PHP Developers Network

A community of PHP developers offering assistance, advice, discussion, and friendship.
 
Loading
It is currently Mon Apr 06, 2020 10:10 am

All times are UTC - 5 hours




Post new topic Reply to topic  [ 4 posts ] 
Author Message
PostPosted: Wed Jun 20, 2012 2:44 am 
Offline
Forum Contributor

Joined: Fri Jul 09, 2004 1:23 am
Posts: 422
I am thinking on how to implement a email change function in light of the worst case scenario and how to revert it if it was malicious.

In light of people choosing the easiest possible password that I let them choose, I have to deal with a hacked account or a collegue using the logged in account to change the email just for fun.

If I change a customers email, I have to deal with the possibility that I am handing over his account to someone else.

My approach is the following:

- I ask for the password again when the Email is changed
- I create 2 Emails one to the old address one to the new. Both inlcude a different hash. The one to the new is obvious as it is used for validation. The one to the old includes 2 Links, one to finalize the change and one to deny the change in case of a malicious change request.

I change the emailadress on validation but I keep the possibility to reverse it if the user e.g. comes back from vacation and notices the problem.

Is this enough precaution or do I need more? I might be totally paranoid about this but I can think of a couple of scenarios where I might think that an automated email change system might be completely a bad idea ...


Top
 Profile  
 
PostPosted: Thu Jun 21, 2012 5:55 am 
Offline
DevNet Master
User avatar

Joined: Sun Feb 15, 2009 12:08 pm
Posts: 2794
Location: .za

_________________
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering


Top
 Profile  
 
PostPosted: Fri Jun 22, 2012 2:22 am 
Offline
Forum Contributor

Joined: Fri Jul 09, 2004 1:23 am
Posts: 422
The validation email to the new account is just to make sure the email is correct, as my application requires a valid email so I can contact the user.

My problem was that I used the email adress as username as well but I changed this so most of the problems I had with changing the mail are gone now ;)


Top
 Profile  
 
PostPosted: Sun Jun 24, 2012 5:41 pm 
Offline
DevNet Master
User avatar

Joined: Thu Mar 15, 2007 6:28 pm
Posts: 2765
Location: Redding, California


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group