Hi,
How can I prevent users from changing their email address on my account?
Thanks in advance
Disable email change for customers
- 105
- 1036
- 5/25/2013
- United Kingdom
After the customer has registered, they can login and change their email in the /customer/info part of website.
This email field that is displayed is part of Nop.Web\Views\Customer\Info.cshtml view and is validated and saved in Nop.Web\Controllers\CustomerController.cs in the Info(CustomerInfoModel) HttpPost action.
If you wanted to prevent users from changing their email addresses on their own account then you would have to override this view and remove the email address. You would also need to change the view model to remove the email address and would also need to customize the controller code to prevent it from validating that email address (preferably all through the use of a plugin).
This all being said, I would ask why is it that you would like to remove this functionality? After a user has registered, if they would like to change their email address to a more relevant address, why would you want to stop them from doing this?
Hope this helps.
This email field that is displayed is part of Nop.Web\Views\Customer\Info.cshtml view and is validated and saved in Nop.Web\Controllers\CustomerController.cs in the Info(CustomerInfoModel) HttpPost action.
If you wanted to prevent users from changing their email addresses on their own account then you would have to override this view and remove the email address. You would also need to change the view model to remove the email address and would also need to customize the controller code to prevent it from validating that email address (preferably all through the use of a plugin).
This all being said, I would ask why is it that you would like to remove this functionality? After a user has registered, if they would like to change their email address to a more relevant address, why would you want to stop them from doing this?
Hope this helps.
- 105
- 1036
- 5/25/2013
- United Kingdom
nop-world.com wrote:
Oooh... Didn't think of that. Good answer. I was in the mindset of removing it completely but just making it read-only will satisfy the validation.
I'm still a little concerned though as to why you would disable this but I'm sure you may have your reasons.
Hi.
The easiest way to do it is replacing the @Html.EditorFor(model => model.Email) field on Customer/Info.cshtml file to a hidden field, and use a label to display customer's e-mail.
The easiest way to do it is replacing the @Html.EditorFor(model => model.Email) field on Customer/Info.cshtml file to a hidden field, and use a label to display customer's e-mail.
Oooh... Didn't think of that. Good answer. I was in the mindset of removing it completely but just making it read-only will satisfy the validation.
I'm still a little concerned though as to why you would disable this but I'm sure you may have your reasons.
MVP
Certified Developer
- 668
- 6076
- 3/30/2018
- Bangladesh
nop-world.com wrote:
Hi,
In this case, users can still change their email if someone have basic knowledge in web page inspect. Here you also have to remove below mentioned code from CustomerController->Info [HttpPost].
Hi.
The easiest way to do it is replacing the @Html.EditorFor(model => model.Email) field on Customer/Info.cshtml file to a hidden field, and use a label to display customer's e-mail.
The easiest way to do it is replacing the @Html.EditorFor(model => model.Email) field on Customer/Info.cshtml file to a hidden field, and use a label to display customer's e-mail.
Hi,
In this case, users can still change their email if someone have basic knowledge in web page inspect. Here you also have to remove below mentioned code from CustomerController->Info [HttpPost].
if (!customer.Email.Equals(model.Email.Trim(), StringComparison.InvariantCultureIgnoreCase))
{
//change email
_customerRegistrationService.SetEmail(customer, model.Email.Trim());
//re-authenticate (if usernames are disabled)
if (!_customerSettings.UsernamesEnabled)
{
_authenticationService.SignIn(customer, true);
}
}