nus-pe-bot
commented
3 years ago Team's Response
This bug is caused by the same defect in the same part of the code, where the log in info is updated with the new user info even though user try to register for an invalid email/password. Fixing this error would fix all of these bugs.
The 'Original' Bug
[The team marked this bug as a duplicate of the following bug]
Able to log in to account that was not created
Able to log in to account that was not created (bob@gmail.com). This happens after trying to create an existing account (abcd@gmail.com).
[original: nus-cs2113-AY2021S2/pe-interim#1340] [original labels: severity.High type.FunctionalityBug]
Their Response to the 'Original' Bug
[This is the team's response to the above 'original' bug]
No details provided by team.
Items for the Tester to Verify
:question: Issue duplicate status
Team chose to mark this issue as a duplicate of another issue (as explained in the Team's response above)
- [x] I disagree
Reason for disagreement: These two bugs are functionally different. One is about an account that was not created, the other is duplicate accounts, even if it comes from the same place in the code, they still have different consequences to the user. The only possibility for this to be duplicate is linking it to "Able to log into the account with multiple passwords".
This bug follows from being able to create multiple log in infos with the same email without tampering with the data file. (See Able to log into account with multiple passwords bug report)
After changing both instances to have the same password (Password2@) and resetting to Password1!, the Password2@ account still persists. Major security issues.