Registered e-mail address can not check out as guest

Start
Prev
1
Next
End

GW
Topic Author
Offline

Posts: 200
Thank you received: 75

7 years 2 months ago #277481

-- HikaShop version -- : 3.1.1
-- Joomla version -- : 3.7.5

Hi,

recently we've had several returning customers who registered in the past, but don't remember they have an account or forgot their password and don't want to take the time to reset it, so they want to check out as a guest.

The system however doesn't allow this since it recognizes their e-mail address has been used before and gives an error message. We never thought this would be much of an issue, but we've actually had some complaints from customers about this and were wondering if anything can be done to allow a registered e-mail address still check out as a guest as well?

Thanks in advance for any help.

Please Log in or Create an account to join the conversation.

PolishedGeek
Offline
Official HikaShop Development Partner

Posts: 329
Thank you received: 94

7 years 2 months ago #277505

We also ran into this issue, which is more of a Joomla problem than a HikaShop issue. What we did is simply add a language override that provides a much more user friendly error message. Complaints dropped significantly after that.

Like shown here: cl.ly/3L2V3o1n0T3W

~ Deb Cinkus, CEO

Polished Geek: more with monday․com
eCommerce Business Process Automation Experts

Attachments:

The following user(s) said Thank You: nicolas

Please Log in or Create an account to join the conversation.

Jerome
Away
HikaShop core developer

Posts: 26158
Thank you received: 4028
MODERATOR

7 years 2 months ago #277482

Hello,

Yes the system do not authorize guest account to use an email which is already used by a Joomla account.
Because it means that the guest account could have access to some information related to an existing account (not Joomla information, but HikaShop information) without having to enter the password.
So, that action is forbidden and a Joomla account must login using its email and its password.

Sorry, that's a no and it's for security purposes.

Regards,

Jerome - Obsidev.com
HikaMarket & HikaSerial developer / HikaShop core dev team.

Also helping the HikaShop support team when having some time or couldn't sleep.
By the way, do not send me private message, use the "contact us" form instead.

Please Log in or Create an account to join the conversation.

GW
Topic Author
Offline

Posts: 200
Thank you received: 75

7 years 2 months ago #277508

Thanks for the replies Jerome and PolishedGeek.

We also changed the error message a while ago very similar to what you have, even added a direct link to our password reset page in the language override, we will see for a bit longer if it helps.

Please Log in or Create an account to join the conversation.

bmiexpress
Offline

Posts: 7
Thank you received: 0
Hikashop Business

7 years 1 month ago #280642

We are trying to do the same thing -- allow "registered users" to check out as a guest. I don't understand the security implications you are suggesting -- for us they don't exist. The goal is to not have the system look to see if someone is a registered user when they are checking out as a guest. Just bypassing the check to see if the email is a registered user email address. PLEASE help us do this!!!!!

The registered user function is used for a completely different purpose (unrelated to HikaShop) on our website, and we'd like to keep it that way. Having everyone use guest checkout whether they are registered or not....

Can you PLEASE help us find a workaround so the checkout wouldn't look to see if the email address provided is associated with a registered user?

Please Log in or Create an account to join the conversation.

nicolas
Away

Posts: 82863
Thank you received: 13372
MODERATOR

7 years 1 month ago #280681

Hi,

If you bypass the check and allow the guest to be seen as a logged in user (so by just changing a line of code basically), anyone using an address email of a registered user on your checkout will have access to the addresses of the user, will be able to use his points, etc. That's why we're talking about security issues with that.
To avoid that, it would require differentiating guests and registered users in HikaShop, but that's hard to do because we have a unique key on the user_email column of the hikashop_user table (like Joomla has in the users table) so that you can only have one entry per email address.
The advantage of doing that is that we can easily synchronize the user entries between Joomla and HikaShop and other optimizations. And the code of HikaShop supposes that you can have only one entry for one email address.
So changing that might have implications in places I didn't think about, like the votes, etc.
Basically, it looks like a simple change, but it has great implications if we want to do it properly.
For anyone else interested, I've replied with informations on where to change the code to allow for that:
www.hikashop.com/forum/checkout/892402-a...ed-users.html#280675
Note that as a customization in your case, you don't need to differentiate the users between guests and registered users, so you probably won't have to do all that. This was to explain why we can't add that capability easily in HikaShop so that it works correctly for everyone.

Please Log in or Create an account to join the conversation.

Start
Prev
1
Next
End

Time to create page: 0.090 seconds