电子邮件验证和代码批准

时间:2014-02-03 21:50:05

标签: php email

目前我有2个表格。在第一个用户必须发送代码并接收它,并提交到第二个表单并批准帐户。我需要,当他们把电子邮件和点击提交,在电子邮件上自动添加他们应该在他们的电子邮件上的代码,但他们不必复制/粘贴代码,因为它应该自动执行。搜索mysql_query("UPDATE users SET verify = 'verified', bullets = bullets + 5000 WHERE ID = '$ida'"); $showoutcome++; $outcome = "Your account is now verified!"; } - 在这里我需要添加,$ verifnum,因为这是他们应该在他们的电子邮件中获得的代码,但正如我所说的脚本应该自动批准它,我将只使用一个表单,他们进入电子邮件并点击验证。

<?php
    $saturate = "/[^a-z0-9]/i";
    $saturated = "/[^0-9]/i";
    $sessionidraw = $_COOKIE['PHPSESSID'];
    $sessionid = preg_replace($saturate,"",$sessionidraw);
    $userip = $_SERVER[REMOTE_ADDR]; 
    $gangsterusername = $usernameone;
    $playerrank = $myrank;
    $playerarray =$statustesttwo;
    $playerrank = $playerarray['rankid'];
    $email = $playerarray['email'];
    $verified = $playerarray['verify'];
    $ref = $playerarray['ref'];

    if($verified == 'verified'){die('<font color=silver face=verdana size=1>Your account is already verified!'); }

    if($_POST['verify'] AND $_POST['email']){
    $newemail = $_POST['email'];
    if(!preg_match("/^[\ a-z0-9._-]+@[a-z0-9.-]+\.[a-z]{1,20}$/i", $_POST['email'])){ $showoutcome++; $outcome = "The email you entered is invalid!"; }else{
    $verifnum = rand(1111,9999);
    $to = "$newemail";
    $subject = "SG - Email Verification";
    $header = "From:  State Gangsters - Email Verification <admins@stategangsters.com>\r\n" .
    'Reply-To: State Gangsters <noreply@sgangsters.com>' . "\r\n" .
    'X-Mailer: PHP/' . phpversion() . "\r\n" .
    "MIME-Version: 1.0\r\n" .
    "Content-Type: text/html; charset=utf-8\r\n" .
    "Content-Transfer-Encoding: 8bit\r\n\r\n";
    $body = "Your verification code is $verifnum!";
    if (mail($to, $subject, $body, $header)){ $showoutcome++; $outcome = "An email has been sent, please check your inbox!";
    mysql_query("UPDATE users SET verify = '$verifnum', email = '$newemail' WHERE ID = '$ida'");
    }}}

    if($_POST['code'] AND $_POST['verifyit']){
    $newcode = $_POST['code'];
    $getcodee = mysql_query("SELECT verify FROM users WHERE ID = '$ida'");
    $doit = mysql_fetch_array($getcodee);
    $getcode = $doit['verify'];
    if($newcode == $getcode AND $getcode > 0){
    mysql_query("UPDATE users SET verify = 'verified', bullets = bullets + 5000 WHERE ID = '$ida'");
    $showoutcome++; $outcome = "Your account is now verified!"; }
    else{ $showoutcome++; $outcome = "The verification code you entered is incorrect!"; 
    }}
    ?>

1 个答案:

答案 0 :(得分:0)

 if($_POST['code'] AND $_POST['verifyit']) {

将其更改为使用$_GET,并在电子邮件中创建一个链接,该链接将回发到包含相应变量的页面,例如

$body = "Your verification code is <a href='$PHP_SELF?code=$verifnum&verifyit=1'>$verifnum</a>!";

除此之外,你的代码非常混乱(一个脚本中有三个功能),充满了过时的东西(<font color=silver>?),奇怪的结构(使用die进行常规程序流?)和保证漏洞(mysql_query变量直接插入SQL?!?!!!)。目前还不清楚$ida来自哪里,但我猜测(希望)这是复制/粘贴代码的结果,这里只是一个最小的例子。

相关问题
最新问题