I've noticed that on Reseller Accounts that have the privilege to "Modify Account", are able to create an account without a package (using the package '----') by skiping their limits.

This package allows them to create infinite sites (even if it's being limited on the Reseller Center), and also with unlimited privileges, unlimited quota and unlimited bandwidth.

The Create Account script should notice if the Reseller User cannot create more websites (by looking at the Account Limit, and not only the Resource Limits); because when I use another package, it tells me that I cannot create more accounts, it just happens when I don't select a Package.

Also, as the package '----' (which I suspect is null), has no information on quota or bandwidth, both are set to 0 which should be none, but it becomes unlimited. As per that setting, the users are now having unlimited accounts with unlimited-limits, because the Resource Usage sums it as "zero", while it's "unlimited" actually. That should also get fixed.

It would be great that the Create Account doesn't allow a Reseller to create accounts with unlimited (or zero) limits, if they're not allowed to have unlimited privileges on the packages (or at least, if you'd add a new limit on reseller center, that could be clearer).

Also, it would be really good that the reseller CAN create an account without a package (by manually selecting the Quota and/or Bandwidth limits on the creation of that account) and that those limits get forced to be within the Reseller limits (accounts quantity, quota usage limits, bandwidth usage limits).

I've opened a Ticket by this bugs, but they told me just to remove the "Modify Account" SuperPriv, and it would work, in fact it DOES, but it DOESN'T allow me to let my customers modify their accounts (it does let them modify quota and bandwidth, since they are calculated to fit on the limits by the modify procedure). The option should be usable again. The ticket number is #627110 (if you need to see it).


If you need to test it on your server (to see if you're also affected by this):

1) Create a Reseller with this limits:
- Accounts Max: 2
- Quota Max: 200
- Bandwdith Max: 200
- Remember to allow the user the ability to do "Modify Account", "Modify Quota", and "Modify Bandwidth". The other features may or may not be selected.

2) Log in with that reseller.

3) Create at least 3 accounts, without choosing any package (leaving the "----" option selected)

4) Tadá, you should see that the reseller have 3 / 2 domains (plus your main reseller account), and they should all have unlimited features, unsummarized by quota or bandwith limits (since the limit value is 0).


As a temporary quick fix, you should allways check that the "Modify Account" is disabled on the Reseller Privileges, at least for now.