If you want to develop a PHP script of your own that will be called by a scheduler such as CRON, and need to call nBill functions, or even
Mambo or Joomla functions for that matter,
there are security implications involved in providing an entry point into the application. nBill is
designed to allow custom scripts to be called through the component itself - thus preserving
Joomla or Mambo's index.php or index2.php as the entry point (index2.php is usually
preferable for CRON jobs because it will not output anything from your template).
To create a file that can be called using the method described here, you must include a line
containing a hash symbol, followed by the cron authorisation token - there should be nothing
else on that line, but the line can appear anywhere in the file.
Note: The file name must start with 'inv_cron_'.
You should also do a check for the presence of 2 constants (_VALID_MOS and
INV_CRON_ENTRY_CHECKED) BEFORE you do any processing. If either constant is not
defined, processing should be abandoned. For example, the start of your file might look like
this:
#nbill_cron
defined("_VALID_MOS") or die("Access Denied");
defined("INV_CRON_ENTRY_CHECKED") or die ("Access Denied");
//Now you can write your code here.
This will prevent anyone from executing your code by visiting the file directly in a browser.
Note that the CRON scheduler also should NOT try to access the file directly - processing
should be routed through the main index.php or index2.php file, as explained above. Also
note, that the actual cron authorisation token should be changed both here and in the nBill
global configuration page (use something random and not easily guessed - do not use the
default value 'nbill_cron' shown in the above example).
You can use the INV_BASE_PATH constant to get the full file path ('absolute path') to
Joomla/Mambo, in case you want to include any further files. All the normal Joomla and nBill
environment variables will be available for you to use.