I was asked by a person to create a php code, which is a part of a larger ERP software development project, so that he can test my skills. The code regarding a simple user authentication once the user registers through a form , by putting name, date of birth ,email.(which I have already done through html).
The action property of the html form, is a php file which consists of php code to get the posted inputs in the form, generate a verification link, and send it to the user via his/her emai开发者_运维问答l which he/she has already given.
I have two basic questions or problems:
- How can this verification link be created?
- Once the user clicks on this type of a link how does PHP know that they did so?
I don't think that there is any concept of event-driven programming in PHP. In that case, how does PHP handle that click and give a "conformational success message"? Is a MySQL database required or is there another easier way?
When you create the user, you are also going to generate a random string for that user. This is their authorization code. You will store it with the user's data in your database.
Then you are going to make your authorize page (ex., authorize.php). It will take a $_GET parameter of 'code', or whatever else you want (ex., authorize.php?code=theHashYouCreated
). This page's code will look something like this:
if(!empty($_GET['code']))
{
/*
* Get the data from the database by the provided code.
* If a result is returned, then remove the authorization
* code from the user's record. If no user is found, then
* return an error.
*/
}
else
{
//No code was provided, so we should error.
}
Now, when the user tries to login you also want to check to see if their authorization code is set in the database. If it is, then they have not validated their e-mail address yet. If it isn't, then they have validated it.
Here's a nice tutorial that should help you create a confirmation email:
http://www.learnphponline.com/scripts/email-activation-for-php-forms
It involves creating a randomly generated activation key, that will initially be stored in the database. The key should be emailed to the user in the form of a GET parameter in a link.
Once the link is clicked, the submitted GET parameter is checked with the value in the database.
精彩评论