Prestashop: Customer e-mail address not validated when beeing changed in the profile / frontend

Thanks for opening this issue! We will help you to keep its state consistent

Hi @dannyqwertz,

I have the same behavior with PS1.7.5.1, PS1.7.6.7 and 1.7.7.x branch.
I think this is an improvement.
Ping @PrestaShop/prestashop-product-team what do you think?

It is reproduced from the FO and the BO.
Related to: https://github.com/PrestaShop/PrestaShop/issues/17809

Thanks!

Hi there, I cannot reproduce this behavior when I test it with Machine Shuffle, did I miss something? 🤔

See screenshots below for more information:

Hi @LouiseBonnard,

Could you please check with this Address mail [email protected].
In your case there is a . before @, this is incorrect.

Thanks!

@khouloudbelguith, I've just tested with the suggested email and it works, you're right. But in the issue's example, the email address is [email protected], not [email protected].

@LouiseBonnard, yes you are right!

The address mail [email protected] not accepted => OK
The address mail [email protected] accepted => NOK, I think this is the issue, @LouiseBonnard what do you think?
Ping @dannyqwertz waiting for your feedback.

Please keep in mind that there is NO REAL way to validate an email. Almost anything with an @ is valid.
So [email protected] is "valid", as in "possible".
you can read more here for example.

There is an RFC about email format (https://tools.ietf.org/html/rfc8398).

The only "good" way to validate the email, is to send an email with a confirmation token, otherwise, whatever you write, it doesn't mean this email address can be reached.

Nice, thanks a lot for the feedback! If I understand well, there is no good quick solution? We could not add an extra validation parameter to check this field?

If no, a possible solution would be to send the new address an email with a confirmation link each time a user updates the email field: 1/ if the user confirms, the email address is updated in the personal account, 2/ if the user does not confirm, the field is not updated. And the last solution would be to keep things as-is and plan a new way to deal with the email edition for the next major version.

I think the main issue here is not how we validate the email, but that we don't validate it the same way everywhere We must be consistent in our validation rules so that they are always the same
I believe @atomiix has worked on this validation rules recently (regarding the special cyrilic characters in email addresses)

I'm pretty sure we're consistent everywhere now. This issue seems to have been created for PrestaShop 1.7.5.2, and as @LouiseBonnard & @khouloudbelguith saw, the address [email protected] which was accepted in 1.7.5.2 is not accepted anymore in 1.7.6.x.
I'm gonna close this issue, feel free to reopen it if i'm missing something.

Thank you all for your informations and checks!
addendum - as stated in my initial issue:
I again tried to change my mail-address (in demo.prestashop.com, should be 1.7.6.7 as of today) to exactly [email protected] (with the dot before the @) and this change took effect:

I actually didn't know that such a format would be possible but as stated by @jolelievre I cant register with this (or similar) mail-adress so there may still be some consistency-errors when validating these in user-profiles vs. in the registration process.