Forbid the Usage of Junk-Alias Emails in PrestaShop

If you want your customers to use a valid email address, you might want to forbid the use of expiring aliases. Let’s create a module to handle this validation!

< a href=”http://nemops.com/wp-content/uploads/2014/03/emailchecker_tut.zip”>DOwnload Project Files

  • Version used: Prestashop 1.5.6.2
  • Compatibility: Prestashop 1.5, Prestashop 1.6

Introduction

Depending on your market, a certain percentage of your clients might be using junk email aliases when registering or checking out as guests on your site. If you strive to keep a solid customer base, and especially if you want to fidelize them, this might become a real issue at a certain point. Therefore, you want to make sure they use at least a valid, non-junk/alias address on your site.

The issue can easily be solved with the use of action Hooks. Prestashop handles address validation through the so-called “AuthController”, and wisely comes with an action hook right at the beginning of the method used to process a new account (be it guest or not) creation.

In today’s tutorial, we will create a small, lightweight module that hooks to actionBeforeSubmitAccount, so we can target any keyword we dislike, and prevent its usage within the email address field. Let’s get to it!

Step 1 – Creating the Prestashop Module and the back office interface

In order to make things easier for us, we will create a back office interface that saves all these words in a single database configuration entry. This way, whenever we feel like adding a new “banner keyword” for the email address field, we can simply reach out the module’s configuration page, add it and save.

Let’s start by adding a new, simple module. Download the project files, grab the emailchecker folder that you find inside the ‘start_here’ folder, and drop it inside your modules/ folder.

Open up emailchecker.php, then modify the install() method by registering the new hook, as follows:

	public function install()
	{
		if (!parent::install() OR
			!$this->registerHook('actionBeforeSubmitAccount'))
			return false;
		return true;
	}

actionBeforeSubmitAccount is the name of the hook we want to target.

Then, let’s create the markup to handle banned keywords from the back office. Inside the _displayForm() method, add the following:

		$this->_html .= '
			<form action="'.$_SERVER['REQUEST_URI'].'" method="post">
				<fieldset><legend><img src="'.$this->_path.'logo.gif" alt="" title="" />'.$this->l('Settings').'</legend>
		';

		$this->_html .='
					<label>'.$this->l('Banned keywords').'</label>
					<div class="margin-form">
						<input type="text" name="bannedkw" value="'.Configuration::get('PS_EMAIL_BANNED_KEYWORDS').'">
					</div>

		';

		/* Submit button */
		$this->_html .='<p class="center"><input type="submit" name="submitKw" value="'.$this->l('Save Settings').'"" class="button"></p>';

		$this->_html .= '
				</fieldset>
			</form>';

It’s a regular, simple form. If you are not used to creating Prestashop Modules, you might want to have a look at how to create a prestashop module in the official Prestashop Documentation.

Briefly: we added a new field to hold the banned keywords. We will add them in the input one by one, separated by comma. Then, we will save them inside the PS_EMAIL_BANNED_KEYWORDS, and this very same value will be displayed, if set, each time we access the form.

At this point, let’s save the entries to the configuration table. Edit the _postProcess() method as follows:

	private function _postProcess()
	{
		if (Tools::isSubmit('submitKw')) // handles the basic config update
		{
			Configuration::updateValue('PS_EMAIL_BANNED_KEYWORDS', Tools::getValue('bannedkw'));
			$this->_html .= $this->displayConfirmation($this->l('Keywords updated'));
		}
	}

We don’t really need validation, but feel free to add it if you want to make sure data is entered correctly here (words separated by commas, so Regular Expressions will come in handy).

As a last thing, if you want to make sure no trace is left into the database upon the module’s removal, erase the configuration entry by editing the uninstall method:

public function uninstall()
	{
		if (!parent::uninstall() OR !Configuration::deleteByName('PS_EMAIL_BANNED_KEYWORDS'))
			return false;
		return true;
	}

We are done with the back office! Time to install the module. Reach out the modules panel in the back office, look for emailchecker and install it. Test the configuration page and make sure you can save keywords properly. Once this is settled, move to the next step!

Validating the email address

It’s time to create the hook method that will handle email validation. Inside our module’s php file, create a new method named hookActionBeforeSubmitAccount:

	public function hookActionBeforeSubmitAccount($params)
	{
	}

Let’s first grab our keywords:

	public function hookActionBeforeSubmitAccount($params)
	{

		$banned_keywords = Configuration::get('PS_EMAIL_BANNED_KEYWORDS');
		if(!$banned_keywords)
			return;

	}

If nothing is found for that configuration entry, return, as there is nothing to do. Otherwise, explode the keywords string using the comma separator, and iterate through them using a foreach:


	public function hookActionBeforeSubmitAccount($params)
	{

		$banned_keywords = Configuration::get('PS_EMAIL_BANNED_KEYWORDS');
		if(!$banned_keywords)
			return;
		// explode keywords by comma
		$kw = explode(',', $banned_keywords);
		foreach ($kw as $k) {

		}

		return;
	}

Finally, let’s check the presence of our banned keyword inside the email address. There are several methods to do this. The easiest one is using the strstr function of PHP. Of course, you might as well use regular expressions if you feel more comfortable with it:


	public function hookActionBeforeSubmitAccount($params)
	{

		$banned_keywords = Configuration::get('PS_EMAIL_BANNED_KEYWORDS');
		if(!$banned_keywords)
			return;
		// explode keywords by comma
		$kw = explode(',', $banned_keywords);
		foreach ($kw as $k) {
			if (strstr(strtolower(Tools::getValue('email')), strtolower($k))) {
				$this->context->controller->errors[] = Tools::displayError('Invalid email address');
			}
		}

		return;
	}

We are telling the script: if the keyword is found inside the email address (if it’s a substring of it, grabbed using the helper getValue, which retrieves $_POST and $_GET data) add and error to the current controller. Since the current controller is authController, the information validation will not proceed, and nothing will be added to the database. This happens because Prestashop checks the size of the errors array right before adding data to the store.

Save and test everything out. If it works properly, you should see the message popping out as soon as you try to register using an address containing the banner keyword. This will work for both the standalone account creation, registered client checkout, and guest checkout (both 5-steps and one page).

Forbid junk-alias email usage in Prestashop

Conclusion

Validating the email address is a very limited usage of the ActionBeforeSubmitAccounthook. You can validate all data sent via $_POST using the account creation form with it. Here is the complete array, take from Prestashop 1.5.6.2:

'id_gender' => string '1' (length=1)
  'customer_firstname' => string 'Fabio' (length=6)
  'customer_lastname' => string 'Porta' (length=6)
  'email' => string 'something@mailexpire.com' (length=23)
  'passwd' => string 'mypassw' (length=7)
  'days' => string '' (length=0)
  'months' => string '' (length=0)
  'years' => string '' (length=0)
  'referralprogram' => string '' (length=0)
  'email_create' => string '1' (length=1)
  'is_new_customer' => string '1' (length=1)
  'back' => string 'my-account' (length=10)
  'submitAccount' => string 'Register' (length=8)

Need Prestashop Modules? Have a look at my Prestashop Addons Store!

Looking for quality PrestaShop Web Hosting? Look no further than Arvixe Web Hosting!

Tags: , , , , , , , , , , , , | Posted under PrestaShop | RSS 2.0

Author Spotlight

Fabio Porta

Fabio Porta

Fabio has been involved in web development and design since 2005, when launched his first website at the age of 16. He’s now highly skilled in both client and server side development, along with design, and since August 2012 runs a successful website about PrestaShop tutorials and Prestashop Modules called Nemo’s Post Scriptum, at http://nemops.com

Leave a Reply

Your email address will not be published. Required fields are marked *


2 × 6 =

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>