It started with log reports (mail_logger module) which shows that the email confirmation mail is being send, with empty To address. So, I believe that the email_confirmation module must be triggered by some other event.

It's clear that the hook_user is the entry for this module. So then the question is: is it possible that the $op == 'submit' and at the same time $user->mail != $edit['mail'] with any other event on a drupal website?

For the moment, I suspect that the request new password (/user/password) code triggers the hook_user while $op == submit and $user->mail != $edit['mail'].

I'm digging a bit further so I can confirm this. In the meantime, I thought I would post this already.

Comments

toemaz’s picture

toemaz CreditAttribution: toemaz commented
Title: Request new password trigger email confirmation » Editing profile fields triggers email_confirm
Priority: Normal » Critical

I was wrong to assume it was request new password. It is the profile module.

Suppose you have profile fields added, to a specific category, let's say 'Personal information'. When the users is going to edit them on /user/uid/edit/Personal+information, then hitting the submit button will trigger the email_confirm module.

Simply because $user->mail != $edit['mail'], because 'my_email@my_domain.com' != ''.

So, what needs to be done: change line 135

      if ($user->mail != $edit['mail']) && !user_access('administer users')) {

into

      if ($user->mail != $edit['mail'] && !empty($edit['mail']) && !user_access('administer users')) {
toemaz’s picture

toemaz CreditAttribution: toemaz commented
Status: Active » Needs review

Even though it is not a patch, I guess I can change the status.

jaydub’s picture

jaydub CreditAttribution: jaydub commented
Status: Needs review » Fixed

indeed that makes sense. good catch.

Anonymous’s picture

Anonymous (not verified) CreditAttribution: Anonymous commented
Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for two weeks with no activity.