Skip to Content Skip to Menu

🌲 Merry Christmas! Great savings on Professional and Developer Memberships! Get 25% off now with code XMAS-2024!

[#5284] Case Sensitive Emails on Password Reset

9 years 7 months ago - 9 years 7 months ago #264411 by bengallienne
I have noticed that when trying to reset my password using the standard lost password form, the email address is case sensitive to the one stored in the database.

This is not the case for a username reminder and that works as it should, only when just password is ticked and it's asking for username and email is this a problem.

After some digging around in the core files I believe I've found the problem.

The script below is in the site comprofiler.php in the sendNewPass function.

if ( $usernameExists ) {
$foundUser = $user->loadByUsername( $checkusername );
if ( $foundUser && ( $user->email != $confirmEmail ) ) {
$foundUser = false;
}
} else {
$foundUser = $user->loadByEmail( $confirmEmail );
}

When both email and username are entered, it goes into the top if statement and then checks that the $confirmEmail is equal to $user->email. This is case sensitive and if the email you entered does not match the one in the database exactly, it returns false.

This can be fixed by converting both $confirmEmail and $user->email to uppercase/lowercase before being compared, however I don't want to edit the core files as it will be reset with updating.

Please add this fix to a upcoming release,
Thanks.
Last edit: 9 years 7 months ago by krileon.

Please Log in or Create an account to join the conversation.

  • krileon
  • krileon
  • ONLINE
  • Posts: 48622
  • Thanks: 8303
  • Karma: 1446
9 years 7 months ago #264430 by krileon
Replied by krileon on topic Case Sensitive Emails on Password Reset
Fixed for next release. Just needs a strtolower for both.

forge.joomlapolis.com/issues/5284


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
The following user(s) said Thank You: nant

Please Log in or Create an account to join the conversation.

Moderators: beatnantkrileon
Powered by Kunena Forum