Jump to content
J-B

Checkbox for Register and Contact Page ...

Recommended Posts

Hi @all, 

in Europe will come the new regulation "EU General Data Protection Regulation". For this new regulation I (all EU ppl) must add a Checkbox for consent to  processing of his or her personal data in the register.php and contact.php

For the register.php I have try it with a hook and checkbox, but dont work :(

My Hook:

<?php

if (!defined("WHMCS")) die("This file cannot be accessed directly");

function ClientAreaRegisterTherms($vars) {

    global $_LANG;
    $errors = array();

    if ( $_REQUEST['acceptds'] != true ) {
        $errors[] = $_LANG['ordererrords'];
    }


    return $errors;
}

add_hook("ClientAreaRegister",1,"ClientAreaRegisterTherms");

?>

I have try it with ClientAreaRegister and ClientAreaPageRegister, both not work.

My Template of register.php

 {if $accepttos}
            <div class="row">
                <div class="col-md-12">
                    <div class="panel panel-danger tospanel">
                        <div class="panel-heading">
                            <h3 class="panel-title"><span class="fa fa-exclamation-triangle tosicon"></span> &nbsp; {$LANG.ordertos} & Datenschutz</h3>
                        </div>
                        <div class="panel-body">
                            <div class="col-md-12">
                                <label class="checkbox">
                                    <input type="checkbox" name="accepttos" class="accepttos">
                                    {$LANG.ordertosagreement} <a href="{$tosurl}" target="_blank">{$LANG.ordertos}</a>
                                </label>
// NEW CHECKBOX                              
<label class="checkbox"><input type="checkbox" name="acceptds" class="acceptds">{$LANG.orderdsagreement} {$LANG.orderds}</label>

                        </div>
                    </div>
                </div>
            </div>

        {/if}

Anyone a idea why this not work?

Share this post


Link to post
Share on other sites
3 hours ago, J-B said:

in Europe will come the new regulation "EU General Data Protection Regulation". For this new regulation I (all EU ppl) must add a Checkbox for consent to  processing of his or her personal data in the register.php and contact.php

for others with regards to GDPR...

3 hours ago, J-B said:

For the register.php I have try it with a hook and checkbox, but don't work :(

Anyone a idea why this not work?

first thought would be where are you storing the answer? ok, you're asking if they give consent, but where are you storing their response - simply adding a field to the form wouldn't store the result in the database.

it's worth noting that WHMCS v7.5 will introduce an email marketing opt-in feature during checkout and registration...

Marketing-email-optin.png

whether you could adapt that for your needs, or even duplicate it specifically for your consent checkbox, I don't know... it might be worth posting a question in the v7.5 beta community asking if WHMCS have plans to introduce this consent feature themselves... if so, and you plan to upgrade when it gets it's full release (which I assume will be soon and certainly this month), then it would be pointless to reinvent the wheel if they're already going to do it.

if they're not, or you don't plan to upgrade, then i'd suggest using Client Custom Fields for this - that will take their response and store it in the database.... if you want to make the checkbox required, you can do so in the CCF settings and they will effectively be forced to tick it for the order/registration to progress (without the need for a hook or js).

X9cc_W8a_GTqyfd_Yl8_PPq_AJg.png

and because it's a CCF, the client can edit the checkbox value from their client area if they later change their mind....

your only issue would be with regards to layout - e.g this consent checkbox wouldn't be where you want it to be, it would be with the other custom fields... but the simple fix would be to loop through the $customfields array twice - first in it's current location, but add an {if $customfield.id neq 'x'} (where x is the id of your consent checkbox), and then loop it again wherever you want to show the consent checkbox, but in the loop use {if $customfield.id eq 'x'} to only show that one custom field... you should be able to style it like the marketing opt-in if you wanted to.

untried, but this should work fine in both registering and checkout - though as I suggested earlier, might be worth checking with WHMCS what their plans are, if any, for this.

Share this post


Link to post
Share on other sites

Why I need the result in the database? For any mailings list, ok but not for a consent.

If the customer dont click to the checkbox, the customers cant register or send us a email. The EU want a explicit consent to the use and processing of personal information and this I want to do with a required checkbox.

 

Share this post


Link to post
Share on other sites
1 hour ago, J-B said:

Why I need the result in the database? For any mailings list, ok but not for a consent.

and they're not allowed to change their mind later on ?

1 hour ago, J-B said:

If the customer don't click to the checkbox, the customers cant register or send us a email. The EU want a explicit consent to the use and processing of personal information and this I want to do with a required checkbox.

from the ICO website...

Quote
  • Consent should be separate from other terms and conditions and should not generally be a precondition of signing up to a service.
  • If you make consent a precondition of a service, it is unlikely to be the most appropriate lawful basis.
  • You must keep clear records to demonstrate consent.
  • The GDPR gives a specific right to withdraw consent. You need to tell people about their right to withdraw, and offer them easy ways to withdraw consent at any time.

need I go on....

Share this post


Link to post
Share on other sites

Hello brian!, 


I think you have to differentiate between a service and a service provider. I am speaking about the personal data and I can not sell my products if I do not have personal information.

If someone dont give me the explicit consent to the use and processing of personal information, why he want to register or send me a email? 
Anonymous orders will be canceled the same as anonymous e-mails, they will be deleted immediately.

Share this post


Link to post
Share on other sites

fwiw, you probably shouldn't have posted a request in the GDPR thread I linked to... not least because it's not in the v7.5 beta community, so no guarantees any in-house developer will even see it... there's an existing feature request where such requests should be made (linked to in the GDPR thread).

I won't go over your specific points of GDPR because I guess your German lawyer has given you different advice from what I received from mine... welcome to EU law. :lol:

Share this post


Link to post
Share on other sites
28 minutes ago, brian! said:

I won't go over your specific points of GDPR because I guess your German lawyer has given you different advice from what I received from mine... welcome to EU law. :lol:

:4_joy: That's why I didnt want to start a discussion.  I think in all the other states in the EU the lawyers will make other suggestions.

I want to make my site safe and that is done with the checkbox but I dont know how to create a required checkbox.

34 minutes ago, brian! said:

fwiw, you probably shouldn't have posted a request in the GDPR thread I linked to... not least because it's not in the v7.5 beta community, so no guarantees any in-house developer will even see it... there's an existing feature request where such requests should be made (linked to in the GDPR thread).

I will try to open a new Thread in the Beta community!

Share this post


Link to post
Share on other sites
6 minutes ago, J-B said:

I want to make my site safe and that is done with the checkbox but I dont know how to create a required checkbox.

use a custom client field, make it a tickbox, tick show on orderform and required... test it.. and then when you're happy that it works (and it will!), then move it as I suggested.  :idea:

6 minutes ago, J-B said:

I think in all the other states in the EU the lawyers will make other suggestions.

which I guess is why WHMCS pointed users towards that feature request because they'll want to know what others around Europe are being told to do... I would imagine GDPR to be a mess until the end of the year... by which time, we'll all have a better idea of what's the "correct" method.

Share this post


Link to post
Share on other sites
22 minutes ago, brian! said:

use a custom client field, make it a tickbox, tick show on orderform and required... test it.. and then when you're happy that it works (and it will!), then move it as I suggested.  :idea:

I have add a custom field as tickbox. But If I try to add this to the six template to contact.tpl with {$service_custom_field_field1} dont work.

Any idea?

Share this post


Link to post
Share on other sites
5 hours ago, J-B said:

I have add a custom field as tickbox. But If I try to add this to the six template to contact.tpl with {$service_custom_field_field1} dont work.

Any idea?

having just rechecked, contact.tpl doesn't use customfields - clientareacontact would, but they'd already be a customer by then, so not relevant to this.

if you're not bothered about storing in the database.. then in contact.tpl, just add the following...

            <div class="form-group">
                <label for="inputMessage" class="col-sm-3 control-label">GDPR Consent</label>
                <div class="col-sm-9">
                    <input type="checkbox" required name="gdprconsent"> I consent blah blah
                </div>
            </div>    

WW1zHt6.png

it's a required field, so they can't submit without ticking it... if they don't, they'll see an error message as above.

if you need to customise the error message, perhaps using it in the client's language (or hardcoding to German)...

            <div class="form-group">
                <label for="inputMessage" class="col-sm-3 control-label">GDPR Consent</label>
                <div class="col-sm-9">
                    <input type="checkbox" required name="gdprconsent" oninvalid="this.setCustomValidity('{$LANG.ordererrords}')" oninput="setCustomValidity('')"> I consent blah blah
                </div>
            </div>  

1cUZbxC.png

off the top of my head, I can see no reason why it wouldn't work in other templates e.g., register or checkout.

I probably should have suggested this in the first place rather than worrying about storing consent.... though there's nothing to prove they have consented (because it won't be added to the email), but that's another matter.

F4vv_Z638_RMi1_OFrhgmk2_Jg.png

  • Thanks 1

Share this post


Link to post
Share on other sites
Quote

 

But by the fact the client has signed up with you and added their details, then this is consent to you holding these details.

In the UK every business that stores personal details on a computer or in manual files MUST register with the Information Commissioner under The Data Protection Act which is currently £35 a year.  So far they have not released any info on GDPR prices or how it will be be worked out.

Share this post


Link to post
Share on other sites
7 hours ago, easyhosting said:

But by the fact the client has signed up with you and added their details, then this is consent to you holding these details.

This is what you think or what your lawyer have tell you? The lawyers in germany say that the consent must be explicit. Explicit can be only with a seperate checkbox.

Share this post


Link to post
Share on other sites
Posted (edited)
4 hours ago, J-B said:

This is what you think or what your lawyer have tell you? The lawyers in germany say that the consent must be explicit. Explicit can be only with a seperate checkbox.

It is The Information Commissioner who state this and they are the ones who write the Law on this.  Everything will most likely change once the GDPR starts.

you should read this https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf as the GDPR is an EU directive which includes Germany and in point 7 - CONSENT it states 

Quote

Consent must be freely given, specific, informed and unambiguous. There must be a positive opt-in – consent cannot be inferred from silence, preticked boxes or inactivity. It must also be separate from other terms and conditions, and you will need to have simple ways for people to withdraw consent. 

so a pre ticked box cannot be used

Edited by easyhosting

Share this post


Link to post
Share on other sites

Are you kidding me?
I never said that I want to use a preticked box. I use a checkbox that the user is free to give (click the box or not, isnt preticked) me the consent.


How do you want to do that? Bether ideas are welcome!

5aa90b70152a4_Bildschirmfotovom2018-03-1412-45-35.png.d45a785d84e8afc32530004685bdb67f.png


I think I have solved it great.

Share this post


Link to post
Share on other sites
On 3/13/2018 at 2:00 PM, J-B said:

If someone dont give me the explicit consent to the use and processing of personal information, why he want to register or send me a email? 

You're being misinformed about what GDPR is and how fines/checking by the regulators will work :( 

You do not need "consent" to reply to someone contacting you. 

You do not need permission to ask for  the details necessary for providing a service.

You do need consent if you are going to use those details _for_anything_else_ (and you must explain what else they will be used for before asking for permission), that consent can be witheld, an it cannot be a condition of supplying the service, and even if granted initially must be able to be revoked by the consent giver at any time in the future

 

Share this post


Link to post
Share on other sites
14 hours ago, othellotech said:

You're being misinformed about what GDPR is and how fines/checking by the regulators will work :( 

You do not need "consent" to reply to someone contacting you. 

You do not need permission to ask for  the details necessary for providing a service.

You do need consent if you are going to use those details _for_anything_else_ (and you must explain what else they will be used for before asking for permission), that consent can be witheld, an it cannot be a condition of supplying the service, and even if granted initially must be able to be revoked by the consent giver at any time in the future

 

Hi @othellotech,

my english is not the best, but my german is perfect 9_9

I take my informationen only from german Sites, now I explain you what is written in german Blogs about the GDPR ....

 

Quote

Formulare

Die meisten Blogs verwenden zumindest ein Kontaktformular, eventuell kommen so wie hier auf datenschmutz auch weitere Formulare (für Gewinnspiele, Artikelfeedback etc.) zum Einsatz. Werden mittels Formularen Daten erhoben und gespeichert (zum Beispiel durch ein Formular-Plugin, das alle Einträge auch in der Datenbank speichert), so muss der Nutzer dazu explizit seine Einwilligung erteilen. Eine entsprechende Checkbox zur Einholung der Zustimmung des Nutzers (darf standardmäßig nicht angehakt sein) ist die sicherste Art der Umsetzung.

Translate this with Google.


There is, if personal data stored in the database the explicit consent is needed. And with me it is that if someone writes me something, this is stored in the database (WHMCS Ticket System)!
I live in Germany, so I'm teasing what is said in Germany, before I receive a warning.


Every country seems to interpret the laws differently. Welcome to the EU :-)

Share this post


Link to post
Share on other sites
5 hours ago, J-B said:

Hi @othellotech,

my english is not the best, but my german is perfect 9_9

I take my informationen only from german Sites, now I explain you what is written in german Blogs about the GDPR ....

 

Translate this with Google.


There is, if personal data stored in the database the explicit consent is needed. And with me it is that if someone writes me something, this is stored in the database (WHMCS Ticket System)!
I live in Germany, so I'm teasing what is said in Germany, before I receive a warning.


Every country seems to interpret the laws differently. Welcome to the EU :-)

you need to ignore what you read in blogs as these could be written by anyone. if you are in Germany then you need to get the correct information from https://www.gesetze-im-internet.de/englisch_bdsg/index.html

Share this post


Link to post
Share on other sites

The Federal Data Protection Act (that is the link that you have post) is not the EU General Data Protection Regulation! :wall1:

Share this post


Link to post
Share on other sites
5 minutes ago, J-B said:

The Federal Data Protection Act (that is the link that you have post) is not the EU General Data Protection Regulation! :wall1:

but they run the Data Protection regulations in Germany and will be the ones enforcing the new GDPR  in Germany, just like here in the UK Data Protection is run by the Information Commissioner's Office who will also be enforcing the new GDPR in the UK

Share this post


Link to post
Share on other sites
On 3/14/2018 at 11:46, J-B said:

I use a checkbox that the user is free to give (click the box or not, isnt preticked) me the consent.

you may want to post the template code you used to create that box... it might save others asking for it in the future if WHMCS don't add something similar themselves. :idea:

Share this post


Link to post
Share on other sites
Posted (edited)
7 minutes ago, brian! said:

you may want to post the template code you used to create that box... it might save others asking for it in the future if WHMCS don't add something similar themselves. :idea:


I used your solution for that. Thanks again!

clientregister.tpl

 {if $accepttos}
            <div class="row">
                <div class="col-md-12">
                    <div class="panel panel-danger tospanel">
                        <div class="panel-heading">
                            <h3 class="panel-title"><span class="fa fa-exclamation-triangle tosicon"></span> &nbsp; {$LANG.ordertos}</h3>
                        </div>
                        <div class="panel-body">
                            <div class="col-md-12">
                                <label class="checkbox">
                                    <input type="checkbox" name="accepttos" class="accepttos">
                                    {$LANG.ordertosagreement} <a href="{$tosurl}" target="_blank">{$LANG.ordertos}</a>
                                    <br />
                                    <input type="checkbox" required name="gdprconsent" oninvalid="this.setCustomValidity('{$LANG.registerds}')" oninput="setCustomValidity('')"> 
				  {$LANG.orderdsagreement}
				</label>
                            </div>
                        </div>
                    </div>
                </div>
            </div>
        {/if}

 

Edited by J-B

Share this post


Link to post
Share on other sites
46 minutes ago, J-B said:

I used your solution for that. Thanks again!

I knew the core solution was mine, but it just saves me time if someone sees your screenshot and asks how to do it... I can link to your post now! :idea:

  • Like 1

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

By using this site, you agree to our Terms of Use & Guidelines