Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-13811

Add a confirmation step when a user changes their own email address in their profile.

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Major Major
    • 1.8.6, 1.9.2
    • 1.9
    • Authentication
    • None
    • MOODLE_19_STABLE
    • MOODLE_18_STABLE, MOODLE_19_STABLE

      Currently there is no process and any new email address is accepted.

      I think we could do it like this instead:

      • User edits profile and submits form
      • If email is different then:
      • Do NOT update the real profile email yet.
      • Save that new email in a user preference together with a random key.
      • Send an email to the NEW address with instructions and a link containing the secret key.
        eg http://moodle.org/user/emailchange.php?id=y73nj3bh3b3m7678bbhbhbhbh3bh34
      • User finds the email, clicks the link, and a script:
      • verifies the secret key,
      • changes the profile email to the new one and
      • deletes the user preference

        1. MDL-13811_002.patch
          8 kB
        2. MDL-13811_003.patch
          9 kB
        3. MDL-13811_004.patch
          8 kB
        4. MDL-13811_005.patch
          9 kB
        5. MDL-13811.patch
          8 kB
        6. MDL-13811.png
          MDL-13811.png
          102 kB
        7. MDL-13811b.png
          MDL-13811b.png
          88 kB

            nicolasconnault Nicolas Connault (Inactive)
            dougiamas Martin Dougiamas
            Jérôme Mouneyrac Jérôme Mouneyrac
            Votes:
            3 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.