General Data Protection Rules GDPR

[Adrian Ciocîrlan]

Attaching a zip of two items from my site. Page to request removal and privacy check added to the database with date for annual checkup. Not a plugin, just some quick instructions and the base code setup in folder format. Privacy, If its more then a year, they will get nag to review and check the privacy box on each login. How you use is up to you.

Thank You very much

I installed the mod but i have a question, if you could shed some light...

Case: When a new customer creates an account, if the Regulations> Confirm Privacy Notice During Account Creation Procedure is set to True he has to check the confirmation box to go further (otherwise he can't continue), but this action doesn't record the acceptance anywhere and he can place the order with nothing recorded in the privacy_conditions fields in the DB.
Only after he logs in the next time he is forced to accept the "real privacy - the one in the module" and the action is indeed recorded.
Is there a possibility to validate Privacy and also create the DB record at create account level? Because at the moment he is obligated to accept the privacy twice - once at create account level, and once at privacy page level...

Thanks again,
Adrian

[simon1066]

Thank You very much

I installed the mod but i have a question, if you could shed some light...

Case: When a new customer creates an account, if the Regulations> Confirm Privacy Notice During Account Creation Procedure is set to True he has to check the confirmation box to go further (otherwise he can't continue), but this action doesn't record the acceptance anywhere and he can place the order with nothing recorded in the privacy_conditions fields in the DB.
Only after he logs in the next time he is forced to accept the "real privacy - the one in the module" and the action is indeed recorded.
Is there a possibility to validate Privacy and also create the DB record at create account level? Because at the moment he is obligated to accept the privacy twice - once at create account level, and once at privacy page level...

Thanks again,
Adrian

Have you tried this mod in an earlier post by jsweb? I think it does all that you need.

[Adrian Ciocîrlan]

I tried it, but my site crashes, merged the files twice, I' don't know what I did wrong, davewest's mod works but i only have the problems mentioned earlier. waiting for his answer...

A

[simon1066]

If you find davewest's mod can't do what you want, post any error messages you had - I've installed that mod I referred to and it's working fine (only one issue I had to resolve).

[Adrian Ciocîrlan]

If you find davewest's mod can't do what you want, post any error messages you had - I've installed that mod I referred to and it's working fine (only one issue I had to resolve).

In is not actually an error, at create account page you thick the Zen Cart's default Privacy box, nothing is recorded and you can go further to the next step and place the order, but no Privacy acceptance is recorded!!! in the database fields.
Only after you log out and login again the mod prompts Privacy Page with message that you need to agree with the Policy to continue shopping. But since you already have agreed at create account page level then you have to agree twice ...

I would like the NEW user to be able to agree the mod's Privacy checkbox not Zen Cart's default checkbox at create account page level and that should be enough, without having to agree again when he logs in.

For existing accounts it's working fine - when they visit the site next time, they will be prompted that they have to agree to continue which is what we need.

I'm using V 1.5.1 - forgot to mention


10x

[simon1066]

In is not actually an error, at create account page you thick the Zen Cart's default Privacy box, nothing is recorded and you can go further to the next step and place the order, but no Privacy acceptance is recorded!!! in the database fields.
Only after you log out and login again the mod prompts Privacy Page with message that you need to agree with the Policy to continue shopping. But since you already have agreed at create account page level then you have to agree twice ...

I would like the NEW user to be able to agree the mod's Privacy checkbox not Zen Cart's default checkbox at create account page level and that should be enough, without having to agree again when he logs in.

For existing accounts it's working fine - when they visit the site next time, they will be prompted that they have to agree to continue which is what we need.

I'm using V 1.5.1 - forgot to mention


10x

Oops sorry, I didn't word my email very well. I was actually referring to errors you experienced using the JSWeb mod - when your site crashed, in case you decide to revisit that mod.

[davewest]

Sorry, I don't use the create account page and had to go back and get/match code.

The includes/modules/create_account.php if you modified this file then it would be in your template folder. If you are using COWOA or COWAA it would be the same for the register, and no_account modules too.

Standard input check, then storing the info into the database. The date is auto created for the time of creation.

look for this set of lines:

Code:

 if (isset($_POST['email_format'])) { 
    $email_format = zen_db_prepare_input($_POST['email_format']); 
  } 

  if (ACCOUNT_COMPANY == 'true') $company = zen_db_prepare_input($_POST['company']); 
  $firstname = zen_db_prepare_input(zen_sanitize_string($_POST['firstname'])); 
  $lastname = zen_db_prepare_input(zen_sanitize_string($_POST['lastname'])); 
  $nick = zen_db_prepare_input($_POST['nick']); 
  if (ACCOUNT_DOB == 'true') $dob = zen_db_prepare_input($_POST['dob']);

add this line above ACCOUNT_COMPANY

Code:

 
 if  (DISPLAY_PRIVACY_CONDITIONS == 'true') $privacy_conditions =  zen_db_prepare_input($_POST['privacy_conditions']); //added for gdpr

Then on the database sql or look for this set of lines:

Code:

     $sql_data_array = array(array('fieldName'=>'customers_firstname',  'value'=>$firstname, 'type'=>'stringIgnoreNull'), 
                           array('fieldName'=>'customers_lastname', 'value'=>$lastname, 'type'=>'stringIgnoreNull'), 
                            array('fieldName'=>'customers_email_address',  'value'=>$email_address, 'type'=>'stringIgnoreNull'), 
                           array('fieldName'=>'customers_nick', 'value'=>$nick, 'type'=>'stringIgnoreNull'), 
                           array('fieldName'=>'customers_telephone', 'value'=>$telephone, 'type'=>'stringIgnoreNull'), 
                           array('fieldName'=>'customers_fax', 'value'=>$fax, 'type'=>'stringIgnoreNull'), 
                           array('fieldName'=>'customers_newsletter', 'value'=>$newsletter, 'type'=>'integer'), 
                            array('fieldName'=>'customers_email_format',  'value'=>$email_format, 'type'=>'stringIgnoreNull'), 
                           array('fieldName'=>'customers_default_address_id', 'value'=>0, 'type'=>'integer'), 
                            array('fieldName'=>'customers_password',  'value'=>zen_encrypt_password($password),  'type'=>'stringIgnoreNull'), 
                            array('fieldName'=>'customers_authorization',  'value'=>$customers_authorization, 'type'=>'integer'),
    );

add to the bottom:

Code:

  
                            array('fieldName'=>'customers_privacy_conditions',  'value'=>$privacy_conditions, 'type'=>'integer'), 
                           array('fieldName'=>'customers_privacy_date', 'value'=>now(), 'type'=>'date'),

corrected the upload... The added create_account.php is from 155f

[Adrian Ciocîrlan]

Sorry, I don't use the create account page and had to go back and get/match code.

The includes/modules/create_account.php if you modified this file then it would be in your template folder. If you are using COWOA or COWAA it would be the same for the register, and no_account modules too.

Standard input check, then storing the info into the database. The date is auto created for the time of creation.

look for this set of lines:

Code:

 if (isset($_POST['email_format'])) { 
    $email_format = zen_db_prepare_input($_POST['email_format']); 
  } 

  if (ACCOUNT_COMPANY == 'true') $company = zen_db_prepare_input($_POST['company']); 
  $firstname = zen_db_prepare_input(zen_sanitize_string($_POST['firstname'])); 
  $lastname = zen_db_prepare_input(zen_sanitize_string($_POST['lastname'])); 
  $nick = zen_db_prepare_input($_POST['nick']); 
  if (ACCOUNT_DOB == 'true') $dob = zen_db_prepare_input($_POST['dob']);

add this line above ACCOUNT_COMPANY

Code:

 
 if  (DISPLAY_PRIVACY_CONDITIONS == 'true') $privacy_conditions =  zen_db_prepare_input($_POST['privacy_conditions']); //added for gdpr

Then on the database sql or look for this set of lines:

Code:

     $sql_data_array = array(array('fieldName'=>'customers_firstname',  'value'=>$firstname, 'type'=>'stringIgnoreNull'), 
                           array('fieldName'=>'customers_lastname', 'value'=>$lastname, 'type'=>'stringIgnoreNull'), 
                            array('fieldName'=>'customers_email_address',  'value'=>$email_address, 'type'=>'stringIgnoreNull'), 
                           array('fieldName'=>'customers_nick', 'value'=>$nick, 'type'=>'stringIgnoreNull'), 
                           array('fieldName'=>'customers_telephone', 'value'=>$telephone, 'type'=>'stringIgnoreNull'), 
                           array('fieldName'=>'customers_fax', 'value'=>$fax, 'type'=>'stringIgnoreNull'), 
                           array('fieldName'=>'customers_newsletter', 'value'=>$newsletter, 'type'=>'integer'), 
                            array('fieldName'=>'customers_email_format',  'value'=>$email_format, 'type'=>'stringIgnoreNull'), 
                           array('fieldName'=>'customers_default_address_id', 'value'=>0, 'type'=>'integer'), 
                            array('fieldName'=>'customers_password',  'value'=>zen_encrypt_password($password),  'type'=>'stringIgnoreNull'), 
                            array('fieldName'=>'customers_authorization',  'value'=>$customers_authorization, 'type'=>'integer'),
    );

add to the bottom:

Code:

  
                            array('fieldName'=>'customers_privacy_conditions',  'value'=>$privacy_conditions, 'type'=>'integer'), 
                           array('fieldName'=>'customers_privacy_date', 'value'=>now(), 'type'=>'date'),

corrected the upload... The added create_account.php is from 155f

I think it's the sql area i'm merging wrong, it is not working, the create acount page crashes after i click create account, i think it's because the lines are different, in 1.55 & i-m using 1.5.1.

I tried to adapt it in the sql array area, but i don't think i did it right, please tell me how the 1.5.1 version below should look like after adding the 2 lines you mentioned?

1.5.1 code without the 2 lines:

$sql_data_array = array('customers_firstname' => $firstname,
'customers_lastname' => $lastname,
'customers_email_address' => $email_address,
'customers_nick' => $nick,
'customers_telephone' => $telephone,
'customers_fax' => $fax,
'customers_newsletter' => (int)$newsletter,
'customers_email_format' => $email_format,
'customers_default_address_id' => 0,
'customers_password' => zen_encrypt_password($password),
'customers_authorization' => (int)CUSTOMERS_APPROVAL_AUTHORIZATION

[davewest]

I don't have any testing setup to go back that far, but this should be it, pay attention to the commas.

Code:

'customers_authorization' => (int)CUSTOMERS_APPROVAL_AUTHORIZATION,
                            'customers_privacy_conditions' => (int)$privacy_conditions, 
                            'customers_privacy_date' => now()
);

[Adrian Ciocîrlan]

I don't have any testing setup to go back that far, but this should be it, pay attention to the commas.

Code:

'customers_authorization' => (int)CUSTOMERS_APPROVAL_AUTHORIZATION,
                            'customers_privacy_conditions' => (int)$privacy_conditions, 
                            'customers_privacy_date' => now()
);

10x again,

but it doesn't seem to do the job, i'm pulling my hair off, the create_account.php modifications break the site when i go ahead and i hit create account button, it returns 500 error, if I remove these lines everything goes back to normal. Can't figure out why these 3 lines break it i put them exactly where they are supposed to go, checked for commas...

Maybe it doesen't communicate with the db, or looking for non existing tables...
The 2 tables that i'm thinking should record the action are those created by the sql patch customers_privacy_conditions and customers_privacy_date.
Should there be more than these? duno