Hi there,
This may seem like a dumb question, (noob) but does anyone know if there a way that once a customer creates a user account and makes a purchase, that automatically their user account, password and item details (bank stuff not required) can be sent automatically to a different online system, for example to configure their account after purchase?
Latest News: (loading..)
0
6 replies to this topic
#2
-
- Community Sponsor
-
- 9,470 posts
- Real Name:Chris Dunn
- Gender:Male
- Location:Tecumseh, Ontario, Canada N8N 1X8
Posted 16 March 2010, 15:04
Neil,
The customer creates an account(usually) before making a purchases. So there is no reason for you to create their account after the purchase. At the minimum (with PWA) you will receive basic information and shipping information.
Chris
The customer creates an account(usually) before making a purchases. So there is no reason for you to create their account after the purchase. At the minimum (with PWA) you will receive basic information and shipping information.
Chris
:|: Was this post helpful ? Click the LIKE THIS button :|:
:|: Check my About Me page for information about Support Plans, Templates, Custom Add Ons and Professional osCommerce Security Services :|:
:|: Check my About Me page for information about Support Plans, Templates, Custom Add Ons and Professional osCommerce Security Services :|:
#3
Posted 16 March 2010, 15:45
DunWeb, on 16 March 2010, 15:04, said:
Neil,
The customer creates an account(usually) before making a purchases. So there is no reason for you to create their account after the purchase. At the minimum (with PWA) you will receive basic information and shipping information.
Chris
The customer creates an account(usually) before making a purchases. So there is no reason for you to create their account after the purchase. At the minimum (with PWA) you will receive basic information and shipping information.
Chris
hi Chris, thanks for the quick reply! Our use case is slightly odd, we are selling some hardware, which after purchase but before delivery will need to be further configured (by the user) via a external wizard on another server. The user may choose to configure it straight away, or might want to do it later, so we want to clone the user/name password to instantly create a login & pass on the configuration wizard part, so that is instantly ready for them to log into when ever they want.
Hope that makes sense?
#4
Posted 17 March 2010, 01:18
This could take some work. osCommerce stores a hash (one-way encryption) of the user's password. It's somewhat unlikely that the other system would use the same hash.
The other system might be modified to use the osCommerce login, or the opposite of course. You could also pass the raw username and password to the other system.
Are osC and the other system running on the same server? If they are, coding a bridge in PHP should not be too much trouble. I will be harder if they are running separately.
Regards
Jim
The other system might be modified to use the osCommerce login, or the opposite of course. You could also pass the raw username and password to the other system.
Are osC and the other system running on the same server? If they are, coding a bridge in PHP should not be too much trouble. I will be harder if they are running separately.
Regards
Jim
#5
Posted 14 April 2010, 16:36
kymation, on 17 March 2010, 01:18, said:
This could take some work. osCommerce stores a hash (one-way encryption) of the user's password. It's somewhat unlikely that the other system would use the same hash.
The other system might be modified to use the osCommerce login, or the opposite of course. You could also pass the raw username and password to the other system.
Are osC and the other system running on the same server? If they are, coding a bridge in PHP should not be too much trouble. I will be harder if they are running separately.
Regards
Jim
The other system might be modified to use the osCommerce login, or the opposite of course. You could also pass the raw username and password to the other system.
Are osC and the other system running on the same server? If they are, coding a bridge in PHP should not be too much trouble. I will be harder if they are running separately.
Regards
Jim
Thanks Jim,
The other system will be on another server unfortunately, and its Java not php, you mention "pass the raw username and password to the other system", do you mean that we could alter the oscommerce code to pass this on, before it is encrypted? This sounds like what we would be after, is this possible, and if so where would you go about doing it?
Many thanks
Neil
#6
Posted 14 April 2010, 16:47
You would have to intercept the username and password in the top of login.php.
Note that doing this is extremely risky. You are sending unencrypted passwords over the internet to another server. That's a hacker's dream. I think you need to rethink this whole process.
I would look at modifying one system or another so they use the same hash. Sending encrypted passwords still retains some risk, but not nearly as bad as sending them in the clear. Or you could set up some sort of encryption for both the username and password sent between the two systems.
Regards
Jim
Note that doing this is extremely risky. You are sending unencrypted passwords over the internet to another server. That's a hacker's dream. I think you need to rethink this whole process.
I would look at modifying one system or another so they use the same hash. Sending encrypted passwords still retains some risk, but not nearly as bad as sending them in the clear. Or you could set up some sort of encryption for both the username and password sent between the two systems.
Regards
Jim
#7
Posted 14 April 2010, 17:16
kymation, on 14 April 2010, 16:47, said:
You would have to intercept the username and password in the top of login.php.
Note that doing this is extremely risky. You are sending unencrypted passwords over the internet to another server. That's a hacker's dream. I think you need to rethink this whole process.
I would look at modifying one system or another so they use the same hash. Sending encrypted passwords still retains some risk, but not nearly as bad as sending them in the clear. Or you could set up some sort of encryption for both the username and password sent between the two systems.
Regards
Jim
Note that doing this is extremely risky. You are sending unencrypted passwords over the internet to another server. That's a hacker's dream. I think you need to rethink this whole process.
I would look at modifying one system or another so they use the same hash. Sending encrypted passwords still retains some risk, but not nearly as bad as sending them in the clear. Or you could set up some sort of encryption for both the username and password sent between the two systems.
Regards
Jim
Thanks Jim, Of course you make very valid points, I was thinking we could include our own encryption system alright. I will look into this further...
best regards, Neil
