PHP Question too :)

**KeithMcL** · Aug 30, 2000, 11:50

When writing a register.php page do you think it would be best to get php to crete the password and automatically email it to the user when they register or would it be best to allow the member to choose their own password when registering?

If you think one is better than the other can you specify why you think that?

**qslack** · Aug 30, 2000, 12:11

I think it would be much better if the user chooses the password. Everyone can remember their very own password but no one can remember 'xtYcA4n9Ec'.

One of the reasons I never post on any forums using UltraBoard is because I forget my password

**ChrRmr** · Aug 30, 2000, 14:18

It agree that it is far better to let the users/members choose their own password.

If security is an issue, just do some basic checks to make sure the password is of a specific length, has both letters and numbers, upper and lower case in it, etc. etc.

Christian

**Vinay** · Aug 30, 2000, 17:58

heheh, the only time i use the "server generated password" method is if I have to MAKE SURE the user's email address is valid

-----------------------
myPHPhost: fact: we run PHP 4.0.2

**James** · Aug 31, 2000, 00:49

Many forums generate a password to check the email address is valid, then in the email that is sent to tell the user the password, contains instructions to change it to whatever the user wants.
I don't really like forums that force that, but if fake email addresses is an issue, it would be a good idea.

**KeithMcL** · Aug 31, 2000, 07:03

Thanks for the replies folks. I think i'll set it up to allow members to choose their own passwords. The reason behind it is because when they revisit they'll need to login again to get access to the lastest job posts.

The reason I thought about using PHP to generate the password was to make sure they entered a valid email address but I'll just use PHP to check if it's valid instead.

Thank again folks

**mkaufman** · Aug 31, 2000, 14:27

Is there a way to make PHP check if the email address is real?

I know there is something so that it will check that there is something like:

text@.text.text

I think

But isn't that they only way to do it?

**qslack** · Aug 31, 2000, 14:59

What they mean is they e-mail the server generated password to the user and they enter it to log on. So the email addy would have to be working for them to recieve the password.

**ChrRmr** · Aug 31, 2000, 19:37

There is a PHP class that checks if an email address is valid. It check to make sure:

1. The address is of the correct form
2. The domain/country code is correct
3. That there is a server out there responding to the domain

I have used it with great success.

Christian

**Vinay** · Aug 31, 2000, 21:56

ChrRmr , the whole point of authenticating email is to check if it is THEIR address

**jumpthru** · Aug 31, 2000, 23:43

Do you know the name of that class and how to use it?

User Tag List

Thread: PHP Question too :)

Thread Tools

Display

Bookmarks

Bookmarks

Posting Permissions