Nick,

 

Have you ever used an email address authentification system on any of your php/mysql websites?

 

I have a username/password system in place, but it cant handle fake email addresses.

 

Some systems send a link back to the users address for them to click to verify all is well. Have you used anything like that? If so - is it an app or did you write it yourself?

 

Cheers

 

Steve

it's not too tricky matey, all you need to do is generate a random number/text string and then add it to a database record with a field called authorised or something along those lines to disable the profile until a link is clicked to activate it:

 

SORRY IF THIS IS ALL PSEUDO CODE, i'm assuming you know a bit of php but it gives you the idea

 

This'll generate a random string to a length defined by:

 

$random = get_rand_id(5)

 

will give something like: 5dhj8

 

function get_rand_id($length)
{
 if($length>0) 
 { 
 $rand_id="";
  for($i=1; $i   {
  mt_srand((double)microtime() * 1000000);
  $num = mt_rand(1,36);
  $rand_id .= assign_rand_value($num);
  }
 }
return $rand_id;
}

 

You submit the form and input the details into a new record.

 

Then your profile in the database will look something like this:

 

name: nick

password: password

email: nick@email.com

random: 5dhj8

authorised: 0 (0 is false 1 is true)

 

You then in the same script use the mailto to send an email to the user with a link to activate the account:

 

$random = get_rand_id(5)

***INSERT DATA INTO DATABASE***
$id = mysql_insert_id(); //gets the last id you inserted into mysql
$code = $random;
$to = "nick@email.com";
$subject = "Activate your account";
$message = "Hello! Click here to activate your account";
$from = "someonelse@example.com";
$headers = "From: $from";
mail($to,$subject,$message,$headers);
echo "Mail Sent.";

?>

 

The user clicks the link and is taken to the activate page where it takes the id and code attributes:

 

$id = $_REQUEST['id'];

$code = $_REQIEST['code'];

 

Then run the a query on the database something like:

 

SELECT *

FROM tblUser

WHERE id = '$id'

AND code = '$code'

 

if(mysql_num_rows($database_row)>0) {
***run update script to update the record***
UPDATE tblUser
SET authorised = '1'
WHERE id='$id'
*********
} else {
 echo "sorry you don't exist";
}

 

Then just run a check on login that authorised = 1 and bob's your uncle job done :D

Cheers Nick,

 

I will try and incorporate it tonight, looks straight forward enough. I'll keep you posted.

 

I've not used any methods for generating random code before, and like the idea of this over downloading an app from an unknown software house!

 

Thanks again

 

Steve

No problem buddy, it really is pretty simple, i did it for my dissertation at uni but can't find the sourcecode but if i find it i'll send it to you :D

as always - your a star!

In fact just found it all...

 

http://www.delazo.com/300zx/5.%20PHP%20Sourcecode.doc

 

Feel free to just copy and paste, you want the register.php

 

BUT you'll need to just add that second part about using the code in the request line to verify you exist. For some reason i didn't get time to implement it for my dissertation :(