Today I faced the following problem:
The only two things Joomla checked was whether the e-mail was written correctly and whether it was in use by a different user.
Why isn't Joomla sanding the same activation e-mail to the new e-mail in order to change it in an user's profile? Is there something I should know?
This looks as if that very important functionality was missing in the profile editing component.
How do I make it working without editing core files?
EDIT:
I created a plugin which handles it: http://extensions.joomla.org/extensions/access-a-security/site-security/site-protection/18139
EDIT2:
The plugin is available on GitHub at https://github.com/WooDzu/plg_emailactivation
Well if you want a way to sort this out then try this:
Write your own authentication plugin that uses the onBeforeStoreUser event. Here you check the user email validates correctly whenever they change their email address.
Should you want to you can deactivate the user's account, and then send them a new activation email with link. Have a look the com_users code to see how the registration is dealt with in terms of new users registering and the sending of the activation email. You can pretty much copy the code from there.
Example code for you plugin:
onBeforeStoreUser($user, $isnew) {
if (!$isnew) {
// grab code from com_users to generate activation email
// part of the code makes an activation sequence
// sql to inject this seq into the users account
$db = JFactory::getDBO();
$db->setQuery('
UPDATE #__users
SET activation = '.$db->quote($activation_code)).'
WHERE id='.$user->id.'
);
$db->query();
// send activation email
}
}