Profile email change validation

[Oakley]

In Settings --> User there is a "Require email confirmation" setting that asks for users to validate their email address on sign up. This works fine on sign up.

However, if a member subsequently changes their email address within their profile then they are asked to validate it, even if this setting is disabled.

Is that correct, or is it a bug.

It's a bit annoying because even if an admin changes their email address it still sends the user a validation email when it's not wanted.

Thanks 🙂

 

[Rodolfo]

app/routes/route.settings.php

Try changing this:

$is_email_required = true;

To this:

$is_email_required = CHV\getSetting('require_user_email_confirmation');

Does it fix the issue for you? As you may notice, the error was that $is_email_required was set to true without caring about the actual setting value.

 

[Oakley]

Nope, I thought that would fix it but it didn't unfortunately. 😕

 

[Rodolfo]

app/routes/route.settings.php

Change this:

if(!$is_error && !empty($_POST['email']) && !G\timing_safe_compare($user['email'], $_POST['email'])) {

To this:

if(!$is_error && $is_email_required && !empty($_POST['email']) && !G\timing_safe_compare($user['email'], $_POST['email'])) {

 

[Rodolfo]

Fixed in v3.10.17

 

[Oakley]

Many thanks, new file works a treat 😉