How verification email is sent to user after filling in registration form? Let's say that I have a registration form as given in picture, and I would like to send the verification email to email entered in the form, so only after user confirms it, I can create new record in MySql database. In this context, I don't understand two things:
How to send verification email, and
What happens, when user clicks on that email and confirms. How in that case server knows that verification was successful, and how new user is created in database. I know that in case of classic registration, if all fields are correct, a PHP code is used to create new record in database for that user. But how to achieve this with additional confirmation email?
I can provide you with simple solution:
Create an function that will send an email with text and some link like: www.site.com/activate.php?random=ng8a8712jh3j
Where activate.php is your script which will get the randomly generated code and will match it with this specific email/user, and will set the status as activated.
Create an extra field into your table where the registration is going, and name it like user_status and you may assign default value of inactive or 0 and as soon as the user opens the link you will match the random code with the user ID and set the user_status to active or 1.
You can use swiftmail framework to send emails with html or just simple text.
Related
I am integrating a user verification feature into a plugin I am developing whereby a user must verify their email address by clicking a link sent to them.
It is based on code provided on Github
At the moment I create a 'temporary' user, then delete the user from the users table. Only after verification is the user added back into the users table.
Is there a way to disable the core user registration in Wordpress so that I don't have to delete the user, therefore it is never stored in the database until it is created by the verification code?
I am finding, quite naturally, the user IDs are skipping every one digit so that for example, a verified user has an id '1' then the next is '3'.
Thanks,
Leon
The standar way to do that is through a field in the table users that is set to true for example whenever the user have validated his email via your link.
And with this field you control that if the field is not validated you dont let them sign in on you website.
So in order to apply this you need to find the sections in your wordpress that control de sign in to put the restriction with this new field
I'm going to be more specific so you can remove the downvote...
Lets think for example that you have a field named email_verify which will just contain a 1 or a 0 if the email is already validated or not.
Then you have another field for example session_token with a sha1 or random token that must be unique for the link that will validate the email when clicking on it.
You need to have a php function that catches when someone enters that link and you do it by extracting the sha1 from the link as an url parameter and searching in your table for whoever have that session_token, when you find a record with this session_token then you turn your email_verify value to 1 meaning the email is already verified and then you turn null the session_token field so the link expires.
I have to put a sort of "double opt-in newsletter registration form" in a website.
Since I don't know much about php, I thought about how to limit the code I have to write, and I thought this:
I want to create a registration form (with fields: name, email address and an OBLIGATORY checkbox); when the user clicks Submit:
Of course it checks that all the fields are filled in.
An email is sent to that email address.
User RESPONDS to that email, I see the reply on my email and I manually add him to my mailing list.
Is this a reasonable thing? If so, how do I do that?
Thanks.
I wanted to add some steps to make it automatic, you don't have to do it manually
Of course it checks that all the fields are filled in.
An email is sent to that email address. with a unique link with some random key
link http://domain.com/confirm.php?regId=4&key=DTSRROymc90JDklrTu2wi64Nny0
User RESPONDS to that email by clicking on confirm link in email,
You get the response from confirm.php?regId=4&key=DTSRROymc90JDklrTu2wi64Nny0 and update its status to confirmif its found in db using regId=4 and key=DTSRROymc90JDklrTu2wi64Nny0
in confirm.php
if(isset($_GET['regId']) && isset($_GET['key'])) {
//Get the reg details and update the status if row found in db
....
}
Here is an script, give it a try
i need to make activation code for my users. When users are registered, my php script would send an email to users and i dont know how to implement activation code or activation link. I dont know logic for this
This is a four-step process:
Create the activation code
Store it in a database
Email the code to the user with a link to your verification script
Check the code the user enters in your verification script against the value stored in the database.
For an example implementation, please see:
http://www.learnphponline.com/scripts/email-activation-for-php-forms
upon registration create a random string $user_rand;
store the random string in the users table in activation_secret column, set the active column to 0
hash the random string and send an email to the email address the user provided and include a link to your activation page, include the hash as a parameter. e.g. http://host.com/activate.php?activation_code=sfer3423ste&username=john
in activatate.php extract the username and the activation code (which is the hash you sent)
query users table for a record which has active=0 and user=john, return the value in activation_secrete
hash activation_secrete and compare the hash with activation code from the url, if they match, the user should be validated (set active column to 1) if not, inform the user the activation code is not recognized.
You can build on this and make it robust and add exception handling. E.g. you can also set a life time for the activation secrete and more.
I've not done it but I would have thought that it would be along the lines of:
When a user registers generate an activation code, and store it associated with the users id
Have a page which validates a code. this will look up the code given in the url (or have the user enter it manually in a field on the page) and see if it is the code associated with the user (must be logged in to see this page)
Generate a url which goes to the above page and provides the code in the url.
insert the url in an email and send to the user
Or you could simply use CakeDC's users plugin and avoid all that trouble.
You can also use a table-less solution to generate one-time passwords. Have a look at http://bakery.cakephp.org/articles/ashevat/2010/03/12/how-to-implament-one-time-password-for-forgot-my-password-and-account-activation-processes
I have a simple name and email form built in Ajax, PHP and mySQL.
The user enters a name, and email address and the fields are saved into a database.
How can I once the name and email have been submitted, send a confirmation email to this user?
I think you're after (double) opt-in. Just to give a basic outline how you can achieve your goal.
Register user details to your db.
Store a unique token for every user (every action: new user/lost pw/etc.)
Store a token lifetime value (the date until token is accepted as valid)
Use some Mail library for PHP (PHPMailer)
Send a greeting (validation) message for every new user including their unique tokens
If user opens the provided link, you could set a flag so user is active from now on.
Note: Since this is just a basic outline i am not mentioned any security pitfalls.
As you haven't provided us much info that's why I'm just giving a imperfect answer here.--
See first in your registration code use bin2hex on username to generate activation code because this will make sure that each user have different activation code. And use INSERT INTO mysql syntax and insert the activation code in a new column named activation_code or maybe anything as per your needs.
Secondly if registration is successful just send a mail to the email id you just retrieved from the user using mail($to, $subject, $body, $headers) function where set $to to your user email id.
Then create a page, just name it as activation.exec.php where you would get the activation code from the URL, the URL has to be sent to the user, and don't forget to include user id or email id in that link.
Thirdly add a mysql query to check that the user id you just got from the URL is in your database or not. And then check that the activation code in the database is similar to the one you just received from the URL. And if successful redirect him to the Activation Successful page.
I hope this would help you.
I need to create this using Drupal, but I have no idea how to simply implement this.
Form with an input to insert an email and a submit button.
When the form is submit, send a validation email to make sure the email addr is valid
When the user validate the email (clicking the link in his email), the email is stored in the database.
Thanks a lot for your help!
I guess there are better solutions, but here is a rather simple way. I assume you do know how to basically do stuff in Drupal like creating forms, storing information in the database, sending mails and so on. If not, there is a link for each...
Define a table with email (varchar), key (varchar), status (int) (hook_schema)
Create a form where the user can enter the email (how to create a form
Store the mail in the database together with a random key (like md5($mail . uniqueid()) (db_insert for D7, db_query for D6), set status to 0
Send a mail to the user with a link that contains the key like yourmodule/verify/$key (drupal_mail
Register that path (yourmodule/verifiy/%) in hook_menu
When the user clicks on the link, look for that key in the database and set status to 1 (db_query + db_update (D7 only))
Done, all mails with status 1 are now confirmed.
And as others have mentioned, drupal core user registration is already doing this.