Yeodan Posted May 2, 2009 Share Posted May 2, 2009 I'm just wondering how I should handle this. I want people who want to register to put in their email adress, then I want to validate the email, if it's a valid mail I want to send a mail to that email adres with a link the use should click to activate their account. A few things I'm wondering: Should I validate the mail, and how do I do this, I've seen like 20 sites, they all do it a diffrent way, and none of them works 100% for every possible email. Are there any requirements to make the validation mail secure? I was just thinking of using a number between 1-10000 + the account number, storing both in a seperate table with all the user info and when the link is clicked moving the info to the real table where accounts are stored. Is that any good? Quote Link to comment Share on other sites More sharing options...
the182guy Posted May 2, 2009 Share Posted May 2, 2009 No, moving the record from one table to another is not the standard practice to address your requirements. The easiest way and most common is to keep the records in the same table but have a boolean field (0/1) to indicate whether the record has been activated by email. You can generate a random string then md5() it to get an activation token which you can use in the email. As for validating an email address, this has always worked for me: if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) { //email is NOT valid } Quote Link to comment Share on other sites More sharing options...
nankoweap Posted May 2, 2009 Share Posted May 2, 2009 i do something similar in my apps - only one that i've ported to php, though, but still the same idea. the first registration page asks the user for his/her email address. when they submit that form, a unique authorization code is generated, then stored in the database along with the email address and an expiration date as well as a is_used flag. then a message is emailed to the email address that allows them to continue the registration process which doesn't include the ability to update their email address. when the url is clicked, i validate the authorization code exists, hasn't been used and hasn't expired. if the validation succeeds, then i update the is_used flag and the registration process begins. jason Quote Link to comment Share on other sites More sharing options...
Yeodan Posted May 2, 2009 Author Share Posted May 2, 2009 doesn't work with .info or any 3+ extensions =( Quote Link to comment Share on other sites More sharing options...
Yeodan Posted May 2, 2009 Author Share Posted May 2, 2009 finally figured it out :x just change the 3 at the end to 4 or w/e you want to use but longer extensions are possible like .info .museum ... or just remove the {2,3} part and replace it with a + Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.