8.26. Program: Website Account (De)activator
When users sign up for your web site, it’s helpful to know that they’ve provided you with a correct email address. To validate the email address they provide, send an email to the address they supply when they sign up. If they don’t visit a special URL included in the email after a few days, deactivate their account.
This system has three parts. The first is the notify-user.php program that sends an email to a new user and asks them to visit a verification URL, shown in Example 8-4. The second, shown in Example 8-5, is the verify-user.php page that handles the verification URL and marks users as valid. The third is the delete-user.php program that deactivates accounts of users who don’t visit the verification URL after a certain amount of time. This program is shown in Example 8-6.
Here’s the SQL to create the table that user information is stored in:
CREATE TABLE users ( email VARCHAR(255) NOT NULL, created_on DATETIME NOT NULL, verify_string VARCHAR(16) NOT NULL, verified TINYINT UNSIGNED );
You probably want to store more information than this about your
users, but this is all that’s needed to verify them.
When creating a user’s account, save information to
the users
table, and send the user an email
telling them how to verify their account. The code in Example 8-4 assumes that user’s email
address is stored in the variable $email
.
Example 8-4. notify-user.php
// generate verify_string $verify_string = ''; for ($i = 0; $i < 16; ...
Get PHP Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.