Jump to content

Tutorial: How to setup and use Multi-Language Security Questions

brian!

By brian!
in Third Party Add-ons

 Share

Recommended Posts

brian! Senior Member

brian!

Posted
Posted (edited)

a question was asked by paperweight about allowing the security questions to be translated...

 

http://forum.whmcs.com/showthread.php?94023-How-can-I-translate-quot-Security-Questions-quot-in-WHMCS

 

although I can think of a number of ways to translate them in the Client Area, it would be more difficult to translate them in the Admin Area client profile - not least because it's an encrypted file with no template available to edit.

 

http://docs.whmcs.com/Security_Questions

 

Security questions can be used as an extra level of security when your clients contact you in order to verify their identify. You can then prompt them for the answer to the question they selected.

 

Also, when resetting their password from the client area, the client will be prompted to select their security question, and enter the answer before a new password will be generated.

 

You will need to add your security questions before your clients can use this feature. To do that, go to Setup > Other > Security Questions. From here, you can see your existing security questions and how many clients are using them, add new questions, and delete any unused questions.

 

To add a new question, type in the available text box and press save changes. This will add the security question to the system.

 

Clients are prompted to choose and answer a security question when registering, modifying their account password or requesting a new password.

it occurred to me that another way to do this might be to add security questions only for a specific language, e.g, someone using the site with English selected, will only see English questions; if French is selected from the language dropdown, they only see French questions etc.

 

I think i've created a simple but elegant solution that works by first modifying the questions used, and then with very minor template edits to viewcart.tpl (ordering) and the security pages in the Client Area - it uses the language selected by the client to determine which security questions are shown to them.

 

Step 1 - Modifying the Security Questions

 

While you can add security questions in any language now, all of them will be shown to the customer - to avoid this, we need to find a way to assign a security question to a particular language.

 

ideally, it would be easier if we could do this on the Security Questions page in the Admin Area - but obviously we can't, otherwise I wouldn't be writing this tutorial! :)

 

however, what we can do is include the required language in the question itself and then use that in the templates to only show those question(s) in the selected language.

 

to keep it simple, we will use two security questions:

 

  • Mother's maiden name ?
  • Name of your first pet ?

what we do next is to modify these questions by adding a keyword to each that we can use in the templates to assign the question to a specific language - the obvious keyword to use is the language itself as used in the dropdown.

 

Note: it must be added in lower-case, so 'english' will work, 'English' or 'enGlish' will not.

 

Although it wouldn't be difficult to correct this and make it case-insensitive, it complicates the required Smarty code - also, this current method allows you to use the language word, e.g "English", in the actual question if you wish to.

 

so let us take the second of these questions and now assign it a language.

 

  • Name of your first pet ? english

let's add a new security question for French users only..

 

  • Nom du premier animal de compagnie? french

so now we have a specific security question for English and French customers.

 

another important thing to note is if you are only using specific languages on your website, e.g English and French, then you only need to add security questions in those languages.

 

however, if your website uses languages for which you don't have any security questions, then you need to add a "generic" question that will be shown to everyone - otherwise, if the user selects "Danish" and you don't have any specific Danish-language security questions, the security question dropdown will be empty.

 

this generic question will be shown as exactly as entered by you in the Admin Area, and not in the language of the user.

 

we can take our first security question and make that generic so all users will see it.

 

  • Mother's maiden name ? generic

so now that we have our three security questions, we can move on to the template modifications.

 

Step 2 - Order Form Template Modifications

 

in viewcart.tpl, the security questions are shown using the following code (I think its the same for all templates)...

 

{foreach key=num item=question from=$securityquestions}
<option value={$question.id}>{$question.question}</option>
{/foreach}

all we need to do is to add an {if} statement into it...

 

{foreach key=num item=question from=$securityquestions}
{if $question.question|strstr:$language or $question.question|strstr:'generic'}
<option value="{$question.id}"{if $question.id eq $securityqid} selected{/if}>{$question.question|replace:$language|replace:'generic'}</option>
{/if}
{/foreach}

this checks the security question to see if it contains the current value of $language (which is always lowercase), or the exact word 'generic' - if either is true, it shows the question with the language word ('english', 'french' etc removed); if false, the question isn't shown.

 

obviously, you can change the word 'generic' to anything you want in your own language - as long as you don't include it, in lower-case, in the actual security question.

 

also, if you don't need the 'generic' option, then you can remove it from the above code.

 

below is a screenshot of viewcart.tpl with French language selected... the dropdown shows the 'generic' question along with the specific French question - the English "Name of pet?" question is not shown.

securityq_french_order.png

 

that's all you should need to add to the order-forms to show specific language security questions. :idea:

 

Step 3 - Client Area Template Modifications

 

In the Client Area, I think there are only two templates that need to be modified - clientareasecurity.tpl and clientregister.tpl - both use the same code to show the security questions for those users that haven't set one...

 

<select name="securityqid" id="securityqid">
{foreach key=num item=question from=$securityquestions}
<option value={$question.id}>{$question.question}</option>
{/foreach}
</select>

this needs to be changed to use code similar to that added previously to the order-form templates...

 

<select name="securityqid" id="securityqid">
{foreach key=num item=question from=$securityquestions}
{if $question.question|strstr:$language or $question.question|strstr:'generic'}
<option value={$question.id}>{$question.question|replace:$language|replace:'generic'}</option>
{/if}
{/foreach}
</select>

if French is selected as the language, the security page in the Client Area will show the Generic and French questions...

 

securityq_french_client.png

selecting English changes the page to only show the Generic and English questions...

 

 

securityq_english_client.png

 

if the client already has a security question setup, then this is shown using the following code in clientareasecurity.tpl

 

{if !$nocurrent}
   <div class="control-group">
       <label class="control-label" for="currentans">{$currentquestion}</label>
       <div class="controls">
           <input type="password" name="currentsecurityqans" id="currentans" />
       </div>
   </div>
{/if}

similarly, $currentquestion needs to be tweaked to remove the language or 'generic'..

 

{if !$nocurrent}
   <div class="control-group">
       <label class="control-label" for="currentans">{$currentquestion|replace:$language|replace:'generic'}</label>
       <div class="controls">
           <input type="password" name="currentsecurityqans" id="currentans" />
       </div>
   </div>
{/if}

Admin Area

 

unfortunately, it's not possible to modify the Admin Area using this method - so in the client's profile, the security questions dropdown will contain the full questions (including the language and/or generic) - not ideal I know, but only admins will see it.

 

securityq_admin_area.png

Edited by brian!
0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept