Email Activation

[SharkBait]

How are they done in general?

Example:

  Joe signs up on a website, and they are emailed with an activation code.  They click on it and enter their password and their online account is activated.

I guess what I am looking for is, whats the best way to create the activation code? Random characters that are stored upon creation of the new account? Then get attached to the email in the form of some link that can be clicked on?

User clicks on the link, the url has the activation code in it, it's then queried against the database and checked if it matches or not?

[hostfreak]

You pretty much answered your own question. I am sure there are other ways to do it though.

[AdRock]

try this

[url=http://www.phpfreaks.com/tutorials/40/0.php]http://www.phpfreaks.com/tutorials/40/0.php[/url]

[Ninjakreborn]

It is the same thing when someone get's approval denied.  Put it in the database, as 0 or 1, then I would put a date on it.  Have the homepage run a script whenever the admin signs in, or in a place where it get's checked, and anything that has been set to 0 for more than 2 days delete it from the database, this will remove unconfirmed accounts.

[SharkBait]

[quote author=AdRock link=topic=105648.msg422157#msg422157 date=1156553523]
try this

[url=http://www.phpfreaks.com/tutorials/40/0.php]http://www.phpfreaks.com/tutorials/40/0.php[/url]
[/quote]

Ah I didnt think about using the MD5 hash for the authentication code.  Any reason not to use their password hash??

[AdRock]

I found another tutorial with something similar where it lets them choose their own password.  Using that and the code from the phpfreaks tutorial the user could choose their own passwrd and that is encrypted using md5.  Their email activation will contain their chosen password....heres the link [url=http://www.plus2net.com/php_tutorial/php_signup.php]http://www.plus2net.com/php_tutorial/php_signup.php[/url]