Ray J. Greenwell 4e5882cb4b Uhhh... WHY do we want to re-use the validation record? Don't.
The validation record doesn't have an email address in it.
When we change the user's email address we create a validation record.

So, with the re-use, the following would work:
1) Set your email address to real.address@site.com, a validation email
   is sent.
2) Don't click it! Instead, go back and change your email address to
   fake.address@fakeyfake.com, another validation email is sent (but
   bounces).
3) Click on the link in the first email. Ta-dah! You've "validated"
   fake.address@fakeyfake.com!!

So: generate a new validation code every time we're asked to create
one for the user.

Right? Right?
2011-11-03 18:45:53 -07:00
2011-10-05 09:42:44 -07:00
S
Description
User library for games
220 KiB
Languages
Java 100%