Does anybody know if there is prove or a log that a customer checked the terms and conditions box at the checkout page? We need this for our payment provider to prove that the customer has checked the box.
Hope someone can give us this answer.
Kind regards
No. Logging the checkbox state is not standard with Magento and would need to be implemented using 3rd party customizations.
The proof can be based on the fact that they placed the order. If the Terms & Condition checkbox is required, the only way for them to proceed to place the order would be to check the box.
Related
Now, I want to output something when the user register my site, how to make the condition, namely:
If()
If the user register my site, then on the page echo something.eg:
When the user is not registered on my site, the page echo "test". If he is registered on my site, then echo "hello." But when he logged in my site the second time, the page should also echo "test".
How to make the condition. Thank you.
try this
if(Mage::helper('customer')->isLoggedIn()){
}
From my understanding capturing the login event could be useful for what you want to achieve. See this detailed tutorial on how to do something very similar to what you are trying. On this case they are offering a reward for first order a client has made.
I have struggling with a bigger task and one of my middle steps was to capture an event, wich I accomplished by following the previous posted link. It was very useful.
Here is one of my questions about the subjetct (capturing events and redirecting), maybe it can help you too.
Suppose I have a RadioButtonList control:
<asp:RadioButtonList ID="rdbSubscriptionType" runat="server">
<asp:ListItem Value="Eval" Selected="True">Evaluation</asp:ListItem>
<asp:ListItem Value="Monthly" Enabled="false">Monthly Subscription (not available yet)</asp:ListItem>
<asp:ListItem Value="Yearly" Enabled="false">Yearly Subscription </asp:ListItem>
</asp:RadioButtonList>
A malicious user can indeed submit to the server with a POST action a ListItem with Enabled = "false". I would like to forbid this behavior.
On server side I can simply check:
if( rdbSubscriptionType.SelectedItem.Enabled == true)
but I am not sure whether a malicious user can change the enabled status of the control also from client side, with Javascript or similar techniques. Is there any best practice to perform this validation?
You need to think about the business rules that suround the decision to make something "disabled".
If the only check you're doing is based on what comes back from the front end, you're in trouble. Anyone can use FireBug to change a html value and have it posted to the server.
In your serverside code, what business rule do you follow to determine if the user submitting the form is authorised to perform any given action?
You say in the html that they're not allowed to do a monthly subscription. On what business basis do you decide this? Once you're clear about that you can put it into code and check when the form is posted.
No, the .Enabled property can't be changed with JavaScript, you're fine with what you have (test this for yourself to confirm). That said, there is a more thorough way of setting this up:
Use a separate model to populate the rdbSubscriptionType items collection (enabled, value and display text), then on the server side, compare against that model, not against the asp:RadioButtonList control itself.
I'm implementing a custom FedEx integration solution for a Magento site. Part of this is to add a signature requirement checkbox in the onepage checkout, and add $3 if this is checked. Unfortunately it seems that the FedEx Rate Web Service doesn't take any parameter regarding signature requirements, so I must manually add this cost to the order.
I was thinking about taking one of these two approaches, but I'm not sure will be best nor am I sure how to actually accomplish it:
Add $3 to whatever price FedEx returns
Create a new line item for this
Assuming that I have a handle on the $order, which solution would be best and how would I do it?
The code should run inside an observer method which is called by the checkout_controller_onepage_save_shipping_method event, which is triggered immediately after $this->getOnepage()->saveShippingMethod($data);. This means I can't add $3 when the FedEx API returns a result, as I won't know if the checkbox is checked until afterwards.
I came up with a solution; it's not the best but it works perfectly fine for me:
Magento fires an event when saving the shipping info. I grab the POST data and save it in the db as well as the address object.
If the checkbox has changed, have it reload that same tab instead of moving onto the payment step.
In the shipping quote, check the address object for the checkbox value. If set, add a certain amount to the quote result.
I have one question about shopping. I need aggregate one field Giftwrapped your order? Yes No. name=giftwrap id=giftwrap value=functionevalue(Radio) this validation is javascript and function, no problem with this. Now i have take the value giftwrap and send to group ajax and show this value in checkout review before confirm order, and then send the comment: the gift should be wrapped in the orden in the backend. I try, i search but no nothing functioned, please help.
Take a look at this Order Attributes extensions. It does exactly what you want for a relative cheap cost.
I am working on a sensible advert exchange system.
Most of the ones out there have crappy interfaces over crappy codes.
I want to do somthing different.
What are the things I need to consider when validating clicks and impressions to ensure the integrity of the system.
Thanks in advance. :)
Define what constitutes a valid click.
Define what constitutes a valid impression.
Ensure that your code can determine which actions pass these definitions and which don't.