$result->link = "<a href=\"$CFG->wwwroot/$CFG->admin/settings.php?section=sitepolicies\">".get_string('sitepolicies', 'admin').'</a>';
if (empty($CFG->emailchangeconfirmation)) {
- $result->status = REPORT_SECURITY_WARNING;
- $result->info = get_string('check_emailchangeconfirmation_error', 'report_security');
+ if (empty($CFG->allowemailaddresses)) {
+ $result->status = REPORT_SECURITY_WARNING;
+ $result->info = get_string('check_emailchangeconfirmation_error', 'report_security');
+ } else {
+ $result->status = REPORT_SECURITY_INFO;
+ $result->info = get_string('check_emailchangeconfirmation_info', 'report_security');
+ }
} else {
$result->status = REPORT_SECURITY_OK;
$result->info = get_string('check_emailchangeconfirmation_ok', 'report_security');
$string['check_emailchangeconfirmation_details'] = '<p>It is recommended that an email confirmation step is required when users change their email address in their profile. If disabled, spammers may try to exploit the server to send spam.</p>';
$string['check_emailchangeconfirmation_error'] = 'Users may enter any email address.';
+$string['check_emailchangeconfirmation_info'] = 'Users may enter email addresses from allowed domains only.';
$string['check_emailchangeconfirmation_name'] = 'Email change confirmation';
$string['check_emailchangeconfirmation_ok'] = 'Confirmation of change of email address in user profile.';
projects / moodle.git / commitdiff