you dont. your confirmation email will tell them once they are logged in with a random password your script made, then they can go into the profiles section and change the password.
just have a boolean column that is set once they are confirmed. you can check that against another column that holds the value when they first signed up.
Davy Obdam wrote:
Hi Andreas,
Thanks for you responce. I am also wondering how you would do that in the database, i have a table users in my MySQL database containing the users information that submitted when they registerd. Now i want to activate thier account only after they have clicked on the confirmation link... if possible without any additional tables in my db. I users do not confirm thier account i wanna remove thier data from the database after 48hours. Thanks for your time..
Best regards,
Davy Obdam
info@phpken wrote:
hi, too please don't send password over the internet. better you ask the user if they click the link below your email. then the user get a formular and there you can ask him for his password. then you can make sure the emails wasn't read by other user. this is a secure method.
Just create a hash, insert it into the users table. (update users set 'confirmhash' = '$confirmhash' where xyz)
Create an email to the user with the hash in the link.
e.g. http://site.com/verify.php?ch=823jfs98d283r92h
Do a update/select for the hash, and activate the account.
_BB
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
