php How to send user email to activate their account - php

I'm doing a simple login page. Want to confirm the user account by sending them a link in their email when they sign up. So when they click on it, their account is activated. How do i do this? Only have a basic form.
First Name:
Last Name:
Email:
...etc

You want a boolean field in your database called "activated" or something. When the user signs up, make it false. Then use the mail() function to send an email with a link to an activation page. Something like www.example.com/activate.php?user_id=123
In that page you just want to find the user with that id, ask them to confirm their password and update the "activated" field to be true.

You should create a kind of a hashed ID to identify the user. Put that ID into the verification URL instead of the user id to allowed only the "real" user to verification historischen account/email address.
Example: .../verify/g5jd31zcxh7kob

Related

How to send verification email after registration form in extjs

How verification email is sent to user after filling in registration form? Let's say that I have a registration form as given in picture, and I would like to send the verification email to email entered in the form, so only after user confirms it, I can create new record in MySql database. In this context, I don't understand two things:
How to send verification email, and
What happens, when user clicks on that email and confirms. How in that case server knows that verification was successful, and how new user is created in database. I know that in case of classic registration, if all fields are correct, a PHP code is used to create new record in database for that user. But how to achieve this with additional confirmation email?
I can provide you with simple solution:
Create an function that will send an email with text and some link like: www.site.com/activate.php?random=ng8a8712jh3j
Where activate.php is your script which will get the randomly generated code and will match it with this specific email/user, and will set the status as activated.
Create an extra field into your table where the registration is going, and name it like user_status and you may assign default value of inactive or 0 and as soon as the user opens the link you will match the random code with the user ID and set the user_status to active or 1.
You can use swiftmail framework to send emails with html or just simple text.

How to create this type of form in PHP

I have to put a sort of "double opt-in newsletter registration form" in a website.
Since I don't know much about php, I thought about how to limit the code I have to write, and I thought this:
I want to create a registration form (with fields: name, email address and an OBLIGATORY checkbox); when the user clicks Submit:
Of course it checks that all the fields are filled in.
An email is sent to that email address.
User RESPONDS to that email, I see the reply on my email and I manually add him to my mailing list.
Is this a reasonable thing? If so, how do I do that?
Thanks.
I wanted to add some steps to make it automatic, you don't have to do it manually
Of course it checks that all the fields are filled in.
An email is sent to that email address. with a unique link with some random key
link http://domain.com/confirm.php?regId=4&key=DTSRROymc90JDklrTu2wi64Nny0
User RESPONDS to that email by clicking on confirm link in email,
You get the response from confirm.php?regId=4&key=DTSRROymc90JDklrTu2wi64Nny0 and update its status to confirmif its found in db using regId=4 and key=DTSRROymc90JDklrTu2wi64Nny0
in confirm.php
if(isset($_GET['regId']) && isset($_GET['key'])) {
//Get the reg details and update the status if row found in db
....
}
Here is an script, give it a try

Admin validation register form

I'm using ZendFramework and My current register form allow anyone to create an account to download files in my website, I want to have control of that by allowing or not their registration, I want to receive an email with their forms and then choose if they can log in, my code for now is this:
$Cadastrar=$this->App->BancoDeDados->exec("
INSERT INTO
".EAMConfig::$PrefixoDB."usuarios(
usuario,senha,grupo_id,
nome,email,criado,
ativo)
VALUES (
'".$frm_email."','".$senha."','2',
'".$frm_nome."','".$frm_email."','".date('Y-m-d H:i:s')."',
'1')");
You can add another column to the usuarios table called confirm that is boolean. When an user registers this will be set to false. After the insert you can call the mail function.
http://framework.zend.com/manual/1.12/en/zend.mail.introduction.html
You can go in the database and confirm users as you get emails then by switching confirm to true. On your login page you check if the user has been confirm or not by checking that column.
Here is what I could find on the login form.
http://framework.zend.com/manual/1.12/en/learning.multiuser.authentication.html
After this line. You would check if the user was confirm or not.
if ($result->isValid()) {

activation code in email how to make

i need to make activation code for my users. When users are registered, my php script would send an email to users and i dont know how to implement activation code or activation link. I dont know logic for this
This is a four-step process:
Create the activation code
Store it in a database
Email the code to the user with a link to your verification script
Check the code the user enters in your verification script against the value stored in the database.
For an example implementation, please see:
http://www.learnphponline.com/scripts/email-activation-for-php-forms
upon registration create a random string $user_rand;
store the random string in the users table in activation_secret column, set the active column to 0
hash the random string and send an email to the email address the user provided and include a link to your activation page, include the hash as a parameter. e.g. http://host.com/activate.php?activation_code=sfer3423ste&username=john
in activatate.php extract the username and the activation code (which is the hash you sent)
query users table for a record which has active=0 and user=john, return the value in activation_secrete
hash activation_secrete and compare the hash with activation code from the url, if they match, the user should be validated (set active column to 1) if not, inform the user the activation code is not recognized.
You can build on this and make it robust and add exception handling. E.g. you can also set a life time for the activation secrete and more.
I've not done it but I would have thought that it would be along the lines of:
When a user registers generate an activation code, and store it associated with the users id
Have a page which validates a code. this will look up the code given in the url (or have the user enter it manually in a field on the page) and see if it is the code associated with the user (must be logged in to see this page)
Generate a url which goes to the above page and provides the code in the url.
insert the url in an email and send to the user
Or you could simply use CakeDC's users plugin and avoid all that trouble.
You can also use a table-less solution to generate one-time passwords. Have a look at http://bakery.cakephp.org/articles/ashevat/2010/03/12/how-to-implament-one-time-password-for-forgot-my-password-and-account-activation-processes

Email confirmation with prototype.js?

I have a simple name and email form built in Ajax, PHP and mySQL.
The user enters a name, and email address and the fields are saved into a database.
How can I once the name and email have been submitted, send a confirmation email to this user?
I think you're after (double) opt-in. Just to give a basic outline how you can achieve your goal.
Register user details to your db.
Store a unique token for every user (every action: new user/lost pw/etc.)
Store a token lifetime value (the date until token is accepted as valid)
Use some Mail library for PHP (PHPMailer)
Send a greeting (validation) message for every new user including their unique tokens
If user opens the provided link, you could set a flag so user is active from now on.
Note: Since this is just a basic outline i am not mentioned any security pitfalls.
As you haven't provided us much info that's why I'm just giving a imperfect answer here.--
See first in your registration code use bin2hex on username to generate activation code because this will make sure that each user have different activation code. And use INSERT INTO mysql syntax and insert the activation code in a new column named activation_code or maybe anything as per your needs.
Secondly if registration is successful just send a mail to the email id you just retrieved from the user using mail($to, $subject, $body, $headers) function where set $to to your user email id.
Then create a page, just name it as activation.exec.php where you would get the activation code from the URL, the URL has to be sent to the user, and don't forget to include user id or email id in that link.
Thirdly add a mysql query to check that the user id you just got from the URL is in your database or not. And then check that the activation code in the database is similar to the one you just received from the URL. And if successful redirect him to the Activation Successful page.
I hope this would help you.

Categories