For implementing bugzilla 866, I propose to introduce a new column in the
database table user:
user_emailauthenticationtimestamp
This is empty or zero in case of a "dirty", i.e. non-authenticated email
address, which is only be used for mailing a temporary password - in case a user
forgot the correct password.
The field gets the timestamp of the email authentication, when a user logs in
with the temporary password mailed to him/her from the wiki (through a dummy "I
forgot my password cycle" or a similar mechanism). It already works reasonable
and only a few code changes are needed.
The option (wiki requires authentication of email address) can be disabled by Sysop.
See bugzilla http://bugzilla.wikipedia.org/show_bug.cgi?id=866 (Email
authentication by a dummy "forgot my password" cycle)
This enhancement is implemented in Enotif 2.00 for CVS (see
http://bugzilla.wikipedia.org/show_bug.cgi?id=454 )
Version: 1.5.x
Severity: enhancement