How do I have a user that has create an account on my web site to have to verify...

G

Glenn

Member
How do I have a user that has create an account on my web site to have to verify their account through email?

I have everything set up where a user creates an account with username, password, etc. When they create their account, how to I have them verify their account by sending them an email with a link they have to click before using the account? My database is MySQL and I am using PHP.
 
A

Absolution

New Member
I am no good with specifics, however.

Each user needs some sort of unique identifier code, which for security probably shouldnt be their account name. Like the second, minute, day and year they registered.

Have a field in your MySQL database which corresponds to their account verification. Either yes or no.

Create a PHP script, which will access their account given their unique identifier and change the verification from no to yes.

When they register, default verification will be no. Then use the php mailer code, to email them a link to the php script and at the end it will have the ?ident={unique identifier} or something the sort. Then when that link is clicked the PHP will switch the verification field to verified.

Now when they log in, the log in script should check if it is a verified account. If it is not verified show them an error.

Hope this helps!
 
leroy30

leroy30

New Member
For the new user set their status to something such as "pending authentication" so that you know they can't log in yet. Then send them an email with a unique identifier (i.e. a GUID) and save the identifier under their record in the database.

In the email is a link with a query string variable that holds the unique identifier. i.e. http://www.mysite.com/finalise-registration.aspx?authcode=951c8553-1148-48c1-a8d3-e5b49092463c

When someone lands on finalise-registration.aspx first thing you need to do in server-side is look at the URL and determine if there is a valid 'authcode' variable. If there is then perform a query on the database and match the user with that authcode who has a status of 'pending authentication' and update their status to 'authenticated'.

Then tell them that they are now authenticated and they can now log in. Redirect them to the login page. Or alternatively you can put all this logic on the login page.

That is the basic process. I'm sure you can fill in the rest :)
 
You must log in or register to reply here.
Top