Change password page problem!
I have built a set of SecurityAssist pages from wizard and got almost everything working. I have one major problem though!
The change/update password page works in general but it does not prevent inserting a not registered email address in database. For example, a user who is registered can change his password through the change password page process but if he inserts an incorrect email address it too changes in database along with the new password!?? Of course I dont want that to happen. How do I restrict a user from changing his password if the email entered in change password page is not registered for that user in database!?