Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Autofilling forms


burt

Recommended Posts

Apart from the confusion over the required markup, I believe the most useful solution would be to make the address on create_account.php the customer's saved shipping address. What do you think?

osCommerce user since 2003! :thumbsup:

Link to comment
Share on other sites

Apart from the confusion over the required markup, I believe the most useful solution would be to make the address on create_account.php the customer's saved shipping address. What do you think?

 

Place the "shipping" keyword on the autofills?

 

I'm still finding the whole thing a little confusing...need more coffee... ;)

Link to comment
Share on other sites

Apart from the confusion over the required markup, I believe the most useful solution would be to make the address on create_account.php the customer's saved shipping address. What do you think?

i think the opposite, the billing address being the real address and the shipping often being work or parents address

KEEP CALM AND CARRY ON

I do not use the responsive bootstrap version since i coded my responsive version earlier, but i have bought every 28d of code package to support burts effort and keep this forum alive (albeit more like on life support).

So if you are still here ? What are you waiting for ?!

 

Find the most frequent unique errors to fix:

grep "PHP" php_error_log.txt | sed "s/^.* PHP/PHP/g" |grep "line" |sort | uniq -c | sort -r > counterrors.txt

Link to comment
Share on other sites

In "big league" operations such as Amazon, I often see the shipping address filled out first. Then you are asked if the billing address is the same as the shipping address. If not, you are asked to fill in the billing address (it might be partially pre-filled, such as with the customer name). Note that some payment systems may be a little touchy about having different billing and shipping addresses (indicating possibly fraudulent orders) -- it might be good to see if there are any industry guidelines on how to handle different addresses (detecting possible fraud).

Link to comment
Share on other sites

Didn't intend to open Pandora's box.  As I mentioned in my earlier post, defaulting to shipping or billing would be a personal choice of the store owner. 

There is justification to do either.

 

The way @@burt has it configured without specifying is neutral and will default to the browser.  My suggestion was based on knowing the requested address type based on the page itself during the checkout process.  Thus, including shipping and billing would allow for the browser to provide the more specific information (if available).

Link to comment
Share on other sites

i think the opposite, the billing address being the real address and the shipping often being work or parents address

 

If they have work or their parent's address saved as their shipping address in their browser, that's what would be filled in on the create_account.php page.

osCommerce user since 2003! :thumbsup:

Link to comment
Share on other sites

@@burt

 

Here's some more verbose examples of what can be done, as well as a table with all possible autofill fields https://html.spec.whatwg.org/multipage/forms.html#autofill

 

I'm not sure 'shipping' or 'billing' can be distinguished on the create_account.php page.

osCommerce user since 2003! :thumbsup:

Link to comment
Share on other sites

Chaps, I am still quite confused...but then I get easily confused by little things...

 

To (try to) un-confuse me I'll ask a question, and hopefully I'll understand the resulting answer(s);;

 

Is the code as I have it at https://github.com/gburton/Responsive-osCommerce/pull/528/files correct, bearing in mind that on create_account neither the shipping or billing address is actually input ...

Link to comment
Share on other sites

  • 1 month later...

@@burt - it may be best to set the password fields to "off" rather than "new-password".  Also, possibly the email address as well. 

 

Threat
The Web server allows form based authentication without disabling the AutoComplete feature for the password field.

Impact
The passwords entered by one user could be stored by the browser and retrieved for another user using the browser.

Solution
Have the AutoComplete attribute disabled for the password field in all forms. The AutoComplete attribute should also be disabled for the user ID field.

 

If you like, I can create a push to GitH.  Let me know.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...