CMS MADE SIMPLE FORGE

Self Registration

Back to List

[#3928] Empty email could be entered in registration form

Created By: Piotras Cimmperman (vilkis)

Date Submitted: Sun Aug 23 05:27:58 -0400 2009

Assigned To: Robert Campbell (calguy1000)

Version: 1.2.5

CMSMS Version: None

Severity: Critical

Resolution: Fixed

State: Closed

Summary:

Empty email could be entered in registration form

Detailed Description:

Selfregistration 1.2.5 and FrontEndUsers 1.6.9

There is no validation of email (and probably other required fields, except
username and password)

To fix this:
In file action.reguser.php replace lines:
$propdefnsbyname = array();
{
  $tmp = $feusers->GetPropertyDefns();
  for( $i = 0; $i < count($tmp); $i++ )
    {
      $propdefnsbyname[$tmp[$i]['name']] = $tmp[$i];
    }
}

with this
$propdefnsbyname = $feusers->GetPropertyDefns();

vilkis

History

Date: 2009-09-06 13:13
Posted By: Robert Campbell (calguy1000)

fixed in svn.

Date: 2009-11-18 17:50
Posted By: Ben Malen (drone)

Required text fields are still not checked to see if they contain a value.
Currently, only email, multiselect, and date fields are checked.

Fix:

Look for the switch conditional under the comment:
// Check to ensure all required fields have some content
// and validate email fields

Add this code inside the switch conditional:

case 0: /* text */
if ($required) {
if (!isset($params['input_' . $propname]) || trim($params['input_' .
$propname]) == '') {
		$defn = $feusers->GetPropertyDefn($propname);
		$params['error'] = 1;
		$params['message'] = $this->Lang('error_requiredfield', $defn['prompt']);
		return $this->myRedirect($id, 'default', $returnid, $params);
	}
}
break;

Updated: 2011-12-23 10:33
cmsms_version_id: => -1
state: Open => Closed

Updated: 2009-09-06 13:14
resolution_id: 5 => 7

Updated: 2009-09-06 13:13
resolution_id: => 5

CMSMS | CMS Made Simple

CMS MADE SIMPLE FORGE

Self Registration

[#3928] Empty email could be entered in registration form

History