Backend Development
PHP Tutorial
PHP email verification example tutorial, php email example_PHP tutorial
PHP email verification example tutorial, php email example_PHP tutorial
PHP email verification example tutorial, php email example
One of the most common security verifications in user registration is email verification. According to common industry practices, email verification is a very important practice to avoid potential security risks. Let us now discuss these best practices and see how to create an email verification in PHP.
Let’s start with a registration form:
<form method="post" action="http://mydomain.com/registration/">
<fieldset class="form-group">
<label for="fname">First Name:</label>
<input type="text" name="fname" class="form-control" required />
</fieldset>
<fieldset class="form-group">
<label for="lname">Last Name:</label>
<input type="text" name="lname" class="form-control" required />
</fieldset>
<fieldset class="form-group">
<label for="email">Last name:</label>
<input type="email" name="email" class="form-control" required />
</fieldset>
<fieldset class="form-group">
<label for="password">Password:</label>
<input type="password" name="password" class="form-control" required />
</fieldset>
<fieldset class="form-group">
<label for="cpassword">Confirm Password:</label>
<input type="password" name="cpassword" class="form-control" required />
</fieldset>
<fieldset>
<button type="submit" class="btn">Register</button>
</fieldset>
</form>
Next is the table structure of the database:
CREATE TABLE IF NOT EXISTS `user` ( `id` INT(10) NOT NULL AUTO_INCREMENT PRIMARY KEY, `fname` VARCHAR(255) , `lname` VARCHAR(255) , `email` VARCHAR(50) , `password` VARCHAR(50) , `is_active` INT(1) DEFAULT '0', `verify_token` VARCHAR(255) , `created_at` TIMESTAMP, `updated_at` TIMESTAMP, );
Once the form is submitted, we need to validate the user's input and create a new user:
// Validation rules
$rules = array(
'fname' => 'required|max:255',
'lname' => 'required|max:255',
'email' => 'required',
'password' => 'required|min:6|max:20',
'cpassword' => 'same:password'
);
$validator = Validator::make(Input::all(), $rules);
// If input not valid, go back to registration page
if($validator->fails()) {
return Redirect::to('registration')->with('error', $validator->messages()->first())->withInput();
}
$user = new User();
$user->fname = Input::get('fname');
$user->lname = Input::get('lname');
$user->password = Input::get('password');
// You will generate the verification code here and save it to the database
// Save user to the database
if(!$user->save()) {
// If unable to write to database for any reason, show the error
return Redirect::to('registration')->with('error', 'Unable to write to database at this time. Please try again later.')->withInput();
}
// User is created and saved to database
// Verification e-mail will be sent here
// Go back to registration page and show the success message
return Redirect::to('registration')->with('success', 'You have successfully created an account. The verification link has been sent to e-mail address you have provided. Please click on that link to activate your account.');
After registration, the user's account remains invalid until the user's email is verified. This feature confirms that the user is the owner of the entered email address and helps prevent spam and unauthorized email use and information disclosure.
The whole process is very simple - when a new user is created, an email containing a verification link will be sent to the email address filled in by the user during the registration process. Before the user clicks the email verification link and confirms the email address, the user cannot log in and use the website application.
There are several things to note about verified links. The verified link needs to contain a randomly generated token that is long enough and only valid for a certain period of time. This is done to prevent network attacks. At the same time, the email verification also needs to include the user's unique identifier, so as to avoid potential dangers of attacking multiple users.
Now let’s see how to generate a verification link in practice:
// We will generate a random 32 alphanumeric string // It is almost impossible to brute-force this key space $code = str_random(32); $user->confirmation_code = $code;
Once this verification is created store it in the database and send it to the user:
Mail::send('emails.email-confirmation', array('code' => $code, 'id' => $user->id), function($message)
{
$message->from('my@domain.com', 'Mydomain.com')->to($user->email, $user->fname . ' ' . $user->lname)->subject('Mydomain.com: E-mail confirmation');
});
Contents of email verification:
<!DOCTYPE html> <html lang="en-US"> <head> <meta charset="utf-8" /> </head> <body> <p style="margin:0"> Please confirm your e-mail address by clicking the following link: <a href="http://mydomain.com/verify?code=<?php echo $code; ?>&user=<?php echo $id; ?>"></a> </p> </body> </html>
Now let’s verify if it works:
$user = User::where('id', '=', Input::get('user'))
->where('is_active', '=', 0)
->where('verify_token', '=', Input::get('code'))
->where('created_at', '>=', time() - (86400 * 2))
->first();
if($user) {
$user->verify_token = null;
$user->is_active = 1;
if(!$user->save()) {
// If unable to write to database for any reason, show the error
return Redirect::to('verify')->with('error', 'Unable to connect to database at this time. Please try again later.');
}
// Show the success message
return Redirect::to('verify')->with('success', 'You account is now active. Thank you.');
}
// Code not valid, show error message
return Redirect::to('verify')->with('error', 'Verification code not valid.');
Conclusion:
The code shown above is just a tutorial example and has not been adequately tested. Please test it before using it in your web application. The above code is done in the Laravel framework, but you can easily migrate it to other PHP frameworks. At the same time, the verification link is valid for 48 hours and expires after that. Introducing a work queue can handle expired verification links in a timely manner.
This article is an original translation by PHPChina. The original text is reprinted at http://www.phpchina.com/portal.php?mod=view&aid=39888. The editor believes that this article is of great learning value and would like to share it with everyone. I hope it will be useful to everyone. Everyone’s learning helps.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1667
14
1426
52
1328
25
1273
29
1255
24
What is the significance of the session_start() function?
May 03, 2025 am 12:18 AM
session_start()iscrucialinPHPformanagingusersessions.1)Itinitiatesanewsessionifnoneexists,2)resumesanexistingsession,and3)setsasessioncookieforcontinuityacrossrequests,enablingapplicationslikeuserauthenticationandpersonalizedcontent.
How to download, install and register the Hong Kong Digital Currency Exchange app 2025
Apr 30, 2025 pm 07:18 PM
The download, installation and registration process of the Hong Kong Digital Currency Exchange app is very simple. Users can quickly obtain and use this app through the official app download link provided in this article. This article will introduce in detail how to download, install and register the Hong Kong Digital Currency Exchange app to ensure that every user can complete the operation smoothly.
Composer: The Package Manager for PHP Developers
May 02, 2025 am 12:23 AM
Composer is a dependency management tool for PHP, and manages project dependencies through composer.json file. 1) parse composer.json to obtain dependency information; 2) parse dependencies to form a dependency tree; 3) download and install dependencies from Packagist to the vendor directory; 4) generate composer.lock file to lock the dependency version to ensure team consistency and project maintainability.
What are the three giants in the currency circle? Top 10 Recommended Virtual Currency Main Exchange APPs
Apr 30, 2025 pm 06:27 PM
In the currency circle, the so-called Big Three usually refers to the three most influential and widely used cryptocurrencies. These cryptocurrencies have a significant role in the market and have performed well in terms of transaction volume and market capitalization. At the same time, the mainstream virtual currency exchange APP is also an important tool for investors and traders to conduct cryptocurrency trading. This article will introduce in detail the three giants in the currency circle and the top ten mainstream virtual currency exchange APPs recommended.
How to download the Hong Kong Digital Currency Exchange app? The top ten digital currency exchange apps are included
Apr 30, 2025 pm 07:12 PM
The methods to download the Hong Kong Digital Currency Exchange APP include: 1. Select a compliant platform, such as OSL, HashKey or Binance HK, etc.; 2. Download through official channels, iOS users download on the App Store, Android users download through Google Play or official website; 3. Register and verify their identity, use Hong Kong mobile phone number or email address to upload identity and address certificates; 4. Set security measures, enable two-factor authentication and regularly check account activities.
Top 10 Digital Currency Trading Apps Rankings: Top 10 Safe and Easy Virtual Digital Currency Exchanges
Apr 30, 2025 pm 04:24 PM
The rankings of the top ten digital currency trading apps are: 1. Binance, 2. OKX, 3. Coinbase, 4. Kraken, 5. Huobi, 6. KuCoin, 7. Bitfinex, 8. Bittrex, 9. Gemini, 10. Poloniex. These exchanges provide a safe and reliable trading environment and a variety of trading methods. Users can operate on each platform through the steps of registration, email verification, KYC identity verification, deposit and start trading.
How to set the rotation effect of HTML elements
Apr 30, 2025 pm 02:42 PM
How to set the rotation effect of an element in HTML? It can be achieved using CSS and JavaScript. 1. The transform property of CSS is used for static rotation, such as rotate(45deg). 2. JavaScript can dynamically control rotation, which is implemented by changing the transform attribute.
How to register in the ok exchange in China? ok trading platform registration and use guide for beginners in mainland China
May 08, 2025 pm 10:51 PM
In the cryptocurrency market, choosing a reliable trading platform is crucial. As a world-renowned digital asset exchange, the OK trading platform has attracted a large number of novice users in mainland China. This guide will introduce in detail how to register and use it on the OK trading platform to help novice users get started quickly.
