Jump to content

[PS1.7] Generate password if empty on customer account page


Recommended Posts

As in title, where should I add the code checking if password given was empty, and if yes to generate some random pass? To avoid guest customers, that are harmful (people can't log in again).

In PS 1.6, it was AuthController.php

    protected function processSubmitAccount()
    {
        Hook::exec('actionBeforeSubmitAccount');
        $this->create_account = true;
        if (Tools::isSubmit('submitAccount')) {
            $this->context->smarty->assign('email_create', 1);
        }
        // New Guest customer
        if (!Tools::getValue('is_new_customer', 1) && !Configuration::get('PS_GUEST_CHECKOUT_ENABLED')) {
            $this->errors[] = Tools::displayError('You cannot create a guest account.');
        }
        if (!Tools::getValue('is_new_customer', 1)) {
            $_POST['passwd'] = md5(time()._COOKIE_KEY_);
        }

where is equivalent in prestashop 1.7?

Thanks

Share this post


Link to post
Share on other sites

  • 5 weeks later...

Could anybody give me an idea where do I should at least begin searching for that line?

If password given during create account empty, then generate it for customer?

I tried javascript approach, but it doesn't work as intended.

Share this post


Link to post
Share on other sites

Okay I found it:

  private function create(Customer $customer, $clearTextPassword)
    {
		if (!$clearTextPassword) {
			$clearTextPassword = Tools::passwdGen(8);
		}
        if (!$clearTextPassword) {
            if (!$this->guest_allowed) {
                $this->errors['password'][] = $this->translator->trans(
                    'Password is required',
                    [],
                    'Shop.Notifications.Error'
                );

                return false;
            }

            /**
             * Warning: this is only safe provided
             * that guests cannot log in even with the generated
             * password. That's the case at least at the time of writing.
             */
            $clearTextPassword = $this->crypto->hash(
                microtime(),
                _COOKIE_KEY_
            );

            $customer->is_guest = true;
        }

However since it's private method, I am unable to create override for it.

What's the way it should be done? Changing content of the core class is no good, since after update the changes will be lost.

Any support from the forum would be appreciated...

Share this post


Link to post
Share on other sites

  • 1 year later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...

Important Information

Cookies ensure the smooth running of our services. Using these, you accept the use of cookies. Learn More