Jump to content

Archived

This topic is now archived and is closed to further replies.

piliffe

A little help with email verification and flat files...

Recommended Posts

First off - thanks for having a PHP noob such as myself here. I am expecting to learn great things in the coming months.

http://piliffe.contrasthost.com/notemate

I've been working on this small project. I'm currently trying to implement a simple security measure.

Basically on the protection page:
http://piliffe.contrasthost.com/notemate/pages/protection.php

Users need to be able to submit their email address to be "added" to the email protection database. Currently the email protection database is a flat file named emaildb.txt.

I don't just want users to be able to add their email address by simply typing their address and pressing submit. I want an email sent to the address they supplied asking them to verify the email address by pressing a link within the email. When the link is pressed it takes them to a page on the NoteMate website and says the email address has been verified and automatically adds their email address to the flatfile.

As simple as this may sound I can't seem to be able to be able to create a script capable of doing this.

Also on the protection page is the same form for users to do the same as written above to remove their email from the email protection database. Simply supplying and verifying the email address will remove it from the flat file automatically.

If anyone can please help me with this I will be so very appreciative.

Thank you for your time.

Share this post


Link to post
Share on other sites
If you're asking how an e-mail verification system should work, you might decide to do it like this:
1. When a user enters and submits an e-mail address, generate a random ID and store that in your database with the e-mail address.
2. Send an e-mail containing the link verify.php?email=xxxx&id=xxxx to the e-mail address entered.
3. When the user clicks on this link, check to see if an e-mail address exists in your database with the ID that was provided.
4. If such an e-mail address exists, clear the ID from the database and the e-mail address has been verified.

Share this post


Link to post
Share on other sites
Ummmm... when you finalize the script you might wanna make sure you flat file is above the web root... http://piliffe.contrasthost.com/notemate/emaildb.txt lol

Share this post


Link to post
Share on other sites
And it would be really difficult in Flat File databases, and they are not even secure.
Use Mysql or such.

Share this post


Link to post
Share on other sites
Maybe he doesnt have a mysql database?  Lol if you do you should definatly use that... Faster and easier to read from...

Share this post


Link to post
Share on other sites
Oops I didn't realize he was using a text file instead of a database. In that case you could make the format of the file:

[code]409324 email@email.com
230443 email123@mail.com
320340 mail123@email33.com [/code]

This file would have to be protected so no one can view it. Whenever someone submits an e-mail address, add a new line to this file. When they click the link in the e-mail, make it go through each line in the file to see if such an e-mail and ID exists.

[code]<?php
// verify.php
$email = trim($_GET['email']);
$id = trim($_GET['id']);
$lines = @file('emaildb.txt');
if($lines !== false)
{ // go through each line of the file
foreach ($lines as $line_num => $line)
{
list($line_id,$line_email) = split(' ', $line);
if($email == $line_email && $id == $line_id) // found e-mail and ID in this line
{
$fp = @fopen('emaildb.txt','r+');
if($fp !== false){ // remove the ID and space (example: '239484 ') from the file
$contents = str_replace($line_id.' ','',fread($fp,filesize($fp));
// rewrite the file with the new contents
if(@fwrite($fp,$contents) !== false){
@fclose($fp);
$verified = true;
}
}
}

                     
}
}
?>[/code]

The above is a quick script I wrote which should help with part of the verification. So all the verified e-mails with exist in this file without a verification ID next to them.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.