Page 1 of 1
slightly OT: Double opt-in solution?
Posted: Mon May 14, 2007 12:02 pm
by sebastianr
Hi there,
First of all, thanks very much for the great work

The swift mailer is indeed very useful...
I know it is most likely a bit OT, but would any of you know of a recommendable Double Opt-In class? I'm looking for a somewhat secure & comfortable solution that allows users to sign-up themselves.
Thanks for any help,
Sebastian
Posted: Mon May 14, 2007 12:36 pm
by Chris Corbyn
Hi sorry, could you clarify what you mean by "double opt-in"?

Posted: Mon May 14, 2007 12:55 pm
by sebastianr
d11wtq wrote:Hi sorry, could you clarify what you mean by "double opt-in"?

Sorry, should have been more precise: I'm looking for some class that would support me handling the sing-up / sign-out process of users.
I'm thinking of the user going to the website signing up for the E-Mail alert on my page (first "opt-in") then, getting a confirmation e-mail and confirming that she wants to get the alert (second "opt-in").
I found some scripts that provide a MD5 hash sign-up function e.g. here.
http://www.php-scripts.com/php_diary/011103.php3
But I'm not really convinced that this is still state-of-the-art and wanted to see if there are some better solutions out there (I'm sure there are).
Thanks for your super fast reply,
Sebstian
Posted: Mon May 14, 2007 1:06 pm
by Chris Corbyn
Ah I see. This is fairly tricky if you want the user to be able to reply to emails sent from your server in order to "opt-in" or "opt-out". You have two options:
a) Create system filters at the MX server which handles incoming mails, pipe all emails to a PHP script and "read" the email from there. (Recommended)
b) Use the IMAP functions (until of course I create a swift-like IMAP/POP3 lib

) to open the mailbox and do the above job by cron.
For the opt-in you'd have some unique hash in the message, or maybe even just the user-id. For the opt-out you can probably simply suggest sending an email address with "opt-out" in the subject, then look up the email in the database and remove it.
Posted: Mon May 14, 2007 1:13 pm
by sebastianr
Thanks a lot!
Well, I guess I still wasn't precise enough
I web-based solution (e.g. encoded link) would be perfectly fine for me. As long as users can "manage" their alert via links it should be fine (I wouldn't want to have a whole sign-up rocess though). E.g. a process that works like the Google News alerts (the version without a GMail account) would be rather perfect...
Again, thanks a lot!
Sebastian