PHP Question too :)

Printable View

Aug 30, 2000, 11:50
KeithMcL

When writing a register.php page do you think it would be best to get php to crete the password and automatically email it to the user when they register or would it be best to allow the member to choose their own password when registering?

If you think one is better than the other can you specify why you think that?
Aug 30, 2000, 12:11
qslack

I think it would be much better if the user chooses the password. Everyone can remember their very own password but no one can remember 'xtYcA4n9Ec'.

One of the reasons I never post on any forums using UltraBoard is because I forget my password :)
Aug 30, 2000, 14:18
ChrRmr

It agree that it is far better to let the users/members choose their own password.

If security is an issue, just do some basic checks to make sure the password is of a specific length, has both letters and numbers, upper and lower case in it, etc. etc.

Christian
Aug 30, 2000, 17:58
Vinay

heheh, the only time i use the "server generated password" method is if I have to MAKE SURE the user's email address is valid :)

-----------------------
myPHPhost: fact: we run PHP 4.0.2
Aug 31, 2000, 00:49
James

Many forums generate a password to check the email address is valid, then in the email that is sent to tell the user the password, contains instructions to change it to whatever the user wants.
I don't really like forums that force that, but if fake email addresses is an issue, it would be a good idea.
Aug 31, 2000, 07:03
KeithMcL

Thanks for the replies folks. I think i'll set it up to allow members to choose their own passwords. The reason behind it is because when they revisit they'll need to login again to get access to the lastest job posts.

The reason I thought about using PHP to generate the password was to make sure they entered a valid email address but I'll just use PHP to check if it's valid instead.

Thank again folks :D
Aug 31, 2000, 14:27
mkaufman

Is there a way to make PHP check if the email address is real?

I know there is something so that it will check that there is something like:

text@.text.text

I think :)

But isn't that they only way to do it?
Aug 31, 2000, 14:59
qslack

What they mean is they e-mail the server generated password to the user and they enter it to log on. So the email addy would have to be working for them to recieve the password.
Aug 31, 2000, 19:37
ChrRmr

There is a PHP class that checks if an email address is valid. It check to make sure:

1. The address is of the correct form
2. The domain/country code is correct
3. That there is a server out there responding to the domain

I have used it with great success.

Christian
Aug 31, 2000, 21:56
Vinay

ChrRmr , the whole point of authenticating email is to check if it is THEIR address
Aug 31, 2000, 23:43
jumpthru

Do you know the name of that class and how to use it?

All times are GMT -7. The time now is 03:54.