Drupal: Two-way communication between unregistered customer and admin - drupal

I need to setup a system where customers can choose to Request a Quote for a specific holiday package, where they will enter their personal details as well as their holiday requirements (number of rooms, etc.) and will then allow them to view a page which will have a threaded conversation between them and the admin (so the admin can reply to their quote request on the website).
The problem is that most customers won't be registered when they want to request a quote, so I was thinking that the Request a Quote page could silently register the customer as a user (using their personal details) on the same page where it asks for their holiday requirements.
The other option I can think of would be to not register them and just email them a unique URL where they can view their quote request and reply to the admin.
Could you point me in the right direction on how to do either of those?

To create a new user you can use the user_save. To create a random password you can use the use the user_password function. The all that is left is to send a mail. Either create your own or use the standard one when users are created.

Check out the Inline Registration module: it allows anonymous users to create a node and register as user at the same time, using a single form.

I think the best way would be to have a content type they fill out that looks like a form, but actually creates the node that is only visible to them and the administrators, comment enabled. Probably the quickest way. Then you have security in place so people can't see other peoples quotes.

Login Toboggan combined with Content Profile might work for this.

Related

Drupal 7 Content Deadline

I am using Drupal 7 and a custom CCK content in order to allow users to submit information to our website. I'd like to be able to only allow submissions between a set of user definable dates. Once the dates expire, i'd like for the user to receive a message of some sort stating that the deadline for submissions is now expired when they click the link to open the form.
I currently manually go in and turn off permissions to the content type once the deadline expires, but that is clunky and requires a little too much management (I have 15 forms I need to do this for). I've searched stack overflow and google and have not come up with anything that fit my needs, most likely because I'm not using the right keywords.
Does anyone know an easy way to do this with a module or do I need to try to write my own in order to accomplish this goal? Thanks in advance for any help.
I think you have to write some custom module to achieve this. You would use hook_node_access() to control node creation page access and and put your error message and/or redirection.
https://api.drupal.org/api/drupal/modules%21node%21node.api.php/function/hook_node_access/7
Another solution is to use Webform module.
https://www.drupal.org/project/webform
Download version 7.x-4.x
Create a form and in the settings there is an option to control total submissions limit, and set time frames for limitations.
Hope this helps.
You can achieve this by:
Create a column in user table in mysql called "expDate", assign the expDate values(mm-dd-yyyy) to each user
In drupal, on the page where users summit message, write php code to grab the expDate from database, and compare it to Current Date, date('mm-dd-yyyy'). Just copy can paste the php codes in each page where you have the form.
You can also pass the expDate from php to js, then do some fancy job instead of simple alert.

Need some hints for my own WP Theme

After taking some online tutorials I am willing to create my own custom theme for my myself. This is going to be an online Contact Lense store! So far I have learned how to generate and use Custom Post Types, Custom Taxonamyies, Metaboxes , and Option pages.but there is still one confusing part left for me(hopefully not more! :-))
I need to get some user inputs through HTML Select Options like following image to finalize the users orders:
Now my question is:
1- Do I have to create some thing lik Metaboxes to manipulate these data from users?
2- can I handle these kind of data through simple Form ans Post function in PHP? If so where should I store these data? Do I have to create a table on my own to handle these things?
I really appreciate your time regrading this post,
What you're asking for carries a little more complexity than you think!
Let's break this down into its meaningful steps:
A user visits your shop, and decides that they like what they see and wants to make an order
The user fills out a form defining their exact eye requirements, quantity, as well as their contact information
Upon completing this form, a new order has been created
But wait.... how will you get paid? What happens if the user's computer explodes before the payment goes through? How will you know to send them their contacts without first knowing the payment even succeeded?
This is where things start to get tricky. You need to be able to keep a record of orders for the sake of your users, but you also need to look out for your own interests too. Your business is doomed to fail if you're sending out expensive products to people without the proper assurance that you're getting paid.
This is where you'll need to set up a Merchant Account with a service like PayPal or Google Checkout. As much as I despise PayPal, their Instant Payment Notification (IPN) System has been very reliable for me. What this does is automatically send a POST request to your server with all of the information you need to finalize the checkout process and alert your user that their payment has either succeeded or failed.
So with this in mind, how does this affect our step-by-step process?
A user visits your shop, and decides that they like what they see and wants to make an order
The user fills out a form defining their exact eye requirements, quantity, as well as their contact information
Upon completing this form, a new order has been created with a status of pending
The user is then sent to PayPal/Google Checkout to enter their Credit Card information to complete their purchase
PayPal/Google processes the payment
PayPal/Google sends your server the results of the processed payment
The corresponding order is updated with a status of Payment Received or Payment Failed for your own records
You send out the product to a very satisfied customer
So what will this mean from a Wordpress standpoint?
My first suggestion:
Check if a Plugin already exists that can handle this for you!!!
Seriously, this will make your life much easier. Handling people's money as well as your own stock is a nightmare all in itself, you don't want to be responsible for handling the code that drives it, or the possibility of security holes that you might not know about (that other plugins may have already addressed). WooCommerce is a popular one. See if that can handle what you need.
If a Plugin can't do it for you, then you'll need to:
Register a Custom Post Type for Orders
Create a new Order Post using wp_insert_post when a user submits the form with their POST data
Save the relevant POST data you need as metadata using update_post_meta
Send PayPal/Google/Whatever some Custom Information it needs to hang on to - in this case, the newly created Order Post ID - so that it can send it back to your own server
Set up a side-script to process the data sent by PayPal/Google Checkout/Whatever and send an email to the user detailing the status of their purchase and update the corresponding Order Post ID that was sent back by PayPal/Google Checkout/Whatever
(Optional) Set up a CRON Job to periodically scan all Pending orders in case a user's session was interrupted, or they bailed at the last second during checkout and send them an email notifying them about this and provide them a link to your website to reopen, reevaluate, and resend the order, or cancel and clear it from your database
Quite honestly, this would take even a seasoned Developer at least a few weeks worth of work just to get it in working condition. Presentation is a whole different animal.
Hopefully this will give you a step in the right direction. I doubt anybody here will give you the code to do what you need, because there's just too much to post. Entire libraries are built just for these kinds of things.
Good luck!

Is an custom field accesible via URL/Search query etc.?

I'm going to set up a web shop that sells domain names.
Every domain is a single post, and every post contains about 10 custom fields.
My question is, are these custom fields accessible if I don't query them?
For example, you go to a single post (a domain overview in my case) and can you retrieve the values of my custom fields? Otherwise people can retrieve the code, without paying for it. Are those custom fields accessible if I don't query them, or not all of them?
Is it safe to keep the code's where you pay for in a custom field?
Thanks in advance!
You shouldn't be able to, but there's always the possibility of security holes in WP, or even something as simple as a brute force attack on the WP Admin area or your MySQL database.
I would err on the side of caution and keep any critical data in a separate system. Maybe after someone makes a purchase, you could have them log into a separate system to retrieve their activation codes.
Gumroad might be a decent end-to-end fulfillment system for you. Each of your domains would be a separate Gumroad product, and you could paste the shortlink into WordPress as a custom field. More info: https://gumroad.com/

Filtering Repeater items based on user status/role

I have a tricky requirement where I need to categorise documents attached to a product, available for download, based on the status of the user viewing the product. I.e. my site displays a list of products, clicking on one displays a product details page, and this page includes a list a documents related to the product, such as data sheets, user manuals, etc.
I have been asked to group documents into three classes of availability, v.i.z. those available freely to all users, including anonymous; those available to logged on users; and those available to anonymous users that provide contact information before downloading the document, presumably to boost sales leads.
The anonymous and logged on availabilities are quite easy, but the third seems a bit tricky to me. My first question is, is there a way I can filter documents for only logged on users without hooking into ItemDataBound or something, and my second question is, what is recommended for the case where a user must supply contact information to download a document?
In the second question, it has crossed my mind to actually register the user, but without them having to visit the new user registration page, and then I have role based filtering of documents. Currently the new user registration process automatically adds the Member role to all new users. Users I register 'quietly', just so they can download a document, wont be assigned the Member role, distinguishing them from normally logged on members. What other approaches could I take?
A lot of this implementation will depend on exactly what you want to accomplish and how you go about doing it.
For example, if I don't have access to the document, should I see the link?
If your implementation is that all users should be able to see it, but that the actual act of 'getting it' is dependent upon the individual role or membership, you could solve it fairly easy by implementing a "handler" to download the secured documents, that way you are not presenting a direct file link. That handler could then validate security, if they were not allowed, it could then take them to the login or register page as needed.
If the users don't see the documents until they meet the requirement, I would then filter BEFORE you bind to your repeater.

Simple user registration without captcha or e-mail verifiaction with Asp.net

I want to create a simple user registration form with First / Last name, email, and password. We have used captcha and email verification in the past to ward off bots, but is there another way without using those techniques? I thought about encrypting the field ID names so that they aren’t names username, password, etc. we tried openID, but 1% of our users had an ID they could use. Any thoughts?
You might be able to use Akisment (you don't have to have WordPress to use it) in order to determine if it's spam. Though I think Akismet is best suited to situations when there is text to validate, it might be able to help validate emails and names.
At the very least, if you want to remove a CAPTCHA, you should have some sort of throttling to ensure that a single IP address can't register more than x number of times during y period of time.

Resources