Hi Matt Hillebrand, > That sounds mighty secure, but I think he's trying to verify that the > email address does indeed belong to the person creating an account. I don't think so. Normaly you identify you by typing username and password into the textfields. Sometimes the username is identical with your email. I suggested the way via ssl because of the password-problem. I've heart that for epayment and transactions with onlinebanking it is based on law that the connection must be encrypted/ssl. > I use the following two functions to create a random number, and then I > insert it into the DB. Then I send a URL inside the confirmation email > that points to a script for verification of the random number. (The > parameters of the URL are the random number and username for that > particular account.) > > function seed() { > list($usec,$sec)=explode(' ',microtime()); > mt_srand($sec * $usec); > } > > function mk_random($size) { > // $size is the number of digits in $num > $num = ''; > seed(); > for($i=0; $i<$size; $i++) { > $num .= mt_rand(0, 9); > } > return $num; > } > > Matt Regards, Ruprecht ---------------------------------- Ruprecht Helms IT-Service und Softwareentwicklung Tel/Fax.: +49[0]7621 16 99 16 Homepage: http://www.rheyn.de email: info@rheyn.de ---------------------------------- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php