Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-10005

users can register without custom profile field correctly entered

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 3.0.8
    • Fix Version/s: 3.0.9-RC1
    • Component/s: None
    • Labels:
      None
    • Environment:
      MySQL 5.1.52
      PHP 5.2.15

      Description

      A mandatory custom profile field has been defined (custom_profile_field1.png), with a default value that is equal to the non entered value (custom_profile_field2.png). Users should therefore not be able to register without selecting a non-default value for this. This is indeed the case when registering through the phpBB registration screen. However, users (spammers) are able to register with the default value set - i.e. spammers are somehow submitting their own form to register, and it is bypassing the custom profile field validation.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                naderman Nils Adermann
                Reporter:
                mmillmor mmillmor
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: