AppGini Community Forums

I have encountered an issue where two members used the same email address. It was a common one for both of them. But they both needed their own account.

The problem occurred when one requested to reset their password. They used the email address. The system sent the email out but it presented an issue when the link was clicked it returned an error.

"Invalid username or password. No matching user associated with that email address."

I have resolved this by coding to check to see if the email address is a duplicate, the same way the user name is checked to insure it is not a duplicate. If it is a duplicate email address the person attempting to sign up is advised the email address is already in use. They are told to use another email address. They can then contact the administrator to have it checked etc.

This may be something to put in a future version. Email address duplication checking.

I have also added coding to check the ip address they are making the request from for a password change. Since I record all ip addresses of anyone who signs in it checks this in a table to see if it matches the same geographic region of previous login's by this person making the request. (The program looks up and adds to the table the geographic region they are accessing from.)

If it does not match the same geographic region they are sent a message to state they will be personally contacted by the admin to verify due to inconsistencies in their request. A bit paranoid but it is what the client wanted as he could not see any reason for anyone outside the 'home base area' to be asking for a reset request.

Alan

I've added unique email check during registration/profile update to my checklist for the next release .. thanks for the suggestion!

Ahmed

I cannot find the code to check for duplicate email addresses in 5.31. It also does not appear to do that when a new member signs up. They can have more than one person using the same email address. This does cause some issues. Can you advise why it may not be working now? I was able to create two new members with the same email address.

Re: Search for duplicate email address at sign up time
Post by a.gneady » 20 Jun 2013, 09:03

I've added unique email check during registration/profile update to my checklist for the next release .. thanks for the suggestion!

That check hasn't been implemented yet :/ Sorry for that. It'll be included in the next fix.

For now, you could open the generated membership_signup.php file in a text editor, find this code block: Add the following check below it:

a.gneady wrote: ↑

2015-02-17 04:50

For now, you could open the generated membership_signup.php file in a text editor, find this code block:

Code: Select all

		if(!$email){
			echo error_message($Translation['email invalid']);
			exit;
		}

Add the following check below it:

Code: Select all

		if(sqlValue("select count(1) from membership_users where lcase(email)='$email'")){
			echo error_message('This email is already registered.');
			exit;
		}

Ahmed this method is not working anymore.
Can you implement it properly or show us a dir=fferent way, please?

Hmm ... I can't see why it won't work
There has been no change in the structure of the membership_users table in the new release. But you could try a more explicit check like this: