Activate User Account Using auth code

[tlbaqua]

I have a database, and a auth code is created and assigned to that user and until the user activates theyre account they cannot use it. i have everything done except for verifying the user and changing the users active status from 0 to 1, 1 being activated..

 

screenshot of my database is attached, aswell as some other files... thankyou to the genius who helps me

class.user.php

dbconfig.php

home.php

index.php

logout.php

sign-up.php

[Jacques1]

So what exactly is the problem? If you expect somebody to wade through your entire codebase and implement the feature for you, I don't think that will happen.

 

By the way, you should consider hashing the activation codes instead of storing them as plaintext. While the codes are not as critical as, say, the passwords, it would still be annoying if some joker finds them out and activates all accounts at once. A very simple hash algorithm like SHA-256 is sufficient for the codes, since they're purely random. So upon registration, you generate a code, send the plaintext code to the user and store the SHA-256 hash of it in the database. Upon verification, you hash the user-provided token and check if this hash is present in your database.

[drose379]

I can help go through your current code and get this crucial feature working for you, as well as check out your existing code and make sure it is secure. Please reply here if you are interested. 

 

[Zane]

Add another column to your database named auth_code or something. Create a single script that takes one GET parameter x. When the user finishes form submission, create a random auth_code, store it in the database table, send the code as a link to the aforementioned script which does something like this:

 

if(isset($_GET['x']) {

// Search the database for the auth_code
// If it exists, then return the id of the user and set them to `active`

}