Post by haxcop » Thu Mar 25, 2021 11:33 pm

Hello Team,

I would like to know if anyone here could help me to solve this small issue.

Today I noticed one of my customers was able to place an order as a Guest using the same Details as he used previously for registration and past orders.
That said, Opencart should not allow to continue as a Guest and prompt for login if the customer details already exist (name + last name + email_address).

Thanks in advance,

New member

Posts

Joined
Tue Jan 14, 2014 9:38 pm
Location - Dublin

Post by straightlight » Thu Mar 25, 2021 11:53 pm

haxcop wrote:
Thu Mar 25, 2021 11:33 pm
Hello Team,

I would like to know if anyone here could help me to solve this small issue.

Today I noticed one of my customers was able to place an order as a Guest using the same Details as he used previously for registration and past orders.
That said, Opencart should not allow to continue as a Guest and prompt for login if the customer details already exist (name + last name + email_address).

Thanks in advance,
Posted in Bug Reports; OC version.

The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.


Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by haxcop » Thu Mar 25, 2021 11:59 pm

straightlight wrote:
Thu Mar 25, 2021 11:53 pm
haxcop wrote:
Thu Mar 25, 2021 11:33 pm
Hello Team,

I would like to know if anyone here could help me to solve this small issue.

Today I noticed one of my customers was able to place an order as a Guest using the same Details as he used previously for registration and past orders.
That said, Opencart should not allow to continue as a Guest and prompt for login if the customer details already exist (name + last name + email_address).

Thanks in advance,
Posted in Bug Reports; OC version.
You are correct I missed that very important detail.
Opencart Version - 3.0.3.6

New member

Posts

Joined
Tue Jan 14, 2014 9:38 pm
Location - Dublin

Post by straightlight » Fri Mar 26, 2021 12:08 am

haxcop wrote:
Thu Mar 25, 2021 11:59 pm
straightlight wrote:
Thu Mar 25, 2021 11:53 pm
haxcop wrote:
Thu Mar 25, 2021 11:33 pm
Hello Team,

I would like to know if anyone here could help me to solve this small issue.

Today I noticed one of my customers was able to place an order as a Guest using the same Details as he used previously for registration and past orders.
That said, Opencart should not allow to continue as a Guest and prompt for login if the customer details already exist (name + last name + email_address).

Thanks in advance,
Posted in Bug Reports; OC version.
You are correct I missed that very important detail.
Opencart Version - 3.0.3.6
No problem. As for the bolded statement you're addressing about, each order IDs are unique which means, not only for security (and nowadays not only for laws reasons), customers do have the right to enter differentiated, but valid, information during checkout in accordance to PCI compliance. An account does not need to be matched with the customer's personal data information from a created account on an E-Commerce website while filling a service procurement order during checkout.

The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.


Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by haxcop » Fri Mar 26, 2021 12:33 am

straightlight wrote:
Fri Mar 26, 2021 12:08 am
haxcop wrote:
Thu Mar 25, 2021 11:59 pm
straightlight wrote:
Thu Mar 25, 2021 11:53 pm


Posted in Bug Reports; OC version.
You are correct I missed that very important detail.
Opencart Version - 3.0.3.6
No problem. As for the bolded statement you're addressing about, each order IDs are unique which means, not only for security (and nowadays not only for laws reasons), customers do have the right to enter differentiated, but valid, information during checkout in accordance to PCI compliance. An account does not need to be matched with the customer's personal data information from a created account on an E-Commerce website while filling a service procurement order during checkout.
Thanks for your prompt reply.
I don't mean "order_id", I mean "customer_id" is linked to unique contents in the tables which one of these must be always unique like customer email correct?
Well as Q.A. perspective and customer care it is not a good option to have multiple orders from the "same" customer "email" but not all allocated under the same "customer_id"

My reason is:
My customer contacts me in regards to his last order, so I look into the customer section and locate his account but I could not see the order in question, which makes me spend more time looking for it until I noticed the difference that the order was placed correctly but out of his current account, as a guest user, even when he used the same email address.

In these terms, the system should be able to identify the email in use for guest accounts if is already registered and ask the user to log in or use a different email address.

So I add to add the customer_id number in the orders table so I could help him and have a proper record of the problem/solution

I see more benefits than issues in this regards,
Let me know what you think?

Thanks,

New member

Posts

Joined
Tue Jan 14, 2014 9:38 pm
Location - Dublin

Post by straightlight » Fri Mar 26, 2021 12:42 am

haxcop wrote:
Fri Mar 26, 2021 12:33 am
straightlight wrote:
Fri Mar 26, 2021 12:08 am
haxcop wrote:
Thu Mar 25, 2021 11:59 pm


You are correct I missed that very important detail.
Opencart Version - 3.0.3.6
No problem. As for the bolded statement you're addressing about, each order IDs are unique which means, not only for security (and nowadays not only for laws reasons), customers do have the right to enter differentiated, but valid, information during checkout in accordance to PCI compliance. An account does not need to be matched with the customer's personal data information from a created account on an E-Commerce website while filling a service procurement order during checkout.
Thanks for your prompt reply.
I don't mean "order_id", I mean "customer_id" is linked to unique contents in the tables which one of these must be always unique like customer email correct?
Well as Q.A. perspective and customer care it is not a good option to have multiple orders from the "same" customer "email" but not all allocated under the same "customer_id"

My reason is:
My customer contacts me in regards to his last order, so I look into the customer section and locate his account but I could not see the order in question, which makes me spend more time looking for it until I noticed the difference that the order was placed correctly but out of his current account, as a guest user, even when he used the same email address.

In these terms, the system should be able to identify the email in use for guest accounts if is already registered and ask the user to log in or use a different email address.

So I add to add the customer_id number in the orders table so I could help him and have a proper record of the problem/solution

I see more benefits than issues in this regards,
Let me know what you think?

Thanks,
The change you're referring about with the customer ID has been added on the master branch as an admin order filter already but not on previous OC versions. Which is why, on this day, you're suggesting that change to be made. However, it is already done. It's just not implemented into the OC version you are currently using.

The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.


Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by ADD Creative » Fri Mar 26, 2021 1:03 am

A quick workaround and probably not very user friendly, would be to add the following just after.
https://github.com/opencart/opencart/bl ... #L172-L174

Code: Select all

$this->load->model('account/customer');

if ($this->model_account_customer->getTotalCustomersByEmail($this->request->post['email'])) {
	$json['error']['warning'] = $this->language->get('error_exists');
}

www.add-creative.co.uk


Expert Member

Posts

Joined
Sat Jan 14, 2012 1:02 am
Location - United Kingdom

Post by haxcop » Fri Mar 26, 2021 1:16 am

straightlight wrote:
Fri Mar 26, 2021 12:42 am
haxcop wrote:
Fri Mar 26, 2021 12:33 am
straightlight wrote:
Fri Mar 26, 2021 12:08 am


No problem. As for the bolded statement you're addressing about, each order IDs are unique which means, not only for security (and nowadays not only for laws reasons), customers do have the right to enter differentiated, but valid, information during checkout in accordance to PCI compliance. An account does not need to be matched with the customer's personal data information from a created account on an E-Commerce website while filling a service procurement order during checkout.
Thanks for your prompt reply.
I don't mean "order_id", I mean "customer_id" is linked to unique contents in the tables which one of these must be always unique like customer email correct?
Well as Q.A. perspective and customer care it is not a good option to have multiple orders from the "same" customer "email" but not all allocated under the same "customer_id"

My reason is:
My customer contacts me in regards to his last order, so I look into the customer section and locate his account but I could not see the order in question, which makes me spend more time looking for it until I noticed the difference that the order was placed correctly but out of his current account, as a guest user, even when he used the same email address.

In these terms, the system should be able to identify the email in use for guest accounts if is already registered and ask the user to log in or use a different email address.

So I add to add the customer_id number in the orders table so I could help him and have a proper record of the problem/solution

I see more benefits than issues in this regards,
Let me know what you think?

Thanks,
The change you're referring about with the customer ID has been added on the master branch as an admin order filter already but not on previous OC versions. Which is why, on this day, you're suggesting that change to be made. However, it is already done. It's just not implemented into the OC version you are currently using.
Thanks for the prompt reply,

Ok in that case that's good to know - perhaps do you know where the change is located So I could easily pick up and implement it?
Thanks again,

New member

Posts

Joined
Tue Jan 14, 2014 9:38 pm
Location - Dublin

Post by haxcop » Fri Mar 26, 2021 1:18 am

ADD Creative wrote:
Fri Mar 26, 2021 1:03 am
A quick workaround and probably not very user friendly, would be to add the following just after.
https://github.com/opencart/opencart/bl ... #L172-L174

Code: Select all

$this->load->model('account/customer');

if ($this->model_account_customer->getTotalCustomersByEmail($this->request->post['email'])) {
	$json['error']['warning'] = $this->language->get('error_exists');
}
Hi ADD Creative,

Thanks for the support and quick work on this thread, I will try and test your workaround,

regards,

New member

Posts

Joined
Tue Jan 14, 2014 9:38 pm
Location - Dublin

Post by haxcop » Fri Mar 26, 2021 2:29 am

ADD Creative wrote:
Fri Mar 26, 2021 1:03 am
A quick workaround and probably not very user friendly, would be to add the following just after.
https://github.com/opencart/opencart/bl ... #L172-L174

Code: Select all

$this->load->model('account/customer');

if ($this->model_account_customer->getTotalCustomersByEmail($this->request->post['email'])) {
	$json['error']['warning'] = $this->language->get('error_exists');
}
I have tried the modification manually on the file and works as expected Thank you!
Now another simple question you or anyone else with better coding experience than me could tell me why if I try to implement this modification via ocmod instead of directly on the file it will not work? is there any restriction on the controller files? or my guest.ocmod.xml file has something wrong that I can't see?...

Thanks in advance,

Code: Select all

<?xml version="1.0" encoding="UTF-8" ?>
<modification>
  <generator>Created with OpenIX - https://openix.io/en/tool/opencart/ocmod</generator>
  <name>guestcheckout</name>
  <version>1</version>
  <code>1</code>
  <author>add_creative</author>
  <link>https://forum.opencart.com/posting.php?mode=quote&f=201&p=817654</link>

  <file path="catalog/controller/checkout/guest.php">
    <operation>
      <search><![CDATA[if ((utf8_strlen($this->request->post['email']) > 96) || !filter_var($this->request->post['email'], FILTER_VALIDATE_EMAIL)) {
				$json['error']['email'] = $this->language->get('error_email');
			}]]></search>
      <add position="after"><![CDATA[$this->load->model('account/customer');

if ($this->model_account_customer->getTotalCustomersByEmail($this->request->post['email'])) {
	$json['error']['warning'] = $this->language->get('error_exists');
}]]></add>
    </operation>

  </file>

</modification>

New member

Posts

Joined
Tue Jan 14, 2014 9:38 pm
Location - Dublin

Post by mikeinterserv » Fri Mar 26, 2021 2:47 am

Change CODE to something meaningful not just 1
Check your modification log
Refresh modifications

Active Member

Posts

Joined
Thu May 28, 2020 6:55 am
Location - Wales

Post by haxcop » Fri Mar 26, 2021 3:05 am

mikeinterserv wrote:
Fri Mar 26, 2021 2:47 am
Change CODE to something meaningful not just 1
Check your modification log
Refresh modifications
Hi, Thanks for your reply,
Still not working and, yes I did a refresh and everything as usual... could it be something else?

regards,

New member

Posts

Joined
Tue Jan 14, 2014 9:38 pm
Location - Dublin

Post by mikeinterserv » Fri Mar 26, 2021 3:08 am

I will test it for you and see

Active Member

Posts

Joined
Thu May 28, 2020 6:55 am
Location - Wales

Post by mikeinterserv » Fri Mar 26, 2021 3:23 am

There are a few things that need fixing - I will fix them and repost the mod

Active Member

Posts

Joined
Thu May 28, 2020 6:55 am
Location - Wales

Post by mikeinterserv » Fri Mar 26, 2021 3:28 am

OK try this

Active Member

Posts

Joined
Thu May 28, 2020 6:55 am
Location - Wales

Post by haxcop » Fri Mar 26, 2021 8:30 am

mikeinterserv wrote:
Fri Mar 26, 2021 3:28 am
OK try this
Thanks that worked ;)
is interesting to see that works taking the after as a reference and adding it before instead of the top to bottom, a good workaround!

New member

Posts

Joined
Tue Jan 14, 2014 9:38 pm
Location - Dublin
Who is online

Users browsing this forum: No registered users and 7 guests