO whmcs_merge_carddata (billing_info_id, cc_num, cc_cvv2, cc_issuenr) values (?, ?, ?, ?)"; // Encrypt the values with our temporary hash $qargs = array( $row['billing_info_id'], $he_new->encrypt($card[0].$row['cc_num']), $he_new->encrypt($card[1]), $he_new->encrypt($card[2]) ); $result2 = $_SESSION['DB']->query($sql, $qargs); echo "Inserting record ".$row['billing_info_id']."\n"; } ?> |
After this, it was a simple matter of running “php extractcards.php ubsermith.panel.url.here”, and all cards were saved into the whmcs_merge_carddata table, ready for our merge scripts.