Hi Guys,

I am currently experimenting on my test server the JD Testimonals component.

I have set up the component OK and it is sending reminder emails and the links in the emails work.

The problem is that the user has to log in to the site before they can leave a testimonal even though they have clicked the link from the email.

Is it possible that a customer can leave a testimonal without logging in if they have clicked the link from the email?

The link in the email has got the order ID so that should be enough to indentify the user has come to leave a testimonal rather than view current ones.

Has anyone else tried to implement this?

Any help is much appreciated!

Thanks

Hello,

This is not possible as they might as well go there from the site. This is primarily done for preventing spam testimonials. The spammers will know the direct link to the input form.

The only other way around this I can see is not only to include the order ID but a unique ID for the invitation. This unique ID can't be guessed easily either by spammers.

You may check with akeebabackup.com they have a way of generating a onetime unique passwaord via email that logs you into as admin to update akeeba that is only good for 24 hours. I'm sure it would be somewhat simple to do the same based on their code.