PHP Mailbox Verification Sample Tutorial, PHP mailbox Example
One of the most common security validations in user registration is mailbox authentication. According to the industry's general practice, mailbox verification is a very important way to avoid potential security risks, now let's discuss these best practices to see how to create a mailbox validation in PHP.
Let's start with a registration form:
Next is the table structure of the database:
Once the form has been submitted, we need to validate the user's input and create a new user:
Validation rules$rules = Array (' fname ' = ' required|max:255 ', ' lname ' = ' required|max:255 ', ' email ' + ' re quired ', ' password ' = ' required|min:6|max:20 ', ' cpassword ' = ' Same:password '); $validator = Validator::make ( Input::all (), $rules);/If input not valid, go-to registration Pageif ($validator->fails ()) {return redirect::to ( ' Registration ')->with (' Error ', $validator->messages ()->first ())->withinput ();} $user = new User (), $user->fname = Input::get (' fname '), $user->lname = Input::get (' lname '); $user->password = Input::get (' password ');//You'll generate the verification code here and save it to the database//save user to the data Baseif (! $user->save ()) {//If Unable to write to database for any reason, show the error return redirect::to (' Registra tion ')->with (' Error ', ' Unable to write to database at this time. Please try again later. ') ->withinput ();} User is created and saved to database//verification e-Mail would be sent hereGo registration page and show the Success Messagereturn redirect::to (' Registration ')->with (' Success ', ' you h Ave successfully created an account. The verification link has been sent to e-mail address you have provided. Click on the link to activate your account.
After registration, the user's account is still invalid until the user's mailbox is verified. This feature confirms that the user is the owner of the e-mail address and helps prevent spam and unauthorized e-mail usage and information disclosure.
The whole process is very simple-when a new user is created, during the registration process, a message with a verification link is sent to the user's email address. Users are not able to sign in and use the site app until they click the Email verification link and confirm the email address.
There are a couple of things to note about verifying links. The verification link needs to contain a randomly generated token, which should be long enough and valid only for a period of time, in order to prevent network attacks. Also, the user's unique identity needs to be included in the mailbox verification to avoid the potential risk of attacking multiple users.
Now let's take a look at how to generate a validation link in practice:
Once this validation is created, it is stored in the database and sent to the user:
Contents of the Mailbox verification:
Please confirm your e-mail address by clicking the following link:
Now let's check to see if it works:
$user = user::where (' id ', ' = ', Input::get (' user ')) ->where (' is_active ', ' = ', 0) ->where (' Verify_token ') , ' = ', Input::get (' Code ')) ->where (' created_at ', ' >= ', Time ()-(86400 * 2))
Conclusion:
The code shown above is just a tutorial example and does not pass enough tests. Please test it before you use it in your Web app. The code above is done in the Laravel framework, but you can easily migrate it to other PHP frameworks. At the same time, verify that the link is valid for 48 hours and then expires. The introduction of a Task Force column would be a good time to handle those verification links that have expired.
This article is Phpchina original translation, the original text reproduced in http://www.phpchina.com/portal.php?mod=view&aid=39888, small part think this article has the value of learning, share to everyone, We hope to help you with your study.
http://www.bkjia.com/PHPjc/1133031.html www.bkjia.com true http://www.bkjia.com/PHPjc/1133031.html techarticle PHP Mailbox Verification Sample Tutorial, PHP mailbox Example One of the most common security validations in user registration is mailbox authentication. According to the industry's general practice, E-mail verification is to avoid potential Ann ...