[SOLVED] Upgrade or delete row?

[CMC]

Ok,

 

I've got a contact script, everything works fine. Processes the information, stores it in the DB, emails the user with a confirmation link (avoid spam). It all works great. My question is, what do you think the better option is? I'll explain. The confirmation script checks the key its received in the URL against a database table, if it finds anything it checks whether or not an email has already been sent using that key. If it has, it shows the appropriate error. If it hasn't, the information is pulled out and then mailed. Now here is where my question comes into play. Currently, I've got the script updating the row to show that the mail has been sent, so the same email can't be sent again. I was wondering if just deleting the entire row would be more efficient.

 

What do you think? Delete the row or just update it?

 

Thanks

-CMC

[deadimp]

Most likely deleting would be more efficient. Less resource usage, less chance of someone gaining access and seeing the information in its raw, unencrypted form.

What I'm wondering is why would the email be sent again after confirmation? Another thing, why do you store the email in the database? I can kinda see why if they need to request another confirmation, but then again if they don't end up confirming their account after a specified time period the user account waiting to be activated should be freed up...

[CMC]

Ah perhaps I was a bit unclear. This isn't part of a user-system. Anyone can send an email.

I'll reexplain the process.

The user starts by filling out the form, hits the button and the form processes it. Before the form sends the information to me, it sends the user an email containing a confirmation link: ex link: www.example.com/confirm.php?key=123456. Once they click the link, confirm.php checks a database whether that key exists, and if it does, it checks whether their email (being sent to me) has been sent (checks a row mail_sent). If mail_sent is 0, that means the email has not been sent. Then, the script pulls all of the information out of the database and mails it to me. Is this any clearer?

 

As for storing the email, when their email is finally sent to me, I pull their email address from the database and place it in the header so I can reply directly to them if need be.

 

Anyways I've gone ahead with your suggestion and changed the script so that it deletes the row after.

Thanks for the advice

[deadimp]

I think I understand what you're saying now...

If you only want to use the email address after the message is sent, you can probably set the Reply-To flag in your email header so that it attaches the return address there, eliminating the need to cross-reference in your database. Therefore, you can probably delete the message, and also remove the mail_sent field. You can also attach more information to your email, such as their IP-address, if abuse or something like that gets to be a problem.

If you want to keep records on your message other than in your email, then you'll want to stay with your original design.