只需要一种简单的方法来过期激活链接,该链接通过电子邮件发送给我网站上的用户。目前用户注册的日期存储在mysql数据库中。 电子邮件中发送的链接如下:/activation.php?id = 20
这是我的激活
<?
include_once "scripts/connect_to_mysql.php";
// Get the member id from the URL variable
$id = $_REQUEST['id'];
$id = ereg_replace("[^0-9]", "", $id); // filter everything but numbers for security
if (!$id) {
echo "Missing Data to Run";
exit();
}
// Update the database field named 'email_activated' to 1
$sql = mysql_query("UPDATE members SET emailactivated='1' WHERE id='$id'");
// Check the database to see if all is right now
$sql_doublecheck = mysql_query("SELECT * FROM members WHERE id='$id' AND emailactivated='1'");
$doublecheck = mysql_num_rows($sql_doublecheck);
if($doublecheck == 0){
// Print message to the browser saying we could not activate them
print "<br /><br /><div align=\"center\"><h3><strong><font color=red>Your account could not be activated!</font></strong><h3><br /></div>";
} elseif ($doublecheck > 0) {
// Print a success message to the browser cuz all is good
// And supply the user with a link to your log in page, please alter that link line
print "<br /><br /><h3><font color=\"#0066CC\"><strong>Your account has been activated!<br /><br />
</strong></font><a href=\"\">Click Here</a> to log in now.</h3>";
}
?>
答案 0 :(得分:1)
创建激活链接时,将unix时间戳记存储在表
中的记录中表格可能如下:
activation_links
id,link_hash,created_date,expiration_date,is_active,used_date
然后在激活时只检查到期日期
$key = $_GET['key'];
$sql = "SELECT COUNT(*) FROM activation_links WHERE link_hash = '$key' AND expiration_date <= ".time();
此外,您不想使用简单的数字激活密钥。你应该生成很长的随机字符串,这些字符串不容易被猜到。
function generateRandomString($length = 10) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, strlen($characters) - 1)];
}
return $randomString;
}
SIDE注意: 您应该使用MySQLi或PDO
离。
$db = new mysqli($host,$user,$pass,$dbname);
答案 1 :(得分:0)
您需要在数据库的成员表中放置激活过期日期字段。这样,当您创建成员记录时,请插入日期,例如,提前6小时。然后,当处理链接点击时,请确保尚未通过激活日期。