Skip to:
Content

BuddyPress.org

Opened 15 months ago

Last modified 11 months ago

#7938 new defect (bug)

Using the same activation key results in wrong "Invalid activation key" error

Reported by: r-a-y Owned by:
Milestone: Awaiting Contributions Priority: normal
Severity: normal Version:
Component: Members Keywords: needs-testing
Cc:

Description

Reported here:
https://buddypress.org/support/topic/invalid-activation-key-10/

Original report follows:

So I’ve been plagued by this from users who either try and use their activation email again, or some that double click on the link. They all end up on the classic ‘Invalid activation key’ page.

Looking at the buddypress code I think there is a bug (feature?) that means that once an activation code is used once, it will never be able to be used again. This is despite there being code further on in this process to check this scenario and return an error of ‘The user is already active’. This code NEVER RUNS, because of the way the key is looked up in the database.

once an account is activated (active=1), the key can never be looked up again. Hence the error my users were getting.


Forum thread also has code that attempts to address the issue.

Sounds like a valid report, but needs verification and testing.

Change History (3)

#1 @DJPaul
14 months ago

  • Milestone changed from Awaiting Review to Under Consideration

Assuming these codes are somewhat randomly generated in our end (MD5, I'd guess), it's amusing to me that we find reports with the key conflicting. I'm not sure where we store it, but if a user is activated, I can't see any reason why we need to keep that key around (we could delete it?).

#2 @DJPaul
14 months ago

See also #7914

#3 @DJPaul
11 months ago

  • Milestone changed from Under Consideration to Awaiting Contributions
Note: See TracTickets for help on using tickets.