search

PHPfox-Official / phpfox-v4-issues

phpFox Public Bug Tracker
https://phpfox.com
30 stars 21 forks source link

Sms and banned users. #2970

Closed karlkunc closed 3 years ago

karlkunc commented 3 years ago

Important

Please follow this template!

user stills allowed to get token with sms even if they are banned

...

Steps to reproduce:

  1. Create user with phone number
  2. Verify user with sms token
  3. Ban user
  4. Create user with different email and same phone number.
  5. User is able to verify account with number that is associated with a banned account.

What's expected? Should not be able to use a phone number that is on a banned list. It is easy to have 100's of email addresses but not easy to have multiple phone numbers. This will help stop spammers.

...

Browsers and Devices tested

(Example: Chrome on iPhone X, Safari on Macbook, Miscrosoft Edge on Windown 10, Firefox on Ubuntu 16.04, ...)

...

Server information

(Example: CentOS 7, php 7.1 apache)

...

phpFox version

(Example: phpFox 4.6.0) 4.8.2 ...

Screenshots

...

harrison05 commented 3 years ago

Hi @karlkunc

This is a bug, we will check and fix it.

Thanks for your report.

karlkunc commented 3 years ago

Do you think that might be causing the sms notifications for users to not work as well? I have yet to get any notifications of new friends, comments or anything via SMS. But SMS is active on the user account and has been tested via the registration procedure. The notifications via email works fine when turned on and off.