Backend Development
PHP Tutorial
PHP email verification example tutorial, php email example_PHP tutorial
PHP email verification example tutorial, php email example_PHP tutorial
Jul 12, 2016 am 08:51 AM
PHP email verification example tutorial, php email example
One of the most common security verifications in user registration is email verification. According to common industry practices, email verification is a very important practice to avoid potential security risks. Let us now discuss these best practices and see how to create an email verification in PHP.
Let’s start with a registration form:
<form method="post" action="http://mydomain.com/registration/">
<fieldset class="form-group">
<label for="fname">First Name:</label>
<input type="text" name="fname" class="form-control" required />
</fieldset>
<fieldset class="form-group">
<label for="lname">Last Name:</label>
<input type="text" name="lname" class="form-control" required />
</fieldset>
<fieldset class="form-group">
<label for="email">Last name:</label>
<input type="email" name="email" class="form-control" required />
</fieldset>
<fieldset class="form-group">
<label for="password">Password:</label>
<input type="password" name="password" class="form-control" required />
</fieldset>
<fieldset class="form-group">
<label for="cpassword">Confirm Password:</label>
<input type="password" name="cpassword" class="form-control" required />
</fieldset>
<fieldset>
<button type="submit" class="btn">Register</button>
</fieldset>
</form>
Next is the table structure of the database:
CREATE TABLE IF NOT EXISTS `user` ( `id` INT(10) NOT NULL AUTO_INCREMENT PRIMARY KEY, `fname` VARCHAR(255) , `lname` VARCHAR(255) , `email` VARCHAR(50) , `password` VARCHAR(50) , `is_active` INT(1) DEFAULT '0', `verify_token` VARCHAR(255) , `created_at` TIMESTAMP, `updated_at` TIMESTAMP, );
Once the form is submitted, we need to validate the user's input and create a new user:
// Validation rules
$rules = array(
'fname' => 'required|max:255',
'lname' => 'required|max:255',
'email' => 'required',
'password' => 'required|min:6|max:20',
'cpassword' => 'same:password'
);
$validator = Validator::make(Input::all(), $rules);
// If input not valid, go back to registration page
if($validator->fails()) {
return Redirect::to('registration')->with('error', $validator->messages()->first())->withInput();
}
$user = new User();
$user->fname = Input::get('fname');
$user->lname = Input::get('lname');
$user->password = Input::get('password');
// You will generate the verification code here and save it to the database
// Save user to the database
if(!$user->save()) {
// If unable to write to database for any reason, show the error
return Redirect::to('registration')->with('error', 'Unable to write to database at this time. Please try again later.')->withInput();
}
// User is created and saved to database
// Verification e-mail will be sent here
// Go back to registration page and show the success message
return Redirect::to('registration')->with('success', 'You have successfully created an account. The verification link has been sent to e-mail address you have provided. Please click on that link to activate your account.');
After registration, the user's account remains invalid until the user's email is verified. This feature confirms that the user is the owner of the entered email address and helps prevent spam and unauthorized email use and information disclosure.
The whole process is very simple - when a new user is created, an email containing a verification link will be sent to the email address filled in by the user during the registration process. Before the user clicks the email verification link and confirms the email address, the user cannot log in and use the website application.
There are several things to note about verified links. The verified link needs to contain a randomly generated token that is long enough and only valid for a certain period of time. This is done to prevent network attacks. At the same time, the email verification also needs to include the user's unique identifier, so as to avoid potential dangers of attacking multiple users.
Now let’s see how to generate a verification link in practice:
// We will generate a random 32 alphanumeric string // It is almost impossible to brute-force this key space $code = str_random(32); $user->confirmation_code = $code;
Once this verification is created store it in the database and send it to the user:
Mail::send('emails.email-confirmation', array('code' => $code, 'id' => $user->id), function($message)
{
$message->from('my@domain.com', 'Mydomain.com')->to($user->email, $user->fname . ' ' . $user->lname)->subject('Mydomain.com: E-mail confirmation');
});
Contents of email verification:
<!DOCTYPE html> <html lang="en-US"> <head> <meta charset="utf-8" /> </head> <body> <p style="margin:0"> Please confirm your e-mail address by clicking the following link: <a href="http://mydomain.com/verify?code=<?php echo $code; ?>&user=<?php echo $id; ?>"></a> </p> </body> </html>
Now let’s verify if it works:
$user = User::where('id', '=', Input::get('user'))
->where('is_active', '=', 0)
->where('verify_token', '=', Input::get('code'))
->where('created_at', '>=', time() - (86400 * 2))
->first();
if($user) {
$user->verify_token = null;
$user->is_active = 1;
if(!$user->save()) {
// If unable to write to database for any reason, show the error
return Redirect::to('verify')->with('error', 'Unable to connect to database at this time. Please try again later.');
}
// Show the success message
return Redirect::to('verify')->with('success', 'You account is now active. Thank you.');
}
// Code not valid, show error message
return Redirect::to('verify')->with('error', 'Verification code not valid.');
Conclusion:
The code shown above is just a tutorial example and has not been adequately tested. Please test it before using it in your web application. The above code is done in the Laravel framework, but you can easily migrate it to other PHP frameworks. At the same time, the verification link is valid for 48 hours and expires after that. Introducing a work queue can handle expired verification links in a timely manner.
This article is an original translation by PHPChina. The original text is reprinted at http://www.phpchina.com/portal.php?mod=view&aid=39888. The editor believes that this article is of great learning value and would like to share it with everyone. I hope it will be useful to everyone. Everyone’s learning helps.
Hot AI Tools
Undress AI Tool
Undress images for free
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
How to withdraw coins on the ok exchange? Detailed tutorial on withdrawing coins on ok exchange
Jul 03, 2025 pm 02:03 PM
?In today's increasingly popular digital asset trading, it is particularly important to understand how to safely and effectively withdraw your digital assets. As a world-renowned digital asset trading platform, ok exchange provides convenient currency withdrawal services. This tutorial will analyze in detail the steps of withdrawing coins on the ok exchange, things to note, and some common questions and answers to help users complete asset transfer smoothly and ensure asset security. Whether you are using ok exchange for withdrawals for the first time or want to further understand the withdrawal process, this article will provide you with clear and practical guidance.
Ouyi Core Portal Website Ouyi Exchange Official Website that responds to the market quickly
Jul 01, 2025 pm 08:21 PM
Ouyi OKX is one of the world's well-known digital asset trading platforms, providing users with safe, stable and rich trading products. This platform is committed to ensuring the security of users' assets and transaction experience. This article will provide you with links to the official page of Ouyi OKX. Click the link provided in this article to jump directly to the official homepage, thereby starting your digital asset journey.
How to use php exit function?
Jul 03, 2025 am 02:15 AM
exit() is a function in PHP that is used to terminate script execution immediately. Common uses include: 1. Terminate the script in advance when an exception is detected, such as the file does not exist or verification fails; 2. Output intermediate results during debugging and stop execution; 3. Call exit() after redirecting in conjunction with header() to prevent subsequent code execution; In addition, exit() can accept string parameters as output content or integers as status code, and its alias is die().
How to combine two php arrays unique values?
Jul 02, 2025 pm 05:18 PM
To merge two PHP arrays and keep unique values, there are two main methods. 1. For index arrays or only deduplication, use array_merge and array_unique combinations: first merge array_merge($array1,$array2) and then use array_unique() to deduplicate them to finally get a new array containing all unique values; 2. For associative arrays and want to retain key-value pairs in the first array, use the operator: $result=$array1 $array2, which will ensure that the keys in the first array will not be overwritten by the second array. These two methods are applicable to different scenarios, depending on whether the key name is retained or only the focus is on
Applying Semantic Structure with article, section, and aside in HTML
Jul 05, 2025 am 02:03 AM
The rational use of semantic tags in HTML can improve page structure clarity, accessibility and SEO effects. 1. Used for independent content blocks, such as blog posts or comments, it must be self-contained; 2. Used for classification related content, usually including titles, and is suitable for different modules of the page; 3. Used for auxiliary information related to the main content but not core, such as sidebar recommendations or author profiles. In actual development, labels should be combined and other, avoid excessive nesting, keep the structure simple, and verify the rationality of the structure through developer tools.
Binance Exchange Official Website Portal Binance Official Website Portal
Jul 04, 2025 pm 11:06 PM
The latest version of Binance is v2.102.5, and the update tutorial is: 1. Click the download link in the web page; 2. Authorize the installation permission of "Allow installation from unknown sources"; 3. Find the downloaded APk and click to install; 4. Click the installed application to open it.
Dogecoin Trading App Latest Version Installation Tutorial Dogecoin Exchange App Latest Version Address
Jul 02, 2025 pm 11:57 PM
Dogecoin Trading App is a mobile trading platform specially designed for digital asset enthusiasts. It integrates market viewing, fast trading and asset management, and is committed to providing users with a safe, stable and convenient trading experience. Through this app, you can keep in mind the latest updates on digital assets such as Dogecoin anytime, anywhere. This article has compiled the latest official version of the app for you. Click the official download link provided in the article to easily obtain the latest version of the app.
Binance Exchange app Android version Binance Exchange Chinese version installation package direct
Jul 04, 2025 pm 10:54 PM
The latest version of Binance is v2.102.5, and the update tutorial is: 1. Click the download link in the web page; 2. Authorize the installation permission of "Allow installation from unknown sources"; 3. Find the downloaded APk and click to install; 4. Click the installed application to open it.
