SitePoint Sponsor

User Tag List

Results 1 to 19 of 19
  1. #1
    SitePoint Wizard Defender1's Avatar
    Join Date
    Apr 2001
    Location
    My Computer
    Posts
    2,808
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Verifying Email Addys

    I'm writing a fairly basic sign up script.
    1. the user fills in the info on the signup page.
    2. the information is passed to a script that will record the info and mail the user with a verification link.
    3. The user clicks the link and a 3rd script takes the processed info and enters it into my db.

    Now, i know and can find out all the commands etc, but I don't know how to do #2 where it stores the info, and makes a dynamic, unique url for the user to click. How would i keep the info that the user submitted and make the link?

    How should i go about this? vB uses this to verify the email addys of people who signup here, but i don't have vB, so i can't check it out.
    Last edited by Defender1; Jul 26, 2001 at 14:59.
    Defender's Designs
    I'm Getting Married!

    Not-so-patiently awaiting Harry Potter Book 7 *sigh*

  2. #2
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You could store the data in a table at step 2 with an extra field called approve set it to 0 then make the link with the id for that record tacked onto it, when they click the link for the email you can simply update the record with that id and set approve to 1.
    Please don't PM me with questions.
    Use the forums, that is what they are here for.

  3. #3
    SitePoint Wizard Defender1's Avatar
    Join Date
    Apr 2001
    Location
    My Computer
    Posts
    2,808
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ok, so now how do i make the link do that? thats really my main problem
    Defender's Designs
    I'm Getting Married!

    Not-so-patiently awaiting Harry Potter Book 7 *sigh*

  4. #4
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Can you make the link? If you can get the link into the email then if the link was like

    http://www.yourdomain.com/confirm.php?id=23

    When the user clicks the link, on that page simply run a query to update the record based on the records id number.


    Is that what you are asking? Or are you having trouble creating the link itself?
    Please don't PM me with questions.
    Use the forums, that is what they are here for.

  5. #5
    SitePoint Wizard Defender1's Avatar
    Join Date
    Apr 2001
    Location
    My Computer
    Posts
    2,808
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    well, if i put in the mail statement:
    PHP Code:
    mail("$email""New user confirmation""From: 3dartisan.net""$mailbody"); 
    then i in $mailbody:
    PHP Code:
    $mailbody ="The following is the information you submitted:\n";
    $mailbody.="$username\n";
    $mailbody.="$password\n";
    etc....
    $mailbody.="<a href=\"http://www.3dartisan.net/confirm.php?id=$id\">Confirm me</a>"
    and in the confirm.php i would have:
    PHP Code:
    $db_connect=mysql_connect("$host""$admin_user""$admin_pw");

    // User id of 1 is verified
    $query="INSERT into $tablename values
    ('1', 'username', 'password', 'other info');

    if (mysql_db_query("
    $DBname", "$query", "$db_connect"))
    {
      print "
    Query excecuted!";
    }
    else
    {
      print "
    Query failed!";
    }
    mysql_close ( 
    $db_connection ); 
    how's that look?
    Last edited by Defender1; Jul 26, 2001 at 15:46.
    Defender's Designs
    I'm Getting Married!

    Not-so-patiently awaiting Harry Potter Book 7 *sigh*

  6. #6
    SitePoint Wizard Defender1's Avatar
    Join Date
    Apr 2001
    Location
    My Computer
    Posts
    2,808
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    it doens't wanna print that last line.
    it's
    PHP Code:
    mysql_close ($db_connection); 
    Defender's Designs
    I'm Getting Married!

    Not-so-patiently awaiting Harry Potter Book 7 *sigh*

  7. #7
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    See I would be running the insert statement right when they signup and setting the value of approve to 0 initially, on confirm.php you would use

    UPDATE $tablename set approve = 1 WHERE id = '$id';
    Please don't PM me with questions.
    Use the forums, that is what they are here for.

  8. #8
    SitePoint Wizard Defender1's Avatar
    Join Date
    Apr 2001
    Location
    My Computer
    Posts
    2,808
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ok, lets go over this.

    1. User fills form
    2. Info is stored into database with verifiy set initialy to 0
    3. User is sent email to verify account.
    4. Clicks link which loads confirm.php with the submitted info.
    5. Confirm.php updates the users info in the db, setting verify to 1.
    6. User is ready to go!

    Sound good?

    one last question. how does $id get from the link to the script?
    Defender's Designs
    I'm Getting Married!

    Not-so-patiently awaiting Harry Potter Book 7 *sigh*

  9. #9
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    If you have a normal php setup, by default all GET variables and POST variables for that matter are automatically available to you in your script so if the user clicks on a link taking him to confirm.php?id=1

    You can use id by calling $id.

    Yes those steps are the way I would do it.
    Please don't PM me with questions.
    Use the forums, that is what they are here for.

  10. #10
    SitePoint Wizard Defender1's Avatar
    Join Date
    Apr 2001
    Location
    My Computer
    Posts
    2,808
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    sweet.
    thanks for your help dude.
    Defender's Designs
    I'm Getting Married!

    Not-so-patiently awaiting Harry Potter Book 7 *sigh*

  11. #11
    SitePoint Zealot
    Join Date
    May 2001
    Location
    UK
    Posts
    184
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I did something similar. The thing is, adding $ID to the url is not that secure, say they got ID 230 they could just change that to 231 and validate somebody else. Ok, you could use cookies, but they might have them turned off.

    I thought some algorithm on the username would work, but how would you do that in PHP?

  12. #12
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You could make them supply their username and password on confirm.php and mmake sure they are who the say they are before activating the account.
    Please don't PM me with questions.
    Use the forums, that is what they are here for.

  13. #13
    SitePoint Zealot
    Join Date
    May 2001
    Location
    UK
    Posts
    184
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Good idea, mine is actually just a download script, I guess I could generate them a password email them that and have it in the URL string.

    Cheers freddy

  14. #14
    SitePoint Wizard Defender1's Avatar
    Join Date
    Apr 2001
    Location
    My Computer
    Posts
    2,808
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    well, i'll just tell them in the email that tampering with the url will prevent authentication.
    if they legitemly want to sign up, they'll just leave it like that
    Defender's Designs
    I'm Getting Married!

    Not-so-patiently awaiting Harry Potter Book 7 *sigh*

  15. #15
    SitePoint Wizard Defender1's Avatar
    Join Date
    Apr 2001
    Location
    My Computer
    Posts
    2,808
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    actually, that's a good idea.

    i'll just have them type in a username, and a pw will be sent to them.

    how would i go about generating a random alpha-numeric number in php?

    [Edit] - Nevermind, got the random pw generator going.
    Last edited by Defender1; Jul 27, 2001 at 02:42.
    Defender's Designs
    I'm Getting Married!

    Not-so-patiently awaiting Harry Potter Book 7 *sigh*

  16. #16
    SitePoint Wizard Defender1's Avatar
    Join Date
    Apr 2001
    Location
    My Computer
    Posts
    2,808
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok, everything's done and working except the confirm.php part of the script.
    how the heck would i structure this thing?

    So far i got:
    1. User clicks the link to confirm.php?id=[userid]
    2. It runs some code to change the verify value from 0 to 1
    3. Display success message

    So, do you think this would work well?
    PHP Code:
    $user_id="$id";

    if (
    mysql_db_query($DBname$query$dbconnect){
        print 
    "Account Verified!";
    } else {
        print 
    "Verification Failed!";
        print 
    mysql_error();

    please comment on any sytax errors you might see.
    also, how would i go about updating one single field in the mysql db? I know you have to use UPDATE, but i don't how to only effect 1 field. thanks again.
    Last edited by Defender1; Jul 27, 2001 at 02:48.
    Defender's Designs
    I'm Getting Married!

    Not-so-patiently awaiting Harry Potter Book 7 *sigh*

  17. #17
    SitePoint Wizard Defender1's Avatar
    Join Date
    Apr 2001
    Location
    My Computer
    Posts
    2,808
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    bump
    Defender's Designs
    I'm Getting Married!

    Not-so-patiently awaiting Harry Potter Book 7 *sigh*

  18. #18
    SitePoint Zealot
    Join Date
    May 2001
    Location
    UK
    Posts
    184
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You would need to do something like
    UPDate verification from my_newsletter where ID=$id

    I recommend you have a butchers at http://www.webmasterbase.com/article/228 you hav probably already read it (Kevin's Building a Database-Driven Web Site Using PHP and MySQL) but it is good for reference too.

    If you haven't already, have a read of PHP 101 @ devshed very well writtern.
    http://www.devshed.com/Server_Side/PHP/PHP101_1

    Full list of sites at
    http://www.sitepointforums.com/showt...threadid=18699

  19. #19
    SitePoint Wizard Defender1's Avatar
    Join Date
    Apr 2001
    Location
    My Computer
    Posts
    2,808
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ok, everything is working except the printing of the id in the url, which means they can't verify their account.
    Basically, this is the code for the mail:
    PHP Code:
    $user_id_query "SELECT id from 3dartisan_users WHERE username=$username";
    $result mysql_db_query(jchinn$user_id_query$Link);

    if (
    $result=''){
        print 
    "ERROR: MySQL database query failed!\n";
        print 
    mysql_error();
        print 
    "<br><br>Please report this error to <a href=\"mailto:info@3dartisan.net\">info@3dartisan.net</a>\n";
    } else {
    $verify_body ="You are receiving this email because someone, probably you, requestied membership at  [url]http://www.3dartisan.net\n\n[/url]";
    $verify_body.="You have 1 week to click the link below to verify your account for use.\n";
    $verify_body.="http://www.3dartisan.net/confirm.php?id=$result\n"// Here's where the id is suppose to print
    $verify_body.="After that it will be put back in the pool for others to use.\n";
    $verify_body.="Your login information is below:\n\n";
    $verify_body.="Username: $username\n";
    $verify_body.="Password: $password\n";
    $verify_body.="\n";
    $verify_body.="If you wish to edit your information, you may do so be visiting this link:\n";
    $verify_body.="http://www.3dartisan.net/edit_profile.php\n";
    $verify_body.="Thank you for using 3dartisan.net,\n";
    $verify_body.="3dartisan.net Staff\n";

    mail("$email""3dartisan Verification""$verify_body""From: $from_staff"); 
    Now, it's not printing the id at the end, which i'm guessing means that $result isn't getting passed the id from the query.
    But, if thats the case, then it should fail due to the if checking if $result is empty.
    Anything wrong with my if statemetn?
    Any ideas on why it's not printing the id?

    [Edit] Ok, my if was bad, i fixed it, and i'm getting an error.
    but, mysql_error(); didn't return anything, so i don't know what's wrong.
    Last edited by Defender1; Jul 27, 2001 at 03:59.
    Defender's Designs
    I'm Getting Married!

    Not-so-patiently awaiting Harry Potter Book 7 *sigh*


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •