<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<body>
<?php
require_once('database_detail.php');
if(isset($_POST['submit']))
{
$dbc=mysqli_connect(cname,chost,cpwd,cdb);
$username=mysqli_real_escape_string($dbc,trim($_POST['username']));
$password=mysqli_real_escape_string($dbc,trim($_POST['password']));
$confirm=mysqli_real_escape_string($dbc,trim($_POST['confirm']));
$email=mysqli_real_escape_string($dbc,trim($_POST['email']));
$phone=mysqli_real_escape_string($dbc,trim($_POST['phone']));
if(!empty($username) && !empty($password) && !empty($confirm) && !empty($email) && !empty($phone))
{
if($password==$confirm)
{
$query="select * from user where user_username='$username'";
$data=mysqli_query($dbc,$query);
if(mysqli_num_rows($data)== 0)
{
$random=rand(1000,10000);
$query="insert into user(user_username,user_password,user_email,user_phone,date,random)".
"values('$username',SHA('$password'),'$email','$phone',now(),'$random')";
mysqli_query($dbc,$query);
$message="Account created successfully, kindly visit the following link to activate your account"."\n"."localhost/login? activation=".$random;
$to=$email;
$subject="Account Activation";
mail($to,$subject,$message,'From:'.'xyz@gmail.com');
echo 'Account created successfully. kindly visit your email addres and activate your account.';
exit();
}
else
{
echo 'same username exists';
$username="";
}
}
else echo 'Enter the same password in both';
}
else echo 'Enter all the fields';
}
?>
<fieldset>
<legend>signup</legend>
<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="POST" >
Username:<input type="text" id="username" name="username" />
Password:<input type="password" name="password" id="password" />
Email<input type="text" name="email" id="email" />
Contact number<input type="text" name="phone" id="phone" />
Confirm Password:<input type="password" name="confirm" id="confirm" />
</fieldset>
<input type="submit" name="submit" value="Sign up" />
</form>
</body>
</html>
因此,这是用于通过激活邮件向使用唯一用户名密码注册的用户邮寄。现在我生成一个随机数,我将该特定随机数存储在用户的数据库中,并且数据库中还有一个激活字段,该字段为0或1(未激活或激活)。现在当用户登录时,我们检查激活字段,如果确定则继续,否则我们检查URL的$ _GET [激活]字段,如果它与存储在数据库中的随机数匹配则继续其他返回激活错误。 现在是我们这样做的方式还是其他方式。另外,如何删除在一段时间后未激活的帐户。
答案 0 :(得分:2)
我不会使用rand()创建激活密钥。 2个人可能会得到相同的号码。
所以我总是使用SHA1()和用户名以及当前时间。
自动删除已停用的帐户:
您可以创建一个自动检查注册时间和当前时间之间差异的cronjob。
答案 1 :(得分:0)
检查:How to Generate secure activation link
user603003说对了,cron,简单的linux程序用来执行日程安排操作,我个人用它来删除会话文件。如何使用cron
Here is the format of a cron job file:
[min] [hour] [day of month] [month] [day of week] [program to be run]
where each field is defined as
[min] Minutes that program should be executed on. 0-59. Do not set as * or the program will be run once a minute.
[hour] Hour that program should be executed on. 0-23. * for every hour.
[day of month] Day of the month that process should be executed on. 1-31. * for every day.
[month] Month that program whould be executed on. 1-12 * for every month.
[day of week] Day of the week. 0-6 where Sunday = 0, Monday = 1, ...., Saturday = 6. * for every day of the week.
[program] Program to be executed. Include full path information.
Here are some examples:
0,15,30,45 * * * * /usr/bin/foo
Will run /usr/bin/foo every 15 minutes on every hour, day-of-month, month, and day-of-week. In other words, it will run every 15 minutes for as long as the machine it running.