Database validation on user registration

  • Posts: 72
  • Thank you received: 0
10 years 5 months ago #198651

-- HikaShop version -- : 2.4.0
-- Joomla version -- : 3.3.6
-- PHP version -- : 5.5.12

Dear Sir
I have a requirement that I need to add a custom filed for user table called phone number, now I need to validate this filed to be unique in database, its the same way it validate the email address and user id
can you point me to the right place to add such validation
thanks

Please Log in or Create an account to join the conversation.

  • Posts: 26274
  • Thank you received: 4045
  • MODERATOR
10 years 4 months ago #198692

Hi,

I will recommend you to use a little custom plugin with the trigger "onBeforeUserCreate" where you will have access to the user custom fields and where you will be able to check and validate the content :
www.hikashop.com/support/support/documen...umentation.html#user
You can also use the trigger "onBeforeUserUpdate" for cases where the user want to update his account (and change his phone number).

Regards,

Jerome - Obsidev.com
HikaMarket & HikaSerial developer / HikaShop core dev team.

Also helping the HikaShop support team when having some time or couldn't sleep.
By the way, do not send me private message, use the "contact us" form instead.

Please Log in or Create an account to join the conversation.

  • Posts: 72
  • Thank you received: 0
10 years 2 months ago #206479

Dear SIr
I tried to implement the plugin onBeforeUserCreate and it work, however (hikashop gives error that the mobile already exist) and the user is not created in hikashop_user table, however, joomla created the user in users table
Please advice how I can prevent joomla from creating the user
thanks

Please Log in or Create an account to join the conversation.

  • Posts: 84304
  • Thank you received: 13699
  • MODERATOR
10 years 2 months ago #206573

Hi,

You'll want to implement the onUserBeforeSave trigger (it's a Joomla trigger) in a Joomla user plugin and refuse the Joomla user account account creation by checking with the data in the $_POST.

Please Log in or Create an account to join the conversation.

  • Posts: 72
  • Thank you received: 0
10 years 2 months ago #206651

thanks
am not php expert however, I can mange to write some basic codes, here what I did to stop hikashop from creating the user,

function onBeforeUserCreate(&$element,&$do) {
$app = JFactory::getApplication();
$db = JFactory::getDbo();
$query = "SELECT `user_telephone` FROM `#__hikashop_user` WHERE `user_telephone` = '" . $element->user_telephone . "'";
$db->setQuery($query);
$user_telephone = $db->loadResult('user_telephone');

if ($user_telephone == $element->user_telephone ) {
$app->enqueueMessage(JText::_('USER_TELEPHONE_ALREADY_USED'));
$do = false;
return false;
}

}


Please advice where I need to add onUserBeforeSave
thanks

Please Log in or Create an account to join the conversation.

  • Posts: 84304
  • Thank you received: 13699
  • MODERATOR
10 years 2 months ago #206655

Hi,

As I said, you need to check the data in the POST.
$element contains the data that will be saved in the Joomla user table and thus doesn't contain the telephone of the user which is a HikaShop field.
So you need to look into $_POST (do a var_dump in the plugin) in order to get the exact variable name you can use to access the value entered by the customer.
Then, you can do your MySQL query for the check.

Also, the way you wrote your query, it is vulnerable to MySQL injections attacks. It should be written like that for security reasons:
$query = "SELECT `user_telephone` FROM `#__hikashop_user` WHERE `user_telephone` = " . $db->Quote($element->user_telephone);

Please Log in or Create an account to join the conversation.

Time to create page: 0.062 seconds
Powered by Kunena Forum