Recipe 8.17. Program: Web Site Account (De)activator


When users sign up for your web site, it's helpful to know that they've provided you with a correct email address. To validate the email address they provide, send an email to the address they supply when they sign up. If they don't visit a special URL included in the email after a few days, deactivate their account.

This system has three parts. The first is the notify-user.php program that sends an email to a new user and asks that user to visit a verification URL, shown in Example 8-42. The second, shown in Example 8-43, is the verify-user.php page that handles the verification URL and marks users as valid. The third is the delete-user.php program that deactivates accounts of users who don't visit the verification URL after a certain amount of time. This program is shown in Example 8-44.

Example 8-41 contains the SQL to create the table in which the user information is stored.

SQL for user verification table

CREATE TABLE users (  email VARCHAR(255) NOT NULL,  created_on DATETIME NOT NULL,  verify_string VARCHAR(16) NOT NULL,  verified TINYINT UNSIGNED );

What's in Example 8-41 is the minimum amount of information necessary for user verification. You probably want to store more information than this about your users. When creating a user's account, save information to the users table, and send the user an email telling him how to verify his account. The code in Example 8-42 assumes that the user's email address is stored in the variable $email.

notify-user.php

<?php // Connect to the database $db = new PDO('sqlite:users.db'); $email = 'david'; // generate verify_string $verify_string = ''; for ($i = 0; $i < 16; $i++) {     $verify_string .= chr(mt_rand(32,126)); } // insert user into database // This uses an SQLite-specific datetime() function $sth = $db->prepare("INSERT INTO users " .                     "(email, created_on, verify_string, verified) " .                     "VALUES (?, datetime('now'), ?, 0)"); $sth->execute(array($email, $verify_string)); $verify_string = urlencode($verify_string); $safe_email = urlencode($email); $verify_url = "http://www.example.com/verify-user.php"; $mail_body=<<<_MAIL_ To $email: Please click on the following link to verify your account creation: $verify_url?email=$safe_email&verify_string=$verify_string If you do not verify your account in the next seven days, it will be deleted. _MAIL_; // mail($email,"User Verification",$mail_body); print "$email, $mail_body";

The verification page that users are directed to when they follow the link in the email message updates the users table if the proper information has been provided, as shown in Example 8-43.

verify-user.php

<?php // Connect to the database $db = new PDO('sqlite:users.db'); $sth = $db->prepare('UPDATE users SET verified = 1 WHERE email = ? '.                     ' AND verify_string = ? AND verified = 0'); $res = $sth->execute(array($_GET['email'], $_GET['verify_string'])); var_dump($res, $sth->rowCount()); if (! $res) {     print "Please try again later due to a database error."; } else {     if ($sth->rowCount() == 1) {         print "Thank you, your account is verified.";     } else {         print "Sorry, you could not be verified.";     } } ?>

The user's verification status is updated only if the email address and verify string provided match a row in the database that has not already been verified. The last step is the short program that deletes unverified users after the appropriate interval, as shown in Example 8-44.

delete-user.php

<?php // Connect to the database $db = new PDO('sqlite:users.db'); $window = '-7 days'; $sth = $db->prepare("DELETE FROM users WHERE verified = 0 AND ".                     "created_on < datetime('now',?)"); $res = $sth->execute(array($window)); if ($res) {     print "Deactivated " . $sth->rowCount() . " users.\n"; } else {     print "Can't delete users.\n"; } ?>

Run the program in Example 8-44 once a day to scrub the users table of users that haven't been verified. If you want to change how long users have to verify themselves, adjust the value of $window, and update the text of the email message sent to users to reflect the new value.




PHP Cookbook, 2nd Edition
PHP Cookbook: Solutions and Examples for PHP Programmers
ISBN: 0596101015
EAN: 2147483647
Year: 2006
Pages: 445

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net