Opened 8 years ago
Last modified 7 years ago
#38432 new feature request
Validate user creation and email change by token
Reported by: | lriaudel | Owned by: | |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | normal | Version: | 4.9 |
Component: | Login and Registration | Keywords: | has-patch needs-unit-tests |
Focuses: | ui | Cc: |
Description
When you register on a wordpress site or when you change your email, we can use a fake email (or error entry) and it create ghost profile. I see 36 bad profile in 2 month on a website.
If an email is send with a validate links (token), the profile or the email change can be executed.
It secure correct data.
Thanks
Attachments (2)
Change History (5)
#1
@
8 years ago
- Component changed from Users to Login and Registration
- Keywords needs-patch 2nd-opinion added
- Type changed from enhancement to feature request
- Version 4.6.1 deleted
Note: See
TracTickets for help on using
tickets.
Hello Team
I have added the patch considering that it's better to give user the role when he/she has submitted the registration form. In the email, there is a link to reset password, when anyone clicks on it he/she will be assigned default role as per settings of WordPress.
Let me know your suggestions for the same.
Thanks