0

Edited to note that the issue was with a conflict between how Expresso Store stores the passwords and the "require secure passwords" option in the EE Admin/Security CP. Turning of requirement of secure passwords fixes the issue, but not the conflict.

Original Post: I have an ExpressionEngine store that is using Expresso Store for it's e-commerce functionality.

So far, everything seems to be working, except member registration on checkout.

Everything seems to go ok on checkout2 (where you fill in shipping, billing and registration info), but even if you follow all the password rules (at least one capital, one lower case, one number), when you go to do the final check out, you get an error that says: "The form you submitted contained the following errors: Password must contain at least one uppercase character, one lowercase character and one number," even if the password chosen meets all those criteria.

What I've tried: -I have made sure member registration enabled in the EE CP, so that's not the issue.

-I have the register_member="yes" in my expression for the checkout form.

-I have the password, password_confirm, username and screen name fields present, exactly as they are in the example in the documentation.

-I thought it was weird that the error is on the final checkout page, not after the page where the password is created. So, I tried putting the registration form on the final checkout page (payment info entry), and that resulted in that page just refreshing upon submission, with no errors, but no progress, either.

-I tried looking at the order fields section of the module, and mapping fields to EE member fields, but since I don't have any custom fields, and am only using the EE defaults (email, password, password_confirm, username, screen_name) for the registration form, that won't work, as if there are no custom member fields, there is no way to map them to the default member fields.

-I've made sure I am not including both register_member="yes" and the {field:register_member}. I am only using register_member="yes" and then the password, confirm password, username and screen_name fields, as shown in the example in the documentation.

Any thoughts as to why this is hanging up? Am I even including this on the correct page by putting it on checkout2 (I figured it should be on the same page as the email field). One thought I have is since ExpressionEngine is requiring the password criteria (at least one uppercase, one lowercase, one numeric), is it possible that the Store form is rending these as non-case sensitive, therefore, getting rid of the capital letter? I don't want to allow insecure passwords - when members are tied into the payment system.

Brooke Martin Chao
  • 11
  • 2
  • Does Expresso Store come with any premade templates that you can use? I'd try that and if that works, just see where they are including the form and replicate it. – APAD1 May 20 '14 at 16:29
  • That's what I used. I seem to have isolated it to the "require secure passwords" setting in EE. If I disable that, the member gets registered with no issue. If I require secure passwords, it fails. I am suspecting at this point that something about Store renders the passwords all lowercase (no matter how it's typed), which is what causes the conflict with secure passwords. Any thoughts? – Brooke Martin Chao May 20 '14 at 16:57
  • Unfortunately without having access to the Expresso Store files there's not much I can suggest, I personally use Brilliant Retail for my e-commerce ExpressionEngine sites. Hope you get it figured out! – APAD1 May 20 '14 at 17:13
  • What version of EE & Store are you using? – Justin Long May 20 '14 at 18:12
  • Justin - Current versions of both. 2.8.1 for EE, and 2.3.1 for Store. Also, I am getting deprecation notices in one of the Store files (src/Store/Action/CheckoutAction in lines 150 and 24) because delete_xid() has been deprecated since EE 2.8.0. – Brooke Martin Chao May 20 '14 at 20:38
  • APAD - thank you for your input, but at this stage in the game switching cart options is not on the table. It's working except for not allowing requirement of secure passwords. That's hardly a deal breaker. – Brooke Martin Chao May 20 '14 at 20:39
  • Following up your email - will post back here when we get to the bottom of this issue. – Adrian Macneil May 27 '14 at 02:28

0 Answers0