hi all,
I have made a script to register contacts in a database with the double
opt-in system.
Anyway, when looking for some examples, I have found the following
script which uses a md5 hash code to append on the confirm url sent by
email to the registering user.
I tried it but with no results. Don't you think is it missing anything
?
How could it work without storing the hash code for the user in a
database?
To confirm a registration I think the script should look if the access
key matches the one it already knows, shouldn't it ?
Anyway I have no problem to insert into the database the hash code ,
it's just I want to know if I am right to believe the following script
was wrong .
tia
johnny
here's the code
<?
/* Simple email validation by TDavid at http://www.tdscripts.com/
for http://www.php-scripts.com/php_diary/011103.php3
If you use this code then please do not remove this header
*/
$from = $_REQUEST['e_addy'];
// is the $from email address in valid format?
if(eregi("([[:alnum:]\.\-]+)(\@[[:alnum:]\.\-]+\.+)", $from)) {
// create the MD5 hash
$secret_code = 'secret';
$formatted_emai l = preg_replace("/(-|\@|\.)/", "", $from);
$hashed = md5("$secret_co de $formatted_emai l");
// wait, are we verifying the email?
if($_REQUEST['m'] != "") {
// this is validation routine
if($hashed == $_REQUEST['m']) {
print("Congrats , you have successfully validated your email
address. This is just a test and your email address has <b>not</b> been
saved.");
// add the email to your double opt-in list here
exit;
} else {
print("Sorry, this email does not validate");
}
} else {
// since we aren't validating then it is time to send out
validation mail
$mail_body = "To validate this email click the following
link:\nhttp://www.php-scripts.com/php_diary/example37.php?e _addy=$from&m=$ hashed";
mail($from, "Validation Email", $mail_body, "From:
example37@php-scripts.com\n");
print("Please check your email <b>$from</b> for the test validation
message");
}
} else {
print("Sorry, this email address: <b>$from</b> doesn't seem to be in
the right format.");
}
?>
I have made a script to register contacts in a database with the double
opt-in system.
Anyway, when looking for some examples, I have found the following
script which uses a md5 hash code to append on the confirm url sent by
email to the registering user.
I tried it but with no results. Don't you think is it missing anything
?
How could it work without storing the hash code for the user in a
database?
To confirm a registration I think the script should look if the access
key matches the one it already knows, shouldn't it ?
Anyway I have no problem to insert into the database the hash code ,
it's just I want to know if I am right to believe the following script
was wrong .
tia
johnny
here's the code
<?
/* Simple email validation by TDavid at http://www.tdscripts.com/
for http://www.php-scripts.com/php_diary/011103.php3
If you use this code then please do not remove this header
*/
$from = $_REQUEST['e_addy'];
// is the $from email address in valid format?
if(eregi("([[:alnum:]\.\-]+)(\@[[:alnum:]\.\-]+\.+)", $from)) {
// create the MD5 hash
$secret_code = 'secret';
$formatted_emai l = preg_replace("/(-|\@|\.)/", "", $from);
$hashed = md5("$secret_co de $formatted_emai l");
// wait, are we verifying the email?
if($_REQUEST['m'] != "") {
// this is validation routine
if($hashed == $_REQUEST['m']) {
print("Congrats , you have successfully validated your email
address. This is just a test and your email address has <b>not</b> been
saved.");
// add the email to your double opt-in list here
exit;
} else {
print("Sorry, this email does not validate");
}
} else {
// since we aren't validating then it is time to send out
validation mail
$mail_body = "To validate this email click the following
link:\nhttp://www.php-scripts.com/php_diary/example37.php?e _addy=$from&m=$ hashed";
mail($from, "Validation Email", $mail_body, "From:
example37@php-scripts.com\n");
print("Please check your email <b>$from</b> for the test validation
message");
}
} else {
print("Sorry, this email address: <b>$from</b> doesn't seem to be in
the right format.");
}
?>
Comment