Jump to content

How to prevent a Client from changing his Details?


Recommended Posts

Thanks, I know that. I didn't express myself well. I would like to prevent that a Client can make changes rather, than get mails telling me:"If you don't see any changes, the user may have only modified their password or credit card information. If the changes are ok you do not need to do anything. If not, you need to login and undo them - this is the only record of the old details."

Link to comment
Share on other sites

^ To add onto it: You'll just have to make sure you notate that the client has to submit a ticket (or email) to you to change details.


You should still leave the password changing up though.


Oh come on, thats so dirty and wrong its rediculous. Hey, if you really want to keep the form, then just add "readonly" or "readonly=readonly" (depending on doctype) to each input/option, etc that you want to not allow the user to change.


EDIT: rofl jordan, looks like you changed your post while i wasnt looking. Had to give you a hard time about removing the <form> and submit button idea.

Link to comment
Share on other sites

I think the original poster has a valid point and is asking a fair question. We too have a custom field that we assign clients but we don't want our clients to change it.


Seriously, if the OP want's to stop all fields from being changed they obviously have their own reasons for it, right? :)


To answer the posted question. You can simply "disable" a field if you wish by doing the following to the template.


e.g. If wanting to disable input into the $clientlastname field, replace {$clientlastname} with

{$clientlastname|replace:'size="30"':'size="30" disabled'}

(This is provided your template uses the size="30" value, otherwise change it to the template default, I think Matt may have changed this to 25 on th Portal Template.)


That should do the trick.




Link to comment
Share on other sites

@ Iceman

Thanks for your kind and polite response! At least someone who tries to help instead of insulting other Users.


ROFL, I gave you two different ways of doing it. Your the one being insulting now.


Just a note, disabling the form isnt foolproof as most likely because of register_globals being on and how i have noticed most of the variables are setup, im betting that someone could post to the form using the variables in the url.

Link to comment
Share on other sites



I think the poster was referring to your comment

thats dumb to not let users change details.
It does come across a little harsh. 8)





Maybe harsh, but i did help him. He said i didnt help at all. Either way, I stand by my original statement. =P

Link to comment
Share on other sites

Actually, this is something I believe is important from a legal position.


We are using modernbill and are in the process of moving to WHMCS. The point being made now concerns me about how this is going to fit with our legal position.


Let me explain:


When a customer signs up, they agree to our terms and conditions. When they do so, they personally take legal responsibility for the activity on their account. Accounts are also listed as non-transferrable for this reason.


When changes are made to the ownership of an account, we have a PDF document which both parties MUST sign and mail to us, along with an administration fee also.


Part of the PDF states that:


The leaving customer has:


1) Passed all relvant usernames and passwords to the new client and given them instructions on how to generally operate the account (without dumping a new user on us who needs everything explained)


2) That they agree to revoking and handing over legal responsibility to the account and that they are aware of the new third party. (In other words this move is final and severs their involvement and influence on the account).


The new customer taking over the account has:


1) Read our terms and conditions and signs to accept them.


2) Takes over the legal responsibility and also responsibility for the accounts.


If customers can change things, I'm not sure how anyone is meant to run any sort of secure accounts/support system.


It works because i) leaving customers are being given a finality to their contract with us. ii) We control who manages and runs individual accounts. iii) New customers take us seriously and understand we have protocol in our business which must be followed for the benefit of all.

Link to comment
Share on other sites

Ok, we already told the poster how this can be done if you do not want to allow changes, so it shouldnt be an ongoing question or concern. If you do allow changes, you will get a copy of what was changed in an email. So whats the big deal?

Exactly, it can be done if your business model requires it. I doubt there is much demand for this though, but then again I have been wrong before. ;)

Link to comment
Share on other sites

  • 1 month later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated