Changes between Version 2 and Version 3 of EmailChangeNotification
- Timestamp:
- Apr 24, 2018, 10:53:12 AM (7 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
EmailChangeNotification
v2 v3 16 16 If they submit their new email address and password correctly, then a token will be created and sent to the users previous email address with a notice that "Your email address has been changed. If you did not take this action, then please click on the link below reverse this process and change your password." The link will be valid for 7 days. 17 17 18 The system will also set the user.email_addr field to the new email address, rehash the password and put the old email address into the user.previous_email_addr and set the user.email_addr_change_time to unix_timestamp().18 The system will also set the user.email_addr field to the new email address, rehash the password and put the old email address into the user.previous_email_addr and set the user.email_addr_change_time to php time()time(). 19 19 20 20 When the user clicks on the link then they be sent to a page that verifies the token. If the token is invalid, then the user will be informed that they need to provide a new password and that after submission their password will be updated and the email address will be reverted to the previous email address. If the token is valid (it will be submitted as a hidden field), then user.email_address will be assigned the value from user.previous_email_address and user.email_addr_change_time will be set to 0.
