Uploaded image for project: 'phpBB'
  1. phpBB
  2. PHPBB-16167

phpbb_email_hash creates false duplicates

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • 3.3.0-b2
    • 3.2.8
    • None

      Several different new members are unable to register because they get the error message, "You already have an account with that email." However, they do not already have an account. Rather, a completely different person has an account with a completely different email address that happens to result in the same BIGINT hash from the phpbb_email_hash function.

      Either the function has to be fixed to create unique numbers for all valid email addresses, or the phpbb software needs to be reconfigured so that it does not rely on the hash with absolute confidence.

      A simple fix could be to have the software do a more intensive and complete search for an email match when there is a duplicate. The software should never assume with certainty that the hash match is reliable and means there is a real match.

            Marc Marc
            thescott thescott [X] (Inactive)
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: