SitePoint Sponsor

User Tag List

Results 1 to 11 of 11
  1. #1
    Freelance Web Designer KeithMcL's Avatar
    Join Date
    Oct 1999
    Location
    Dublin, Ireland
    Posts
    1,125
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    When writing a register.php page do you think it would be best to get php to crete the password and automatically email it to the user when they register or would it be best to allow the member to choose their own password when registering?

    If you think one is better than the other can you specify why you think that?

  2. #2
    SitePoint Wizard
    Join Date
    Jul 1999
    Location
    Chicago
    Posts
    2,629
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I think it would be much better if the user chooses the password. Everyone can remember their very own password but no one can remember 'xtYcA4n9Ec'.

    One of the reasons I never post on any forums using UltraBoard is because I forget my password

  3. #3
    SitePoint Zealot
    Join Date
    Nov 1999
    Location
    Manhattan!
    Posts
    107
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It agree that it is far better to let the users/members choose their own password.

    If security is an issue, just do some basic checks to make sure the password is of a specific length, has both letters and numbers, upper and lower case in it, etc. etc.

    Christian

  4. #4
    SitePoint Evangelist
    Join Date
    May 2000
    Location
    Canada
    Posts
    533
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    heheh, the only time i use the "server generated password" method is if I have to MAKE SURE the user's email address is valid

    -----------------------
    myPHPhost: fact: we run PHP 4.0.2

  5. #5
    SitePoint Wizard
    Join Date
    Apr 2000
    Posts
    1,483
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Many forums generate a password to check the email address is valid, then in the email that is sent to tell the user the password, contains instructions to change it to whatever the user wants.
    I don't really like forums that force that, but if fake email addresses is an issue, it would be a good idea.

  6. #6
    Freelance Web Designer KeithMcL's Avatar
    Join Date
    Oct 1999
    Location
    Dublin, Ireland
    Posts
    1,125
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for the replies folks. I think i'll set it up to allow members to choose their own passwords. The reason behind it is because when they revisit they'll need to login again to get access to the lastest job posts.

    The reason I thought about using PHP to generate the password was to make sure they entered a valid email address but I'll just use PHP to check if it's valid instead.

    Thank again folks

  7. #7
    exit();
    Join Date
    Jul 2000
    Posts
    759
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Is there a way to make PHP check if the email address is real?

    I know there is something so that it will check that there is something like:

    text@.text.text

    I think

    But isn't that they only way to do it?

  8. #8
    SitePoint Wizard
    Join Date
    Jul 1999
    Location
    Chicago
    Posts
    2,629
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    What they mean is they e-mail the server generated password to the user and they enter it to log on. So the email addy would have to be working for them to recieve the password.

  9. #9
    SitePoint Zealot
    Join Date
    Nov 1999
    Location
    Manhattan!
    Posts
    107
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    There is a PHP class that checks if an email address is valid. It check to make sure:

    1. The address is of the correct form
    2. The domain/country code is correct
    3. That there is a server out there responding to the domain

    I have used it with great success.

    Christian

  10. #10
    SitePoint Evangelist
    Join Date
    May 2000
    Location
    Canada
    Posts
    533
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ChrRmr , the whole point of authenticating email is to check if it is THEIR address

  11. #11
    SitePoint Wizard jumpthru's Avatar
    Join Date
    Apr 2000
    Location
    Los Angeles, California
    Posts
    1,008
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Do you know the name of that class and how to use it?


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •