• Welcome to the Chevereto User Community!

    Here, users from all over the world come together to learn, share, and collaborate on everything related to Chevereto. It's a place to exchange ideas, ask questions, and help improve the software.

    Please keep in mind:

    • This community is user-driven. Always be polite and respectful to others.
    • Support development by purchasing a Chevereto license, which also gives you priority support.
    • Go further by joining the Community Subscription for even faster response times and to help sustain this space
  • Chevereto Support CLST

    Support response

    Support checklist

    • Got a Something went wrong message? Read this guide and provide the actual error. Do not skip this.
    • Confirm that the server meets the System Requirements
    • Check for any available Hotfix - your issue could be already reported/fixed
    • Read documentation - It will be required to Debug and understand Errors for a faster support response

Profile email change validation

Status
Not open for further replies.

Oakley

💖 Chevereto Fan
In Settings --> User there is a "Require email confirmation" setting that asks for users to validate their email address on sign up. This works fine on sign up.

However, if a member subsequently changes their email address within their profile then they are asked to validate it, even if this setting is disabled.

Is that correct, or is it a bug.

It's a bit annoying because even if an admin changes their email address it still sends the user a validation email when it's not wanted.

Thanks 🙂
 
app/routes/route.settings.php

Try changing this:
PHP:
$is_email_required = true;

To this:
PHP:
$is_email_required = CHV\getSetting('require_user_email_confirmation');

Does it fix the issue for you? As you may notice, the error was that $is_email_required was set to true without caring about the actual setting value.
 
app/routes/route.settings.php

Change this:
PHP:
if(!$is_error && !empty($_POST['email']) && !G\timing_safe_compare($user['email'], $_POST['email'])) {

To this:
PHP:
if(!$is_error && $is_email_required && !empty($_POST['email']) && !G\timing_safe_compare($user['email'], $_POST['email'])) {
 
Status
Not open for further replies.
Back
Top