一次使用激活URL

时间:2014-05-04 10:07:47

标签: php cookies

您好我想知道如何在没有激活帐户的用户发送电子邮件2天后过期激活链接..我的想法是使用COOKIES但我认为不可能发送COOKIES通过电子邮件..我可以提供一些提示和其他建议吗?我一直在寻找6天......

这是我到目前为止所拥有的

$con = new PDO("mysql:host=". db_host .";dbname=".db_name.'', db_username , db_password);

$con->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );

$c = $_GET['c'];


    if($c == 1){
$imputText = $_GET['v'];
$imputKey = "3173aLASOf";
$blockSize = 128;
$mode ="M_CBC";
$es = new ES($imputText, $imputKey, $blockSize,$mode);
$dec=$es->decrypt();


    $sql = "SELECT vtokn FROM tmp_user WHERE vtokn = :token LIMIT 1";

    $stmt = $con->prepare( $sql );

    $stmt->bindValue( "token", $dec, PDO::PARAM_STR );

    $stmt->execute();

    $sqlups = "UPDATE tmp_user SET conf = :c WHERE vtokn = :token AND conf= 0 LIMIT 1";

    $stmtups = $con->prepare( $sqlups );

    $stmtups->bindValue( "c", $_GET['c'], PDO::PARAM_STR );
    $stmtups->bindValue( "token", $dec, PDO::PARAM_STR );
    $stmtups->execute();
    $result = $stmt->fetchColumn();

    $sqltmps = "SELECT tmstamp FROM tmp_user WHERE vtokn = :token LIMIT 1";

    $stmttmps = $con->prepare( $sqltmps );

    $stmttmps->bindValue( "token", $dec, PDO::PARAM_STR );

    $stmttmps->execute();
    $result2 = $stmttmps->fetchColumn();
$tme =time()+60*2;
setcookie('exp','d',$result2);
    if(isset($_COOKIE['exp']) ){

    if($result === $dec){
        $sqltb = "SELECT * FROM tmp_user WHERE vtokn = :token LIMIT 1";

        $stmttb = $con->prepare( $sqltb );

        $stmttb->bindValue( "token", $dec, PDO::PARAM_STR );

        $stmttb->execute();


        foreach ($stmttb->fetchAll() as $rows) {
        $user=$rows['username'];
        $password=$rows['password'];
        $firstname=$rows['firstname'];
        $lastname=$rows['lastname'];
        }

        $sql2 = "INSERT INTO ofcl_users(email,password,acct_stat) VALUES( :username,:password,1 )";

        $stmt2 = $con->prepare( $sql2 );

        $stmt2->bindValue( "username", $user, PDO::PARAM_STR );
        $stmt2->bindValue( "password", $password, PDO::PARAM_STR );

        $stmt2->execute();

        echo $user." "."Is Now Activated<br/>" . "<a href='login.php'>Login Now</a>";
    $sqldel = "DELETE FROM tmp_user WHERE vtokn = :token AND conf= :c  LIMIT 1";

    $stmtdel = $con->prepare( $sqldel );

    $stmtdel->bindValue( "c", $_GET['c'], PDO::PARAM_STR );
    $stmtdel->bindValue( "token", $dec, PDO::PARAM_STR );

    $stmtdel->execute();
        }else
        {
            echo "Account was already activated" . $dec;
        }
    } else {
        echo $_GET['t']."Token Expired" . $tme;
    }
}

    else
    {
    echo "Invalid Token Reference: " . $dec;
    }

如果我的链接电子邮件是一个2或3天的链接,请点击验证,此脚本将立即运行。这是正确的吗?

1 个答案:

答案 0 :(得分:1)

使用时间戳。

在插入令牌时,在数据库中创建另一个字段,例如 token_timestamp ,并使用 time()函数作为其值。

然后,在验证激活链接时,请检查以下内容:

$current_time = time();
$max_time = 2*24*60*60; // Time in seconds
if (($current_time - $token_timestamp) > $max_time) {
    echo "Link Expired!";
}
else {
    // Do your Process for Activation here
}
相关问题
最新问题