Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
The string comparison in email_confirm_user_presave is case sensitive, so if someone changes their email from Greg@example.com to greg@example.com then email confirm will send an email when it really shouldn't.
The code should probably do a drupal_strtolower() on each string prior to the comparison.
Comment | File | Size | Author |
---|---|---|---|
#7 | 2811837-7-confirm-insensitive-with-tests-d7.patch | 2.55 KB | greggles |
| |||
#5 | 2811837-confirm-insensitive-with-tests-d7.patch | 2.55 KB | greggles |
#3 | 2811837-confirm-insensitive-with-tests-d7.patch | 0 bytes | greggles |
#2 | 2811837-email-confirm-insensitive-d7.patch | 1.05 KB | coltrane |
Comments
Comment #2
coltraneHere's a patch
Comment #3
gregglesUpdated patch with tests.
Comment #5
gregglesLet's try that again.
Comment #7
gregglespatch -p1 could handle that last patch, but not git apply, so...here's a new one that works for me locally using "git apply".
Comment #9
gregglesOK, committed and pushed. Thanks, coltrane!