[ic] Multizip and Multistate do not require
paul at gishnetwork.com
Fri Jan 8 17:46:23 UTC 2010
>> As standard ships, the Common Profile has among other things:
>> I should mention that I do have MV_STATE_REQUIRED and MV_ZIP_REQUIRED
>> properly. With this, I was under the impression a zipcode and state
>> would be
>> If the customer is not from the US or Canada, they can get through the
>> checkout without having a state or zipcode. I noticed this because I
>> getting autocreate failures with sporadic German customers that were
>> including their postal code prefixed on the City, and leaving the
>> code blank.
>> Anyway, to work as expected, one would really need this:
>> I'm submitting this to make sure this was the intended behavior, or is
>> in fact a bug.
>> Just to be clear, as Standard ships, auto-creates can fail.
> Hi Paul,
> A patch was made by Mike to prevent the autocreation from failing, see:
> This has been backported to 5.6.2 stable branch and is part of the current
> 5.6.2 download:
> Only if you'd do an order desk entry you'd still run into the problem
> mentioned from the looks of it as there the password generation is still
> based on just the zipcode.
However I noticed it is no longer using the zip for the password. Was this
also done for some security reason?
I ask because part of our RMA system has an option if they have no account -
they sign in with their order number and zipcode. This looks up their
username (UXXXX) and uses the zip for the password - which if I switch to
randomized password, I'll have to rework this. Most non-account customers
won't know their random password.
If there is a security risk by using zipcode then I'll make the change,
otherwise it can wait.
More information about the interchange-users