SitePoint Sponsor

User Tag List

Results 1 to 8 of 8
  1. #1
    SitePoint Zealot
    Join Date
    May 2010
    Posts
    100
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Email confirmation email upon registration, how?

    hi guys, second last thing I need to figure out (last is just sanitizing all my input correctly ).

    I tried searching the site but couldn't find anything.

    I want to send an email to the successfully registered user that contains a link that they must click to activate the account - the account will not work until the link is clicked.

    I have a few very rough guesses...

    1) have an 'activated' (0 or 1) and a 'code' field in the users table

    2) create activate.php

    3) create a random string, insert it into the 'code' field.

    4) send an email with link to activate.php?code=the-random-code

    5) check the-random-code in the users db

    6) activate that user if it is there


    is that about right? if so, how do you send an email in php! hah.

  2. #2
    SitePoint Zealot Zurev's Avatar
    Join Date
    Feb 2009
    Posts
    171
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    That is about right! Check out php's mail() function.

    PHP: mail - Manual

  3. #3
    SitePoint Zealot
    Join Date
    May 2010
    Posts
    100
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Oh, too easy!

    I shall begin. Thanks again for your help Zurev.

  4. #4
    SitePoint Zealot
    Join Date
    May 2010
    Posts
    100
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Code:
    $activated = mysqli_query($link, "SELECT activated FROM members WHERE username = '$username');
    $result = mysqli_fetch_assoc($activated);
    					if ($result != 1) {
    						$error = 'Error.';
    						include 'error.php';
    						exit();
    					}
    I know that is the wrong way to go about it.. can someone please explain to me the correct way to check if the result of a query is either 0 or 1 (activated is stored as either 0 or 1 in the db).

  5. #5
    SitePoint Zealot
    Join Date
    May 2010
    Posts
    100
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    best I have come up with is:

    Code:
    $activated = mysqli_query($link, "SELECT * FROM members WHERE username = '$username' AND password = '$password' AND activated='1'");
    $result = mysqli_num_rows($activated);
    					if ($result != 1) {
    						$error = 'You are not activated.';
    						include 'error.php';
    						exit();
    					}
    else
    login is fine etc
    seems to work, but something tells me it isn't the best way. if anyone can give their opinion that would be wonderful.

  6. #6
    SitePoint Enthusiast webdesignhouston's Avatar
    Join Date
    Dec 2010
    Posts
    58
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    A side note: NULLify the activation code field once it has been used. One good reason for doing so is that for example you ban a user and set the "activated" field to 0. The user goes through his emails and click the activation link again and your script would activate the account.

  7. #7
    SitePoint Enthusiast webdesignhouston's Avatar
    Join Date
    Dec 2010
    Posts
    58
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by portem View Post
    Code:
    $activated = mysqli_query($link, "SELECT activated FROM members WHERE username = '$username'");
    $result = mysqli_fetch_assoc($activated);
    					if ($result != 1) {
    						$error = 'Error.';
    						include 'error.php';
    						exit();
    					}
    PHP Code:
    $activated mysqli_query($link"SELECT activated FROM members WHERE username = '$username'");
    $result mysqli_fetch_assoc($activated);
    if (
    $result === false || $result["activated"] == 0) {
        
    // if no record found OR activated field was 0 (or NULL)
        
    $error 'Error.';
        include 
    'error.php';
        exit();

    Last edited by webdesignhouston; Apr 22, 2011 at 22:57. Reason: typo

  8. #8
    SitePoint Zealot
    Join Date
    May 2010
    Posts
    100
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by webdesignhouston View Post
    A side note: NULLify the activation code field once it has been used. One good reason for doing so is that for example you ban a user and set the "activated" field to 0. The user goes through his emails and click the activation link again and your script would activate the account.
    Honestly didn't think of that, implementing right away. Thank you!

    Quote Originally Posted by webdesignhouston View Post
    PHP Code:
    $activated mysqli_query($link"SELECT activated FROM members WHERE username = '$username'");
    $result mysqli_fetch_assoc($activated);
    if (
    $result === false || $result["activated"] == 0) {
        
    // if no record found OR activated field was 0 (or NULL)
        
    $error 'Error.';
        include 
    'error.php';
        exit();

    And thanks again, I didn't know how to do the $result["activated"] part at all, and definitely good to check if it's empty too heh. Thanks, I greatly appreciate it.. I can now move on to sanitizing all my code.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •