Destramic Posted January 1, 2015 Share Posted January 1, 2015 hey guys, i need a little help on the best way to generate a seo friendly token...at the moment i use password_hash() with a peice of users information to create a key so that the user can verifiy account by a url sent via email. now the problem i'm having with that is it contains forward slashes which is killer for my uri and not to mention all the other seo friendly characters it conatins. how do i make the hash url friendly?...any advise would be great thank you Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted January 1, 2015 Share Posted January 1, 2015 since search engines won't ever post data to your site, they should never get to the point of seeing one of your links containing an account verification token. it doesn't matter if the url is seo friendly or not. also, the token should be completely random and not tied to any user specific values. if you have the openssl_random_pseudo_bytes() function available, it is the current recommend method of generating a chosen length, random token. Quote Link to comment Share on other sites More sharing options...
NotionCommotion Posted January 2, 2015 Share Posted January 2, 2015 What about this? $encoder = new Base2n(5, '0123456789ABCDEFGHJKMNPQRSTVWXYZ'); $raw_token = mcrypt_create_iv(16, MCRYPT_DEV_URANDOM); $activation_code = $encoder->encode($raw_token); Quote Link to comment Share on other sites More sharing options...
Destramic Posted January 3, 2015 Author Share Posted January 3, 2015 since search engines won't ever post data to your site, they should never get to the point of seeing one of your links containing an account verification token. it doesn't matter if the url is seo friendly or not. also, the token should be completely random and not tied to any user specific values. if you have the openssl_random_pseudo_bytes() function available, it is the current recommend method of generating a chosen length, random token. i did a bit of reading on the openssl_random_pseudo_bytes() which seems just the thing i need thank you. now i've never dealt with ssl before and im about to buy a certificate...but im not sure what certificate i need to buy if anyone can please help? https://www.ssls.com/comodo-ssl-certificates/ now i need a wildcard so i can use the cert on pages such as login and register (dont know what else) but there are so many different name types and different validations...confused! any help would be great thanks guys Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted January 3, 2015 Share Posted January 3, 2015 if your mention of getting an ssl certificate has anything to do with the suggestion of using openssl_random_pseudo_bytes(), there is no need for an ssl certificate to do so. you only need an ssl certificate if you are going to have visitors connect to your site via an encrypted connection - https://your_domain.com Quote Link to comment Share on other sites More sharing options...
Destramic Posted January 3, 2015 Author Share Posted January 3, 2015 no i need to get one but dont know what type of certificate it is i need to buy from the url i gave above...any advise would be great thanks Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted January 3, 2015 Share Posted January 3, 2015 you need to start a new thread for your ssl certificate question as it has nothing to do with the title and topic of this thread. Quote Link to comment Share on other sites More sharing options...
Destramic Posted January 3, 2015 Author Share Posted January 3, 2015 ok thank you Quote Link to comment Share on other sites More sharing options...
Destramic Posted January 3, 2015 Author Share Posted January 3, 2015 ok thank you Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.