PHP Email Verification

Overview

In this tutorial, create 4 PHP files and 2 databases
1. signup.php
2. signup_ac.php
3. confirmation.php
4. config.php

We have to create 2 databases
1. temp_members_db
2. registered_members


What to do
1. When users sign up. Random a set of confirmation code.

2. Keep their informations and confirmation code in table "temp_members_db". This is temporary table, we have to move this informations to table "registered_members" after email address has been verified.

3. After sucessfully inserted data into table "temp_membes_db", send confirmation link to email that users used to sign up, if email is invalid they will not receive our email.

4. They have to click on confirmation link to activate their account. (move data from table "temp_member_db" to table "registered_members" and delete data from table "temp_members_db" in this step)

STEP1: Create table "temp_members_db" and table "registered_members"

Table "temp_members_db"
CREATE TABLE `temp_members_db` (
`confirm_code` varchar(65) NOT NULL default '',
`name` varchar(65) NOT NULL default '',
`email` varchar(65) NOT NULL default '',
`password` varchar(15) NOT NULL default '',
`country` varchar(65) NOT NULL default ''
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

Table "registered_members"

CREATE TABLE `registered_members` (
`id` int(4) NOT NULL auto_increment,
`name` varchar(65) NOT NULL default '',
`email` varchar(65) NOT NULL default '',
`password` varchar(65) NOT NULL default '',
`country` varchar(65) NOT NULL default '',
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

STEP2: signup.php - Create sign up form


############### Code

<table width="350" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td><form name="form1" method="post" action="signup_ac.php">
<table width="100%" border="0" cellspacing="4" cellpadding="0">
<tr>
<td colspan="3"><strong>Sign up</strong></td>
</tr>
<tr>
<td width="76">Name</td>
<td width="3">:</td>
<td width="305"><input name="name" type="text" id="name" size="30"></td>
</tr>
<tr>
<td>E-mail</td>
<td>:</td>
<td><input name="email" type="text" id="email" size="30"></td>
</tr>
<tr>
<td>password</td>
<td>:</td>
<td><input name="password" type="password" id="password" size="30"></td>
</tr>
<tr>
<td>Country</td>
<td>:</td>
<td><input name="country" type="text" id="country" size="30"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Submit"> &nbsp;
<input type="reset" name="Reset" value="Reset"></td>
</tr>
</table>
</form></td>
</tr>
</table>

STEP3: signup_ac.php - Insert data into database

In this step
1. Random confirmation code.
2. Insert data and confirmation code into database.
3. Send email to user with confirmation link.
############### Code
<?php

include('config.php');
// table name
$tbl_name=temp_members_db;

// Random confirmation code 
$confirm_code=md5(uniqid(rand()));
// values sent from form 
$name=$_POST['name'];
$email=$_POST['email'];
$country=$_POST['country'];
// Insert data into database 
$sql="INSERT INTO $tbl_name(confirm_code, name, email, password, country)VALUES('$confirm_code', '$name', '$email', '$password', '$country')";
$result=mysql_query($sql);

// if suceesfully inserted data into database, send confirmation link to email 
if($result){
// ---------------- SEND MAIL FORM ----------------

// send e-mail to ...

$to=$email;
// Your subject
$subject="Your confirmation link here";
// From
$header="from: your name <your email>";
// Your message
$message="Your Comfirmation link \r\n";
$message.="Click on this link to activate your account \r\n";
$message.="http://www.yourweb.com/confirmation.php?passkey=$confirm_code";

// send email

$sentmail = mail($to,$subject,$message,$header);
}

// if not found 

else {
echo "Not found your email in our database";
}

// if your email succesfully sent

if($sentmail){
echo "Your Confirmation link Has Been Sent To Your Email Address.";
}
else {
echo "Cannot send Confirmation link to your e-mail address";
}
?>

STEP4: confirmation.php

When jack open his email he'll see this message and link to file "confirmation.php" including passkey in url.

In this step
1. Check passkey
2. If found passkey in database, move all data in that row from table "temp_members_db" to table "registered_members"
3. Delete passkey from table "temp_members_db"
############### Code
<?php

include('config.php');
// Passkey that got from link
$passkey=$_GET['passkey'];
$tbl_name1="temp_members_db";
// Retrieve data from table where row that match this passkey 
$sql1="SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'";
$result1=mysql_query($sql1);
// If successfully queried 
if($result1){

// Count how many row has this passkey
$count=mysql_num_rows($result1);
// if found this passkey in our database, retrieve data from table"temp_members_db"
if($count==1){

$rows=mysql_fetch_array($result1);
$name=$rows['name'];
$email=$rows['email'];
$password=$rows['password'];
$country=$rows['country'];
$tbl_name2="registered_members";

// Insert data that retrieves from "temp_members_db" into table "registered_members" 
$sql2="INSERT INTO $tbl_name2(name, email, password, country)VALUES('$name', '$email', '$password', '$country')";
$result2=mysql_query($sql2);
}

// if not found passkey, display message "Wrong Confirmation code"
else {
echo "Wrong Confirmation code";
}
// if successfully moved data from table"temp_members_db" to table "registered_members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db"
if($result2){

echo "Your account has been activated";

// Delete information of this user from table "temp_members_db" that has this passkey 
$sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'";
$result3=mysql_query($sql3);

}

}
?>

STEP5: config.php - config your database

<?php
$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name=""; // Database name 


//Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect to server");
mysql_select_db("$db_name")or die("cannot select DB");

?>



No comments:

Post a Comment