Closed mathetos closed 6 years ago
@mathetos can you please add clear steps to reproduce? Thanks
@DevinWalker @mathetos Is it similar to this issue https://github.com/WordImpress/Give/issues/1790
@ravinderk No, not similar. That is related to the LINK that is sent in the email when Email Access is enabled.
My issue here is about how a donor's Donation History can be seen simply by donating a small amount with that donors email address.
I made a screencast since I think that explains it best: http://somup.com/cbjwnkV2Dk
What I think is that here we should not show all the donation but only the last donation that s/he had made and there should be a button that will send all the donation history to his/her email id
Example:
We can also do like how payment company do
Like sending a random number code to their email id and confirming the email id by that
I like the email idea more.
@DevinWalker
I think the second one is better as compared to sending all the donation in the email:
https://github.com/WordImpress/Give/issues/2023#issuecomment-333043436
1> if the donor has more than 100 donation
As in the email, there will be lots of text which can result that our email is being Mark as Spam
and move to spam box
2> have the reusability advance if donor already had generated that code he/she can simply enter that can view the donation history no need to regenerate it again
@DevinWalker @raftaar1191 I like your second idea. https://github.com/WordImpress/Give/issues/2023#issuecomment-333043436
In addition to that, we can limit donor to use this OTP (1-4 times). If donor will not fill correct OTP then he can only see the latest donation for certain time after that try again.
I chatted with @DevinWalker about this over the weekend. Really like the direction it's going. Just to summarize, I think we're agreed on the following:
This applies only when the donor is NOT logged-in. Logged-in donors should see their full history and not be bothered with this at all.
The Donation History for non-logged-in donors only appears when they have an active session. If they don't have a session at all, then of course the default Email Access or Login screen will appear as it does currently
For non-logged-in users who have an active donation, they get directed to their Donation Confirmation like always. If they navigate to their Donation History then they'll only see the most recent donation, but with the note below it to have an access code emailed to them to access the full history.
My only concern with allowing more than the most recent donation to show by default, is that it circumvents the purpose of this ticket, which is to prevent hackers from donating $1 to see a real donors actual donation history, regardless of how far back that donation might have been, it's a privacy concern. I believe showing only the most recent is the best option, not allowing additional donations to appear at all without the email access code.
@mathetos @ravinderk @DevinWalker
Does this Mockup looks good if yes then I will start working in this
Mockup on how this setting will be going to look
Setting page:
Donation History Email:
Donation History:
Donation History After the code is being entered:
I think it's overkill to have settings for the length of the code and how many times it can be generated. Decisions not Options. I'd just make those two things be filters.
Then the code should be an email tag.
@DevinWalker Question on slack why would they have to enter a 6 digit code? Can we simply send a link with the email access token? -> Yes. but in future if user remember there code then s/he can simple enter the code and bypass the email verification process
Yes @mathetos I also agreed with your point filter will be a great option as compared to setting as two many setting can be confusing to the site's administrator
Here's how we should proceed with this @raftaar1191
For non-logged-in users who have an active donation, they get directed to their Donation Confirmation like always. If they navigate to their Donation History page containing the [donation_history]
shortcode then they'll only see the most recent donation, but with the note below it to have an access code emailed to them to access the full history.
Once the button is clicked a frontend Give notice smoothly appears above the table that instructs the donor to check their email and click on the link.
Please check your email and click on the link within to access your complete donation history.
When the donor goes to their inbox they can then easily click on the link which will open in a new tab the same page with the complete donation history available.
Subject: Please confirm your email for examplewebsite.com Heading: Confirm Email Content: Dear Name,
Please click the link below to access you donation history on examplewebsite.com. If you did not request this email please contact admin@email.com.
Click here to view donation history »
When the donor returns to the site the email access token is set for the given time period under Settings and then they can view the full list of donations:
@mehul0810 @ravinderk @DevinWalker
Please add this branch to your local branch before anyone starts working on this
https://github.com/raftaar1191/Give/tree/issues-2023
See the Video for the featured: http://youtu.be/WSiVhHdT7nc?hd=1 That is being have made in branch https://github.com/raftaar1191/Give/tree/issues-2023
Issue Overview
Currently, if a donation form doesn't require register or login, we save a session to identify the donor based on the email address they used to donate. This also gives the non-logged-in donor the ability to see the entire donations history after donating.
Imagine it this way, maybe there's a wealthy donor that has given a lot over the course of a year. If someone wanted to know how much they donated and knew that donors email address, they could just donate with a small amount with that email address and view the entire donation history. It doesn't really matter that the email address wasn't their own because all they want is to see the donation history.
Expected Behavior
The donation history page should have some sort of verification besides a session to prevent unauthorized access to that page.
Current Behavior
Currently it just takes a small donation to access that page.
Possible Solution
Enforce email access for all non-logged-in donors regardless of which email they donated with.