API call filtering contacts by email1 returns contacts with deleted mail addresses #4779

New issue

Open

opened 2026-02-20 16:23:48 -05:00 by deekerman · 5 comments

deekerman commented 2026-02-20 16:23:48 -05:00

Owner

Copy link

Originally created by @DaRealWorm on GitHub (Jun 2, 2022).

Issue

When making an API call to the V8 Json API for contacts filtering by email1 field eg [...]/V8/module/Contacts?filter[email1][eq]=test@example.com contacts are returned that do no currently have this address but had it in the past and is now deleted.
The resulting query is SELECT contacts.id FROM email_addresses JOIN email_addr_bean_rel ON email_addresses.id = email_addr_bean_rel.email_address_id JOIN contacts ON contacts.id = email_addr_bean_rel.bean_id where ((email_addresses.email_address = 'test@example.com') AND contacts.deleted = '0') AND contacts .deleted=0 LIMIT 0,20.
This will return all contacts that currently have or ever had a relationship to this e-mail address. Only deleted contacts are excluded but no deleted email_addr_bean_rels.

Expected Behavior

Only contacts currently having an active (deleted = 0) relationship to the e-mail address should be returned.

Actual Behavior

Contacts whose relationship to this address has been deleted will still be found and returned.

Possible Fix

Including and email_addr_bean_rel.deleted = 0 in the query.
Can be included in Api/V8/Service/ModuleService.php where the Email where clause is being constructed.

Steps to Reproduce

1. enter e-mail address (eg. test@example.com) in contact
2. remove address from contact
3. query Json API [...]/V8/module/Contacts?filter[email1][eq]=test@example.com
4. contact will be returned although it does not contain the address

Context

I was trying to find a contact by e-mail address and got one that obviously did not contain the searched address. After checking the query I found that the contact previously had the address but was removed later.

Your Environment

• SuiteCRM 7.12.5
• PHP 7.3.29
• MySQL 5.7.36
• Red Hat Enterprise Linux Server release 7.9
• Postman v9.20.3

Originally created by @DaRealWorm on GitHub (Jun 2, 2022). <!--- Provide a general summary of the issue in the **Title** above --> <!--- Before you open an issue, please check if a similar issue already exists or has been closed before. ---> <!--- If you have discovered a security risk please report it by emailing security@suitecrm.com. This will be delivered to the product team who handle security issues. Please don't disclose security bugs publicly until they have been handled by the security team. ---> <!--- Please be aware that as of the 31st January 2022 we no longer support 7.10.x. New issues referring to 7.10.x will only be valid if applicable to 7.12.x and above. If your issue is still applicable in 7.12.x, please create the issue following the template below --> #### Issue <!--- Provide a more detailed introduction to the issue itself, and why you consider it to be a bug --> <!--- Ensure that all code ``` is surrounded ``` by triple back quotes. This can also be done over multiple lines --> When making an API call to the V8 Json API for contacts filtering by `email1` field eg `[...]/V8/module/Contacts?filter[email1][eq]=test@example.com` contacts are returned that do no currently have this address but had it in the past and is now deleted. The resulting query is `SELECT contacts.id FROM email_addresses JOIN email_addr_bean_rel ON email_addresses.id = email_addr_bean_rel.email_address_id JOIN contacts ON contacts.id = email_addr_bean_rel.bean_id where ((email_addresses.email_address = 'test@example.com') AND contacts.deleted = '0') AND contacts .deleted=0 LIMIT 0,20`. This will return all contacts that currently have or ever had a relationship to this e-mail address. Only deleted contacts are excluded but no deleted `email_addr_bean_rel`s. #### Expected Behavior <!--- Tell us what should happen --> Only contacts currently having an active (`deleted = 0`) relationship to the e-mail address should be returned. #### Actual Behavior <!--- Tell us what happens instead --> <!--- Also please check relevant logs (suitecrm.log, php error.log etc.) --> Contacts whose relationship to this address has been deleted will still be found and returned. #### Possible Fix <!--- Not obligatory, but suggest a fix or reason for the bug --> Including `and email_addr_bean_rel.deleted = 0` in the query. Can be included in `Api/V8/Service/ModuleService.php` where the _Email where clause_ is being constructed. #### Steps to Reproduce <!--- Provide a link to a live example, or an unambiguous set of steps to --> <!--- reproduce this bug include code to reproduce, if relevant --> 1. enter e-mail address (eg. _test@example.com_) in contact 2. remove address from contact 3. query Json API `[...]/V8/module/Contacts?filter[email1][eq]=test@example.com` 4. contact will be returned although it does not contain the address #### Context <!--- How has this bug affected you? What were you trying to accomplish? --> <!--- If you feel this should be a low/medium/high priority then please state so --> I was trying to find a contact by e-mail address and got one that obviously did not contain the searched address. After checking the query I found that the contact previously had the address but was removed later. #### Your Environment <!--- Include as many relevant details about the environment you experienced the bug in * SuiteCRM Version used: * Browser name and version (e.g. Chrome Version 51.0.2704.63 (64-bit)): * Environment name and version (e.g. MySQL, PHP 7): * Operating System and version (e.g Ubuntu 16.04): --> - SuiteCRM 7.12.5 - PHP 7.3.29 - MySQL 5.7.36 - Red Hat Enterprise Linux Server release 7.9 - Postman v9.20.3

deekerman added the

Type: Bug

Status:Fix Proposed

Area: API

labels 2026-02-20 16:23:48 -05:00

deekerman commented 2026-02-20 16:23:50 -05:00

Author

Owner

Copy link

@samus-aran commented on GitHub (Jul 6, 2022):

Seems fairly logical the fix. I dunno if this has any play in the relationship between this bug and theirs https://github.com/salesagility/SuiteCRM/issues/9147

@samus-aran commented on GitHub (Jul 6, 2022): Seems fairly logical the fix. I dunno if this has any play in the relationship between this bug and theirs https://github.com/salesagility/SuiteCRM/issues/9147

deekerman commented 2026-02-20 16:23:50 -05:00

Author

Owner

Copy link

@krzaychoos commented on GitHub (Jul 1, 2024):

Unfortunately, their bug #9147 does not resolve Contacts issue. Contacts with deleted email addresses are still found via API V8 queries. Has anyone found a solution to this problem?

@krzaychoos commented on GitHub (Jul 1, 2024): Unfortunately, their bug #9147 does not resolve Contacts issue. Contacts with deleted email addresses are still found via API V8 queries. Has anyone found a solution to this problem?

deekerman commented 2026-02-20 16:23:51 -05:00

Author

Owner

Copy link

@SuiteBot commented on GitHub (Jul 2, 2024):

This issue has been mentioned on SuiteCRM. There might be relevant details there:

https://community.suitecrm.com/t/api-returning-duplicate-records-on-email1-filter/88399/8

@SuiteBot commented on GitHub (Jul 2, 2024): This issue has been mentioned on **SuiteCRM**. There might be relevant details there: https://community.suitecrm.com/t/api-returning-duplicate-records-on-email1-filter/88399/8

deekerman commented 2026-02-20 16:23:51 -05:00

Author

Owner

Copy link

@krzaychoos commented on GitHub (Jul 2, 2024):

Exactly! THX!

@krzaychoos commented on GitHub (Jul 2, 2024): Exactly! THX!

deekerman commented 2026-02-20 16:23:51 -05:00

Author

Owner

Copy link

@chris001 commented on GitHub (Jul 4, 2024):

Would someone like to make a PR to fix this issue, from the fixed SQL provided in this reply to the forum post?:
https://community.suitecrm.com/t/api-returning-duplicate-records-on-email1-filter/88399/4

@chris001 commented on GitHub (Jul 4, 2024): Would someone like to make a PR to fix this issue, from the fixed SQL provided in this reply to the forum post?: https://community.suitecrm.com/t/api-returning-duplicate-records-on-email1-filter/88399/4

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

hotfix

develop

master

feature/php-8.4-compatibility

hotfix-7.14.x

next

feature/campaigns_revert

v7.15.0

v7.14.8

v7.14.7

v7.14.6

v7.14.5

v7.14.4

v7.14.3

v7.12.14

v7.14.2

v7.14.1

v7.12.13

v7.14.0

v7.14.0-beta

v7.13.4

v7.12.12

v7.12.11

v7.13.3

v7.12.10

v7.13.2

v7.12.9

v7.13.1

v7.13.0

v7.13.0-beta

v7.12.8

v7.12.7

v7.12.6

v7.12.5

v7.12.4

v7.12.3

v7.10.36

v7.12.2

v7.10.35

v7.12.1

v7.10.34

v7.11.23

v7.12.0

v7.12-rc

v7.11.22

v7.10.33

v7.11.21

v7.10.32

v7.11.20

v7.10.31

v7.11.19

v7.10.30

v8.0.0-beta.1

v7.10.29

v7.11.18

v7.11.17

v7.11.16

v7.10.28

v7.11.15

v7.10.27

v7.11.14

v7.10.26

v7.11.13

v7.10.25

v7.11.12

v7.10.24

v7.10.23

v7.11.11

v7.10.22

v7.11.10

v7.10.21

v7.11.9

v7.11.8

v7.10.20

v7.11.7

v7.10.19

v7.8.31

v7.10.18

v7.11.6

v7.11.5

v7.10.17

v7.8.30

v7.11.4

v7.10.16

v7.8.29

v7.11.3

v7.10.15

v7.8.28

v7.11.2

v7.10.14

v7.8.27

v7.11.1

v7.8.26

v7.10.13

v7.11.0

v7.10.12

v7.8.25

v7.11-rc-2

v7.11-rc

v7.10.11

v7.8.24

v7.11-beta

v7.10.10

v7.8.23

v7.10.9

v7.8.22

v7.10.8

v7.8.21

v7.10.7

v7.10.6

v7.8.20

v7.10.5

v7.8.19

v7.10.4

v7.10.3

v7.9.17

v7.8.18

v7.8.17

v7.10.2

v7.9.16

v7.8.16

7.9.15

v7.10.1

v7.10.0

v7.9.14

v7.8.15

v7.8.14

v7.9.13

v7.10-RC-2

v7.8.13

v7.9.12

v.7.9.11

v7.9.11

v7.8.12

v7.9.10

v7.8.11

v7.10-RC

v7.9.9

v7.8.10

v7.10-beta-3

v7.9.8

v7.8.9

v7.10-beta-2

v7.10-beta

v7.9.7

v7.8.8

v7.8.7

7.9.6

v7.9.5

v7.8.6

v7.9.4

v7.9.3

v7.9.2

v7.9.1

v7.8.5

v7.9.0

v7.8.4

v7.9.0-rc

v7.9.0-beta

v7.8.3

v7.8.2

v7.8.1

v7.8.0

v7.8.0-rc

v7.8.0-beta.2

v7.7.9

v7.8.0-beta

v7.7.8

v7.6.10

v7.7.7

v7.6.9

v7.7.6

v7.6.8

v7.7.5

v7.6.7

v7.7.4

v7.7.3

v7.7.2

v7.7.1

v7.7

v7.7-rc2

v7.7-rc

v7.6.6

v7.5.5

v7.6.5

v7.5.4

v7.7-beta2

v7.7-beta1

v7.6.4

v7.6.3

v7.6.2

v7.6.1

v7.6

v7.6-rc

v7.6-beta.2

v7.6-beta-1

v7.5.3

v7.5.2

v7.5.1

v7.5

v7.5-rc

v7.5-beta.2

v7.5-beta

v7.4.3

v7.4.2

v7.4.1

v7.4

v7.3.2

v7.4-rc

v7.4-beta.2

v7.4-beta

v7.3.1

v7.2.4

v7.3

v7.1.8

v7.3beta3

v7.2.3

v7.3-beta

v7.2.2

7.2.2

v7.1.7

7.1.7

v7.1.6

v7.2.1

v7.2

v7.2beta3

v7.1.5

v7.2beta2

v7.2beta

v7.1.4

v7.1.3

v7.1.2

v7.1.1

v7.1

v7.1RC2

v7.1RC

v7.1beta2

v7.1beta

v7.0.2

v7.0.1

Labels

Clear labels   

Area: API

  

Area: Campaigns

  

Area: Cases

  

Area: Clean Up

  

Area: Clean Up: Performance

  

Area: Dashlets

  

Area: Databases

  

Area: Developer Tools

  

Area: Elasticsearch

  

Area: Elasticsearch

  

Area: Emails

  

Area: Emails:Campaigns

  

Area: Emails:Cases

  

Area: Emails:Compose

  

Area: Emails:Config

  

Area: Emails:Templates

  

Area: Environment

  

Area: Installation

  

Area: Language

  

Area: Mobile

  

Area: Module

  

Area: PDFs

  

Area: PHP8

  

Area: Reports

  

Area: Studio

  

Area: Styling

  

Area: Upgrading

  

Area: Workflow

  

Area:Activity Stream

  

Area:Calls

  

Area:Import

  

Area:Projects

  

Area:Search

  

Area:Surveys

  

Area:Themes

  

Area:Users

  

Branch:Hotfix

  

Good First Issue

  

Hacktoberfest

  

Help Wanted

  

PR:Community Contribution

  

PR:Type:Enhancement

  

Priority:Critical

  

Priority:Important

  

Priority:Moderate

  

Severity: Major

  

Severity: Minor

  

Severity: Moderate

  

Status: Requires Code Review

  

Status: Requires Updates

  

Status: Stale

  

Status: Team Investigating

  

Status:Assessed

  

Status:Fix Proposed

  

Status:Needs Assessed

  

Status:Requires Automated Tests

  

Type: Bug

  

Type:Deprecated

  

Type:Discussion

  

Type:Duplicate

  

Type:Invalid

  

Type:Question

  

Type:Suggestion

  

Type:Suggestion

No labels

Area: API

Area: Campaigns

Area: Cases

Area: Clean Up

Area: Clean Up: Performance

Area: Dashlets

Area: Databases

Area: Developer Tools

Area: Elasticsearch

Area: Elasticsearch

Area: Emails

Area: Emails:Campaigns

Area: Emails:Cases

Area: Emails:Compose

Area: Emails:Config

Area: Emails:Templates

Area: Environment

Area: Installation

Area: Language

Area: Mobile

Area: Module

Area: PDFs

Area: PHP8

Area: Reports

Area: Studio

Area: Styling

Area: Upgrading

Area: Workflow

Area:Activity Stream

Area:Calls

Area:Import

Area:Projects

Area:Search

Area:Surveys

Area:Themes

Area:Users

Branch:Hotfix

Good First Issue

Hacktoberfest

Help Wanted

PR:Community Contribution

PR:Type:Enhancement

Priority:Critical

Priority:Important

Priority:Moderate

Severity: Major

Severity: Minor

Severity: Moderate

Status: Requires Code Review

Status: Requires Updates

Status: Stale

Status: Team Investigating

Status:Assessed

Status:Fix Proposed

Status:Needs Assessed

Status:Requires Automated Tests

Type: Bug

Type:Deprecated

Type:Discussion

Type:Duplicate

Type:Invalid

Type:Question

Type:Suggestion

Type:Suggestion

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/SuiteCRM-SuiteCRM#4779

No description provided.