Monday 19 August 2013

Adding Customer Verification e-mail feature to an OpenCart solution

Thanks goes to Verido Software- og webløsninger. Now author's blog is sinked but fortunatly I've saved article in 2012. So I'm uploading that article just like I'm clone of wayback machine.

In this article I will cover how to quickly add customer registration confirmation e-mails containing a link to activate/approve the customer accounts in an OpenCart webshop themselves and begin shopping right away. This ultimately means that webshop administrators no longer have to approve all self-registering customer. A few additional layers of protection against Internet-bots and spam-bots are provided, e.g. Captcha during the registration and a verification e-mail with a one-time only activation link.



Many Content Management Systems, Forum systems and even webshops use the user verification e-mails for verifying that an e-mail account exists. However, OpenCart does not have this feature by default. Luckily there is an easy way to add this to your OpenCart installation. However, the code used in this example was developed for OpenCart version 1.5.1.3.1 and has not been tested with other versions of OpenCart. Although, with a slight amount of your own ingenuity I’m sure you can make it work for all versions of OpenCart.
You will need to change some core files in OpenCart for the e-mail verification to work, so I recommend you do a full backup before beginning this procedure. And once you have completed this e-mail verification tutorial I recommend doing a backup of the core files you edited. This way you won’t have to start all over in case you decide to update the OpenCart core files to a new version.



Overview of the procedure and files involved

  1. Update the Settings on your webshop 
    1. “Approve New Customers” = Yes
    2. Create database table ‘customer_verification’
    3. Add Captcha to user registration files
      1. /catalog/controller/account/register.php
      2. /catalog/language/english/account/register.php
      3. /catalog/view/theme/default/template/account/register.tpl
    4. Adding the verification code and changing the text in the registration confirmation e-mail
      1. /catalog/language/english/mail/customer.php
      2. /catalog/model/account/customer.php
    5. Adding verification page handlers
      1. /catalog/controller/account/verification.php
      2. /catalog/language/english/account/verification.php
      3. /catalog/view/theme/default/template/account/verification.tpl
    The changed sections of OpenCart core files have been denoted with the comment "/* CUSTOM */".

    Update the webshop's settings

    In order for the verification e-mail to - well, make sense - you need to first go to the Administration of your OpenCart webshop. Here go to "System » Settings" and at the row containing the store you wish to add these changes to click "Edit". Now go to the tab "Option", set "Approve New Customers" to "Yes" and click "Save".
    Now newly registered customers cannot log in to their accounts until they have been approved, which we through the modifications will allow these customers to do themselves. See how in the following text in this article.

    Create a database table for Account Verification

    "Why do I need a database table just for this?" you might ask, and the answer is simple: If you update your OpenCart solution and the structure of existing database tables is changed in this newer version, this entire account verification procedure will stop functioning. E.g. if using the "customer" table.
    Select the database for your OpenCart solution via your MySQL interface, e.g. phpmyadmin. Via the "SQL" tab insert the code below. I use the DB_PREFIX "oc_", and of course you must change this prefix to suit your database settings. If you are in doubt if you're using a DB_PREFIX check the "config.php" file in the root of your OpenCart installation.
    CREATE TABLE `oc_customer_verification( 
    `customer_idINT(11) NOT NULL, 
    `verification_codeVARCHAR(32) NOT NULL COLLATE utf8_bin,
     UNIQUE(`customer_id`) 
    ) ENGINE=MyISAM COLLATE utf8_bin

    Adding Captcha to user registration page/files

    The Captcha will prevent* Internet-bots from automatically registering customers in the OpenCart webshop. The very same Captcha is used in the contact form at the Contact page.
    * Bot-registration cannot be prevented entirely, but Captcha is a widely used, safe and well functioning system in the battle against harmful Internet-bots.
    Edited files:
    1. /catalog/controller/account/register.php
    2. /catalog/language/english/account/register.php
    3. /catalog/view/theme/default/template/account/register.tpl

    Language: /catalog/language/english/account/register.php

    Add the Captcha text entries to this file. See the modified file here.
    If you're using a foreign language (e.i. not "english") remember to also update the register.php file in the account folder for your language of choice.

    Controller: /catalog/controller/account/register.php

    In this file we must add the new text messages from the language file to the data array, being the Captcha. See the modified file here.

    View: /catalog/view/theme/default/template/account/register.php

    This is where we display the Captcha information and include the Captcha check in the registration form. See the modified file here.
    In this example the "default" theme is used. Remember to update this file in the active theme in your OpenCart solution.

    Adding the verification code and changing the text in the registration confirmation e-mail

    Edited files:
    1. /catalog/language/english/mail/customer.php
    2. /catalog/model/account/customer.php

    Language: /catalog/language/english/mail/customer.php

    We have to inform that the customer must activate the account him/herself by clicking or inserting the link into a browser. See the modified file here.
    Again, remember to update the respective file in the language folder for the active language in your webshop.

    Model: /catalog/model/account/customer.php

    This is where the magic happens. In this file the customer verification code is created, which is a 32 character hex-code (md5 sum) based on the customer's ID and a random seed. Also, the e-mail message has been changed to feature the text from the language file above rather than the default message, informing the customer that a webshop administrator must approve the account - this is no longer the case.
    In this file we add the verification information to the database table 'oc_customer_verification' so that this information can be called later, when the customer clicks the link in the user verification e-mail.
    See the modified file here.

    Adding verification page handlers

    Lastly, and most importantly, the customer must be able to reach a page where the verification code can be interpreted and either confirmed or rejected.
    For this we have to add three new files to our OpenCart installation:
    1. /catalog/controller/account/verification.php
    2. /catalog/language/english/account/verification.php
    3. /catalog/view/theme/default/template/account/verification.tpl

    Language: /catalog/language/english/account/verification.php

    The language file contains the information displayed for customers who successfully approve their accounts. See the language file here.

    Controller: /catalog/controller/account/verification.php

    This file contains the code which matches the URL parameters in the verification link with the informations stored in the database table 'oc_customer_verification'. If the verification fails at any stage the user is redirected to the frontpage of the webshop.
    If the customer's id matches the verification code (md5 sum) in the database, the customer is approved and can then log in a start shopping. A successful customer verification also results in the verificaiton code being removed from the database table, meaning this code can only be used once.
    Webshop administrators can still disable customers by changing their status, preventing them from logging in the the webshop, if needed.
    See the controller file here.

    View: /catalog/view/theme/default/template/account/verification.tpl

    This file displays the actual page when a customer successfully verifies his/her account.
    See the view/theme file here.
    Remember to add this file to the folder of the theme you use in your OpenCart solution.

    Conclusion

    You now have a fully functional and safe way to allow customers to begin shopping in your webshop right after registering. As webshop administrator you do not have to intervene, unless the customer needs to be disabled in case of abuse or violation of the webshops/websites code of conduct.

    Files

    Download: OpenCart user verification.zip
    This ZIP-file contains the PHP files needed to add customer verification e-mails to an OpenCart solution (version 1.5.1.3.1).
     
    kafoso

    12 comments:

    1. Thank you very much, very helpful to me. Works on opencart 1.5.5.1; sorry for my English, I do not talk much. Thanks

      ReplyDelete
    2. This comment has been removed by the author.

      ReplyDelete
    3. This comment has been removed by the author.

      ReplyDelete
    4. Nice tutorial,Really helpful to me,Click here to find php email verification script

      ReplyDelete
    5. thanks a lot !!! .Working in opencart 2

      ReplyDelete
    6. Thanks a lot...very useful article.

      ReplyDelete
    7. hi it works . but when customer clicks verification link "it enables all unverified customer accounts"..

      ReplyDelete
    8. Please provide us the verification zip files for 2.1.0.1

      ReplyDelete
    9. Same Problem here. It works but when customer clicks verification link it enables all unverified customer accounts

      ReplyDelete
    10. I think this is an informative post and it is very beneficial and knowledgeable. Therefore, I would like to thank you for the endeavors that you have made in writing this article. All the content is absolutely well-researched. Thanks... 먹튀

      ReplyDelete