I'm creating one of those scripts that verify your email address before youre account becomes active when registering, by sending an email to the address you specify.
I'm thinking though - when a user tries to register, what I will do is basically create their account but flag it "unactivated". Ill also store an entry in a different sql table with an 'id' value representing their account, and a 'code' value. Ill send these values in an email to the supplied email (in URL format, much like most other scripts like this do).
For the user to activate, they much properly access my php script and supply their 'id' value with their correct 'code' value. Then, I will flag their account 'activated', delete their table entry in the 'waiting to be activated' table and their account will be fully registered.
What should I base the 'code' value off of, though? I was thinking, since only 1 email may be registered with the same name, I could make the code value the first 10 digits of the MD5 result of their email address. Something similar to...
if($suppliedcode == substr(md5($emailaddress), 0, 10)) then activate!
What do yall think?
It should be random, otherwise people can create accounts with fake email addresses if they figure out your scheme.
I did something else. The file is a class, which is a loaded as a module by a sytem I wrote for my senior project. It works well, but there's some requirements in there (like some of my other classes), though they shouldn't be hard to replace. Take a look:
http://www.liquid-server.org/register.phps
If you want the full site source, talk to me.
[edit]
This will maybe help:
http://www.liquid-server.org/register.form.tpl.phps
Meh, it's difficult for me to look at other peoples code sometimes - and your code is just confusing to me. I think it's a little more than what I'm needing to do but I appreciate the willingness to share. I managed to get my method running and I think it'll work out fine.
O well. The MIME headers for the email are down near the bottom, if you need them.
/me smiles inside
Glad I could make you happy, Warrior.
Rabbit, that code is downright silly.
Hey, it works and I like it.
Good point. Still silly.
Quote from: Banana fanna fo fanna on June 23, 2006, 11:01 PM
Good point. Still silly.
/me frowns at BananaFFF
Actually lol I think it was based off my original module system somewhat but rabbit-ified. I thought it was a good idea for a CMS I was developing at the time. Of course now instead of creating an interface for modules to communicate with I pass them a reference to the core and have allowable functions monitored on a by-caller basis in PHP. I think most of this is a result of me overcomplicating everything when I was a novice PHP coder.
It is based (loosely!) off of DTCMS's module system, and yes, I did modify it heavily. I didn't have a lot of time to write everything, so I went with a basic system I know and had and implementation for. If you STILL think its silly, go read littlegamers to find out what silly really is. Good day.
Silly because it's over-engineered. However, "it works well for me" is ALWAYS a certainly reasonable reason for taking a given choice of action.
Yes. It is overengineered. But it's also alone. Looking at the whole site makes it less overengineered looking (though I suppose it all still is).
i just use php's emailing functions. it's basic, and simple.
Warz: Why is your site forbidden?
God's gift to the world!
function generateRandomString($length) {
$values = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o",
"p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G",
"H", "I", "J", "K", "L", "M", "N", "O","P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y",
"Z", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0");
$random_string = "";
for($i=0; $i < $length; $i++) {
$random_string .= $values[mt_rand(0,61)];
}
return $random_string;
}
When creating the code, just call generateRandomString(32). The easiest way to do this would be to store it in the database until they try to activate, because any way that you could create the same string twice without storing it could be guessed and cracked.
It'd be shorter to write@values = ("a" .. "z", "A" .. "Z", "0" .. "9");
PHP doesn't have that functionality, but close. Use the range() function.
Quote from: Savior on June 26, 2006, 11:56 PM
Warz: Why is your site forbidden?
Sorry, it's currently at www.rafm.org/en/ - i didnt want people messing with it while it was being constructed. It's got a little bit of functionality now, but it's still missing the main purpose. Currently you can register, login and create a group, join a group and view group information.