Page 1 of 1

Not looking for code, just a general direction please

Posted: Sat Apr 01, 2006 8:35 pm
by xterra
I'm assuming this is the best subforum to post in, since I just need to be pointed in the right direction.

I'm creating the portion where the user actually registers for a site, and I'm trying to think of the best route to allow my php code to send a "confirmation" email to that user. This will not only prevent multiple signups, but also it could come in handy if the user wishes to update their email later.


I am thinking that this is the best way: When the user hits signup, assuming that the requested username is not already in use, then his/her username will be put "on hold" in the main database. When I say on hold, the user will have his/her own "row" in the database, but it will be set to "Inactive" in the "Status" column. When the user registers, an ID is randomly generated using the MD5 algorithm (I do not know much about encryption, but a friend of mine said using that will ALWAYS generate a number that has never been generated before.) I figured I would create a code that will send an email to the user to click the link in the email, that will activate the suscription. I figured in the email, it will be something like this:


http://www.mysite.com/active.php?Unique ... _generated

And active.php will simply find the appropriate row in the database and update the status element.

What do you guys think? I can write the code I was just wondering if you think it's a good idea.

Regards,
Rob.

Posted: Sat Apr 01, 2006 8:39 pm
by feyd
aside from you friend being a little misinformed about md5()'s "uniqueness," that is pretty much exactly how phpbb, among other projects do it.. and how I would/will do it.

Posted: Sat Apr 01, 2006 9:24 pm
by xterra
Alright thanks alot. I must have misheard him.