Sanitized email addresses are too long, preventing you from saving the user edit form

Created on 18 June 2024, 10 months ago

Problem/Motivation

ACSF runs a custom drush command for sanitizing a db after it's been synced from prod to a dev/test environment. It has this code in it:

    // Avoid collisions between the Factory and site users when scrubbing.
    $connection->update('users_field_data')
      ->expression('mail', "CONCAT('user', uid, '@', SHA2(mail, 256), '.example.com')")
      ->expression('init', "CONCAT('user', uid, '@', SHA2(init, 256), '.example.com')")
      ->condition('uid', $preserved_users, 'NOT IN')
      ->execute();

This creates an email address like this:

user6@a1bf0954aaf56aedb9896e5ad3e492fff040fb0acc1a98cf1137c528b799d717.e...

This is not a valid email. Drupal runs email validation on the field when saving the user profile form and it fails with reason Egulias\EmailValidator\Result\Reason\LabelTooLong because "a1bf0954aaf56aedb9896e5ad3e492fff040fb0acc1a98cf1137c528b799d717" is 64 characters but the max length allowed is 63 characters.

Steps to reproduce

Edit any user account that was sanitized after the site sync process. Try saving and observe error "The email address user6@a1bf0954aaf56aedb9896e5ad3e492fff040fb0acc1a98cf1137c528b799d717.e... is not valid. Use the format user@example.com."

Proposed resolution

Shorten the bit length of the SHA2 hash function from 256 to 224 to reduce the length of the hash.

Remaining tasks

User interface changes

API changes

Data model changes

🐛 Bug report

Status

Needs review

Version

2.0

Component

Code

Created by

🇺🇸United States bkosborne New Jersey, USA

Live updates comments and jobs are added and updated live.

Merge Requests

!5Sanitized email addresses are too long, preventing you from saving the user edit form
Open
🇺🇸United States bkosborne
updated 10 months ago

Comments & Activities

Issue created by @bkosborne
Comment 10 months ago →
🇺🇸United States bkosborne New Jersey, USA
Comment 10 months ago →
🇺🇸United States bkosborne New Jersey, USA
I'm very confused. There are two branches, 8.x-2.x and 8.x-2.x-release. The former is using SHA2 and the latter has been set to use MD5 to calculate the hash for 6 years. Is the 8.x-2.x branch abandoned?
Merge request !5Use MD5 instead of 256 SHA2 for generating sanitized email for shorter hash length → (Open) created by bkosborne
Comment 10 months ago →
🇺🇸United States bkosborne New Jersey, USA
bkosborne → changed the visibility of the branch 3455489-sanitized-email-addresses to hidden.
Comment 10 months ago →
🇺🇸United States bkosborne New Jersey, USA
bkosborne → changed the visibility of the branch 8.x-2.x-release to hidden.
Status changed to Needs review 10 months ago4:51pm 18 June 2024
Comment 10 months ago →
🇺🇸United States bkosborne New Jersey, USA

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024