General Data Protection Rules GDPR

**DLegend10** · 28 Apr 2021, 09:34 AM

Hi, I've installed the Cookie Control plugin, is there a way to disable the timer? I need the consent page to appear and stay on the screen until the user clicks ok? Thanks

**garden** · 2 Jan 2022, 08:26 PM

Hi, I have a question if someone solved according to the new cookies opt-in according to the EU gdpr. I have updated the cookie control to the latest version, but it does not address the division of cookies into permanent, analytical, marketing, advertising, others. External services may be fine, but they only partially solve the problem. thank you for answer

**shrimp-gumbo-mmmhhh** · 11 Jan 2022, 08:31 PM

Just a heads up. The admin/customers.php has a call to a nonexistant zen_admin_demo which causes the delete customer function to fail.

**Dastyen** · 16 Feb 2022, 01:17 PM

Hello

Anyone knows about this new rules ?

consentmanager.net Newsletter 02/2022

Hello ---------------,

We're excited to announce the latest update that has gone live! Among many new things, these are the most important features available with the new update:
Illegal #1: Google Fonts illegal?
At the end of January, the Munich Regional Court had to deal with the topic of Google Fonts (integrating fonts into a website). The court ruled that embedding Google Fonts via Google's server without consent was illegal and awarded the plaintiff damages. As you are used to from consentmanager, we reacted directly and in this month's update created the possibility to block Google Fonts and other external font and style elements (automatic blocking: Menu > CMPs > Edit > Other settings > Block stylesheets or manual blocking via code customization, see help).
Our recommendation: Activate blocking or, best of all, simply download the fonts and place them on your own server.
Illegal #2: Google Analytics illegal?
In addition to Google Fonts, Google Analytics was also recently "under fire": In Austria, the data protection authority decided in a case that Google Analytics was not compatible with the principles of the GDPR, since data is sent to the USA and there is no adequate level of protection. The website operator was therefore prohibited from using Google Analytics (especially since an insufficient consent banner was used in this case). A little later, the Dutch and French data protection authorities followed and also ruled that the (unprotected) integration of Google Analytics was not GDPR-compliant. It can be assumed that other data protection authorities of other countries will follow.
Our recommendation: Only use Google Analytics when consent is given or look for alternatives that are friendly to data protection (e.g. etracker or Matomo).
Illegal #3: IAB TCF illegal?
The Belgian data protection authority has also caused a stir. This had to decide on the IAB TCF standard. The authority found that under the current circumstances, the IAB Transparency and Consent Framework, as well as IAB Europe as the administrative body behind the standard, do not meet various conditions of the GDPR. The IAB has now been given a two-month period to develop an "Action Plan" with proposed changes. The proposed changes are intended to show how the TCF can be redesigned to be GDPR compliant. The IAB Europe has since appealed against the decision. We have collected more details in our FAQ (german).
Our recommendation: If you have nothing to do with online advertising (e.g. e-commerce or company websites), you should not use the IAB TCF standard. If you can't do without it, you shouldn't panic now, but wait and see how the situation develops.
Purposes & Slider
Also new this month is the possibility of rearranging and sorting purposes: Simply "drag" the entry and move it to where it should appear.

**Dastyen** · 21 Mar 2022, 02:03 PM

Hello.

I just notice when you make delete a customer can't sign in of course but when he try to apply the module forgot my password the dat abase not pop up the message sorry we re not in our data this email account, just said ( Thank you. If that email address is in our system, we will send password recovery instructions to that email address.) of course not send any email to the customer but the right it is (sorry we re not in our data this email account)

**simon1066** · 5 Jan 2023, 02:08 PM

I'm attempting to integrate my GDPR customisations (I think they were from JSWeb's mod) into ZC v1.5.8. In /includes/modules/MY_TEMPLATE/create_account.php

I have, in ZC v1.5.7d, the additional code in red

Code:

 if ($error == true) {
    // hook notifier class
    $zco_notifier->notify('NOTIFY_FAILURE_DURING_CREATE_ACCOUNT');
  } elseif ($antiSpam != '') {
    $zco_notifier->notify('NOTIFY_SPAM_DETECTED_DURING_CREATE_ACCOUNT');
    $messageStack->add_session('header', (defined('ERROR_CREATE_ACCOUNT_SPAM_DETECTED') ? ERROR_CREATE_ACCOUNT_SPAM_DETECTED : 'Thank you, your account request has been submitted for review.'), 'success');
    zen_redirect(zen_href_link(FILENAME_SHOPPING_CART));
  } else {
    $sql_data_array = array(array('fieldName'=>'customers_firstname', 'value'=>$firstname, 'type'=>'stringIgnoreNull'),
                           array('fieldName'=>'customers_lastname', 'value'=>$lastname, 'type'=>'stringIgnoreNull'),
                           array('fieldName'=>'customers_email_address', 'value'=>$email_address, 'type'=>'stringIgnoreNull'),
                           array('fieldName'=>'customers_nick', 'value'=>$nick, 'type'=>'stringIgnoreNull'),
                           array('fieldName'=>'customers_telephone', 'value'=>$telephone, 'type'=>'stringIgnoreNull'),
                           array('fieldName'=>'customers_fax', 'value'=>$fax, 'type'=>'stringIgnoreNull'),
                           array('fieldName'=>'customers_newsletter', 'value'=>$newsletter, 'type'=>'integer'),
                           array('fieldName'=>'customers_email_format', 'value'=>$email_format, 'type'=>'stringIgnoreNull'),
                           array('fieldName'=>'customers_default_address_id', 'value'=>0, 'type'=>'integer'),
			   array('fieldName'=>'gdpr_accept', 'value'=>$gdpr_accept, 'type'=>'integer'),
                           array('fieldName'=>'gdpr_accept_date', 'value'=>date('Y-m-d H:i:s'), 'type'=>'date'),
                           array('fieldName'=>'customers_password', 'value'=>zen_encrypt_password($password), 'type'=>'stringIgnoreNull'),
                           array('fieldName'=>'customers_authorization', 'value'=>$customers_authorization, 'type'=>'integer'),
    );

    if ((CUSTOMERS_REFERRAL_STATUS == '2' and $customers_referral != '')) $sql_data_array[] = array('fieldName'=>'customers_referral', 'value'=>$customers_referral, 'type'=>'stringIgnoreNull');
    if (ACCOUNT_GENDER == 'true') $sql_data_array[] = array('fieldName'=>'customers_gender', 'value'=>$gender, 'type'=>'stringIgnoreNull');
    if (ACCOUNT_DOB == 'true')  $sql_data_array[] = array('fieldName'=>'customers_dob', 'value'=>empty($_POST['dob']) || $dob_entered == '0001-01-01 00:00:00' ? zen_db_prepare_input('0001-01-01 00:00:00') : zen_date_raw($_POST['dob']), 'type'=>'date');

    $db->perform(TABLE_CUSTOMERS, $sql_data_array);

    $_SESSION['customer_id'] = $db->Insert_ID();

    $zco_notifier->notify('NOTIFY_MODULE_CREATE_ACCOUNT_ADDED_CUSTOMER_RECORD', array_merge(array('customer_id' => $_SESSION['customer_id']), $sql_data_array));


    $sql_data_array = array(array('fieldName'=>'customers_id', 'value'=>$_SESSION['customer_id'], 'type'=>'integer'),
                            array('fieldName'=>'entry_firstname', 'value'=>$firstname, 'type'=>'stringIgnoreNull'),
                            array('fieldName'=>'entry_lastname', 'value'=>$lastname, 'type'=>'stringIgnoreNull'),
                            array('fieldName'=>'entry_street_address', 'value'=>$street_address, 'type'=>'stringIgnoreNull'),
                            array('fieldName'=>'entry_postcode', 'value'=>$postcode, 'type'=>'stringIgnoreNull'),
                            array('fieldName'=>'entry_city', 'value'=>$city, 'type'=>'stringIgnoreNull'),
                            array('fieldName'=>'entry_country_id', 'value'=>$country, 'type'=>'integer'),
    );

    if (ACCOUNT_GENDER == 'true') $sql_data_array[] = array('fieldName'=>'entry_gender', 'value'=>$gender, 'type'=>'stringIgnoreNull');
    if (ACCOUNT_COMPANY == 'true') $sql_data_array[] = array('fieldName'=>'entry_company', 'value'=>$company, 'type'=>'stringIgnoreNull');
    if (ACCOUNT_SUBURB == 'true') $sql_data_array[] = array('fieldName'=>'entry_suburb', 'value'=>$suburb, 'type'=>'stringIgnoreNull');

    if (ACCOUNT_STATE == 'true') {
      if ($zone_id > 0) {
        $sql_data_array[] = array('fieldName'=>'entry_zone_id', 'value'=>$zone_id, 'type'=>'integer');
        $sql_data_array[] = array('fieldName'=>'entry_state', 'value'=>'', 'type'=>'stringIgnoreNull');
      } else {
        $sql_data_array[] = array('fieldName'=>'entry_zone_id', 'value'=>0, 'type'=>'integer');
        $sql_data_array[] = array('fieldName'=>'entry_state', 'value'=>$state, 'type'=>'stringIgnoreNull');
      }
    }

    $db->perform(TABLE_ADDRESS_BOOK, $sql_data_array);

    $address_id = $db->Insert_ID();

    $zco_notifier->notify('NOTIFY_MODULE_CREATE_ACCOUNT_ADDED_ADDRESS_BOOK_RECORD', array_merge(array('address_id' => $address_id), $sql_data_array));

    $sql = "UPDATE " . TABLE_CUSTOMERS . "
              SET customers_default_address_id = '" . (int)$address_id . "'
              WHERE customers_id = '" . (int)$_SESSION['customer_id'] . "'";

    $db->Execute($sql);

    $sql = "INSERT INTO " . TABLE_CUSTOMERS_INFO . "
                          (customers_info_id, customers_info_number_of_logons,
                           customers_info_date_account_created, customers_info_date_of_last_logon)
              VALUES ('" . (int)$_SESSION['customer_id'] . "', '1', now(), now())";

    $db->Execute($sql);

    // do any 3rd-party nick creation
    $nick_email = $email_address;
    $zco_notifier->notify('NOTIFY_NICK_CREATE_NEW', $nick, $password, $nick_email, $extra_welcome_text);

    if (SESSION_RECREATE == 'True') {
      zen_session_recreate();
    }

    $_SESSION['customer_first_name'] = $firstname;
    $_SESSION['customer_last_name'] = $lastname;
    $_SESSION['customer_default_address_id'] = $address_id;
    $_SESSION['customer_country_id'] = $country;
    $_SESSION['customer_zone_id'] = $zone_id;
    $_SESSION['customers_authorization'] = $customers_authorization;

    // restore cart contents
    $_SESSION['cart']->restore_contents();

    // hook notifier class
    $zco_notifier->notify('NOTIFY_LOGIN_SUCCESS_VIA_CREATE_ACCOUNT', $email_address, $extra_welcome_text, $send_welcome_email);

in ZC v1.5.8 that part of the create_account.php file now reads

Code:

    if ($error == true) {
        // hook notifier class
        $zco_notifier->notify('NOTIFY_FAILURE_DURING_CREATE_ACCOUNT');
    } elseif ($antiSpam != '') {
        $zco_notifier->notify('NOTIFY_SPAM_DETECTED_DURING_CREATE_ACCOUNT');
        $messageStack->add_session('header', (defined('ERROR_CREATE_ACCOUNT_SPAM_DETECTED') ? ERROR_CREATE_ACCOUNT_SPAM_DETECTED : 'Thank you, your account request has been submitted for review.'), 'success');
        zen_redirect(zen_href_link(FILENAME_SHOPPING_CART));
    } else {

        $ip_address = zen_get_ip_address();

        $customer = new Customer;

        $data = compact(
            'firstname', 'lastname', 'email_address', 'nick', 'email_format', 'telephone', 'fax',
            'newsletter', 'password', 'customers_authorization', 'customers_referral',
            'gender', 'dob', 'company', 'street_address',
            'suburb', 'city', 'zone_id', 'state', 'postcode', 'country', 'ip_address'
        );

        $result = $customer->create($data);
        if (!empty($result)) {
            $customer->login($result['customers_id'], $restore_cart = true);
            if (SESSION_RECREATE == 'True') {
                zen_session_recreate();
            }
        }

        // do any 3rd-party nick creation
        $nick_email = $email_address;
        $zco_notifier->notify('NOTIFY_NICK_CREATE_NEW', $nick, $password, $nick_email, $extra_welcome_text);

        // hook notifier class
        $zco_notifier->notify('NOTIFY_LOGIN_SUCCESS_VIA_CREATE_ACCOUNT', $email_address, $extra_welcome_text, $send_welcome_email);

How do I incorporate my gdpr code into the new ZC v1.5.8 code? I had thought that something like this might be appropriate

Code:

$data = compact(
            'firstname', 'lastname', 'email_address', 'nick', 'email_format', 'telephone', 'fax',
            'newsletter', 'gdpr_accept', 'gdpr_accept_date', 'password', 'customers_authorization', 'customers_referral',
            'gender', 'dob', 'company', 'street_address',
            'suburb', 'city', 'zone_id', 'state', 'postcode', 'country', 'ip_address'
        );

but am not sure if that works for 'gdpr_accept_date' with its value of 'date'.

**strelitzia** · 11 Jan 2023, 03:32 PM

Your edit to /includes/modules/MY_TEMPLATE/create_account.php is correct.

You will also need to edit includes/classes/Customer.php, adding the following code at line 727.

Code:

/* bof gdpr */
$sql_data_array [] = ['fieldName'=>'gdpr_accept', 'value'=>$data['gdpr_accept'], 'type'=>'integer'];
$sql_data_array [] = ['fieldName'=>'gdpr_accept_date', 'value'=>date('Y-m-d H:i:s'), 'type'=>'date'];
/* eof gdpr */

**simon1066** · 11 Jan 2023, 03:36 PM

Originally Posted by strelitzia

Your edit to /includes/modules/MY_TEMPLATE/create_account.php is correct.

You will also need to edit includes/classes/Customer.php, adding the following code at line 727.

Code:

/* bof gdpr */
$sql_data_array [] = ['fieldName'=>'gdpr_accept', 'value'=>$data['gdpr_accept'], 'type'=>'integer'];
$sql_data_array [] = ['fieldName'=>'gdpr_accept_date', 'value'=>date('Y-m-d H:i:s'), 'type'=>'date'];
/* eof gdpr */

That's great, thank you for this.

**strelitzia** · 11 Jan 2023, 03:56 PM

Originally Posted by simon1066

That's great, thank you for this.

You're welcome.

If you get any further issues with it, let me know and I'll help you out.

I'll try and find time to update the package we offer via Zen Cart downloads!

**lat9** · 11 Jan 2023, 04:36 PM

Originally Posted by strelitzia

Your edit to /includes/modules/MY_TEMPLATE/create_account.php is correct.

You will also need to edit includes/classes/Customer.php, adding the following code at line 727.

Code:

/* bof gdpr */
$sql_data_array [] = ['fieldName'=>'gdpr_accept', 'value'=>$data['gdpr_accept'], 'type'=>'integer'];
$sql_data_array [] = ['fieldName'=>'gdpr_accept_date', 'value'=>date('Y-m-d H:i:s'), 'type'=>'date'];
/* eof gdpr */

FWIW, there is a notification issued by that class just after the base customer record has been created

Code:

        $this->notify('NOTIFY_MODULE_CREATE_ACCOUNT_ADDED_CUSTOMER_RECORD', array_merge(['customer_id' => $customer_id], $sql_data_array));

... which you could use via an observer-class to add those gpdr-related fields without carving up a core file.

Thread: General Data Protection Rules GDPR

Thread Tools

Search Thread

Display

Re: GDPR is Europe's new framework for data protection laws

Re: GDPR is Europe's new framework for data protection laws

Re: GDPR is Europe's new framework for data protection laws

Re: GDPR is Europe's new framework for data protection laws

Re: GDPR is Europe's new framework for data protection laws

Updating GDPR for ZC v1.5.8

Re: Updating GDPR for ZC v1.5.8

Re: Updating GDPR for ZC v1.5.8

Re: Updating GDPR for ZC v1.5.8

Re: Updating GDPR for ZC v1.5.8

Similar Threads

Product general in document general

Bookmarks

Bookmarks

Posting Permissions