1. 首页
  2. 问答
  3. 如何添加电子邮件验证到我的PHP注册脚本

如何添加电子邮件验证到我的PHP注册脚本

2013-08-03 47 views
1

我最近做了一个登录和注册脚本,它工作正常,但我希望它更安全的垃圾邮件发送者,我想知道是否有人知道如何制作电子邮件验证系统。如何添加电子邮件验证到我的PHP注册脚本

我怎样才能让这个脚本添加电子邮件验证。我希望这是有道理的

<?php 
    require("php/bp-connection.php"); 

    if(!empty($_POST)) 
    { 
     if(empty($_POST['username'])) 
     { 
      die("Please enter a username."); 
     } 

     if(empty($_POST['password'])) 
     { 
      die("Please enter a password."); 
     } 

     if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) 
     { 
      die("Invalid E-Mail Address"); 
     } 

     $query = " 
      SELECT 
       1 
      FROM users 
      WHERE 
       username = :username 
     "; 

     $query_params = array( 
      ':username' => $_POST['username'] 
     ); 

     try 
     { 
      $stmt = $db->prepare($query); 
      $result = $stmt->execute($query_params); 
     } 
     catch(PDOException $ex) 
     { 
      die("Failed to run query: " . $ex->getMessage()); 
     } 

     $row = $stmt->fetch(); 

     if($row) 
     { 
      die("This username is already in use"); 
     } 

     $query = " 
      SELECT 
       1 
      FROM users 
      WHERE 
       email = :email 
     "; 

     $query_params = array( 
      ':email' => $_POST['email'] 
     ); 

     try 
     { 
      $stmt = $db->prepare($query); 
      $result = $stmt->execute($query_params); 
     } 
     catch(PDOException $ex) 
     { 
      die("Failed to run query: " . $ex->getMessage()); 
     } 

     $row = $stmt->fetch(); 

     if($row) 
     { 
      die("This email address is already registered"); 
     } 

     $query = " 
      INSERT INTO users ( 
       username, 
       password, 
       salt, 
       email 
      ) VALUES ( 
       :username, 
       :password, 
       :salt, 
       :email 
      ) 
     "; 

     $salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647)); 

     $password = hash('sha256', $_POST['password'] . $salt); 

     for($round = 0; $round < 65536; $round++) 
     { 
      $password = hash('sha256', $password . $salt); 
     } 

     $query_params = array( 
      ':username' => $_POST['username'], 
      ':password' => $password, 
      ':salt' => $salt, 
      ':email' => $_POST['email'] 
     ); 

     try 
     { 
      $stmt = $db->prepare($query); 
      $result = $stmt->execute($query_params); 
     } 
     catch(PDOException $ex) 
     { 

      die("Failed to run query: " . $ex->getMessage()); 
     } 

     header("Location: login.php"); 

     die("Redirecting to login.php"); 
    } 

?> 
<html lang="en"> 
<head> 
    <title>Register | BinaryPaw</title> 

    <link rel="shortcut icon" href="favicon.ico" type="icon" /> 
    <link rel="stylesheet" href="css/bp-grid.css" type="text/css" /> 
    <link rel="stylesheet" href="css/bp-styles.css" type="text/css" /> 
</head> 

<body> 
<?php 
    include 'php/bp-siteBar.php'; 
?> 

<div class="container"> 
    <?php 
     include 'php/bp-sideBar.php'; 
    ?> 

    <div class="span4"> 
     <h1>User Registration</h1> 
    <form action="register.php" method="post"> 
     <div class="space1"> 
      <label>Username</label> 
     </div> 

     <div class="space2"> 
      <input type="text" name="username" class="username" value="" /> 
     </div> 

     <div class="space1"> 
      <label>Email</label> 
     </div> 

     <div class="space2"> 
      <input type="text" name="email" class="email" value="" /> 
     </div> 

     <div class="space1"> 
      <label>Password</label> 
     </div> 

     <div class="space2"> 
      <input type="password" name="password" class="password" value="" /> 
     </div> 

     <div class="space3"> 
      <input type="submit" class="submit" value="Register" /> 
     </div> 
    </form> 
    </div> 

    <div class="space3"></div> 

    <div class="span10" id="footer"> 
     <h6>Created by Mathew Berry &copy2013 </h6> 
    </div> 
</div> 
</body>

来源

2013-08-03 Mathew Berry

+0

教程生成一个散列,将其保存在数据库中,并添加时间戳。发送链接到mailaddress并让用户点击链接。之后,启用数据库中的用户并删除散列。 –

+0

在表中添加另一列,例如枚举值为“verified,notverified”的“status”,然后一旦插入记录发送一封电子邮件给用户,发送一个带有参数的链接,例如?check = randomstring并保存该随机字符串与用户细节,然后,其余的只是通常的事情 – 2013-08-03 12:55:58

+0

使用函数[password_hash()](http://www.php.net/manual/en/function.password-hash.php)更方便,并且用密码安全的盐生成更适合的BCrypt哈希。 – martinstoeckli

回答

0

其简单的发送代码到用户的电子邮件地址,并创建一个页面来验证码,如果验证码验证然后注册用户

if(isset($_POST['register'])) 
{ 
$email_id=$_POST['email']; 
$pass=$_POST['password']; 
$code=substr(md5(mt_rand()),0,15); 
mysql_connect('localhost','root',''); 
mysql_select_db('sample'); 

$insert=mysql_query("insert into verify values('','$email','$pass','$code')"); 
$db_id=mysql_insert_id(); 

$message = "Your Activation Code is ".$code.""; 
$to=$email; 
$subject="Activation Code For Talkerscode.com"; 
$from = 'your email'; 
$body='Your Activation Code is '.$code.' Please Click On This link <a href="verification.php">Verify.php?id='.$db_id.'&code='.$code.'</a>to activate your account.'; 
$headers = "From:".$from; 
mail($to,$subject,$body,$headers); 

echo "An Activation Code Is Sent To You Check You Emails"; 
}

验证码

if(isset($_GET['id']) && isset($_GET['code'])) 
{ 
$id=$_GET['id']; 
$code=$_GET['id']; 
mysql_connect('localhost','root',''); 
mysql_select_db('sample'); 
$select=mysql_query("select email,password from verify where id='$id' and code='$code'"); 
if(mysql_num_rows($select)==1) 
{ 
    while($row=mysql_fetch_array($select)) 
    { 
     $email=$row['email']; 
     $password=$row['password']; 
    } 
    $insert_user=mysql_query("insert into verified_user values('','$email','$password')"); 
    $delete=mysql_query("delete from verify where id='$id' and code='$code'"); 
} 
}

来源

2016-03-16 08:01:27 aditya

0

您可以添加captcha以防止垃圾邮件发送者在您的窗体上。它比其他任何东西都更安全。

来源

2014-11-29 13:11:27

0

其简单的发送代码到用户的电子邮件地址,并创建一个页面来验证代码,如果验证代码然后注册用户

if(isset($_POST['register'])) 
{ 
$email_id=$_POST['email']; 
$pass=$_POST['password']; 
$code=substr(md5(mt_rand()),0,15); 
mysql_connect('localhost','root',''); 
mysql_select_db('sample'); 

$insert=mysql_query("insert into verify values('','$email','$pass','$code')"); 
$db_id=mysql_insert_id(); 

$message = "Your Activation Code is ".$code.""; 
$to=$email; 
$subject="Activation Code For Talkerscode.com"; 
$from = 'your email'; 
$body='Your Activation Code is '.$code.' Please Click On This link <a href="verification.php">Verify.php?id='.$db_id.'&code='.$code.'</a>to activate your account.'; 
$headers = "From:".$from; 
mail($to,$subject,$body,$headers); 

echo "An Activation Code Is Sent To You Check You Emails"; 
}

验证码

if(isset($_GET['id']) && isset($_GET['code'])) 
{ 
$id=$_GET['id']; 
$code=$_GET['id']; 
mysql_connect('localhost','root',''); 
mysql_select_db('sample'); 
$select=mysql_query("select email,password from verify where id='$id' and code='$code'"); 
if(mysql_num_rows($select)==1) 
{ 
    while($row=mysql_fetch_array($select)) 
    { 
     $email=$row['email']; 
     $password=$row['password']; 
    } 
    $insert_user=mysql_query("insert into verified_user values('','$email','$password')"); 
    $delete=mysql_query("delete from verify where id='$id' and code='$code'"); 
} 
}

完整这里http://talkerscode.com/webtricks/account-verification-system-through-email-using-php.php

来源

2016-03-16 08:06:00 aditya

相关问题

 相关问题