laravel 如何用php实现邮件验证?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/16698240/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to implement email verification with php?
提问by Stephan-v
I'm using php and laravel as a framework. I want to let user be able to activate their accounts through email.
我使用 php 和 laravel 作为框架。我想让用户能够通过电子邮件激活他们的帐户。
I have no experience with this however. I already set up a form that asks for username, email and password.
然而,我没有这方面的经验。我已经设置了一个表格,要求输入用户名、电子邮件和密码。
Would this still be the best way to go about it in 2013?
这仍然是 2013 年实现它的最佳方式吗?
So:
所以:
- I need to create a database field for a hashed password.
- On user account creation create a random password for this field and email it to them.
- Provide link with the password and user id in the url to a page that compares the emailed password with password in db field.
- Activate account(set active to 1) when the passwords match.
- 我需要为散列密码创建一个数据库字段。
- 在创建用户帐户时,为此字段创建一个随机密码并将其通过电子邮件发送给他们。
- 在 url 中提供带有密码和用户 ID 的链接,指向一个页面,该页面将通过电子邮件发送的密码与 db 字段中的密码进行比较。
- 当密码匹配时激活帐户(将活动设置为 1)。
Something along those lines?
沿着这些路线的东西?
回答by aditya
Email verification is a simple process there is two way to verify email either by sending code to user email address or by sending link both works same here is a sample code from a tutorial http://talkerscode.com/webtricks/account-verification-system-through-email-using-php.phpon TalkersCode
电子邮件验证是一个简单的过程,有两种方法可以通过将代码发送到用户电子邮件地址或通过发送链接来验证电子邮件,两者的工作原理相同,这里是教程http://talkerscode.com/webtricks/account-verification- 中的示例代码- TalkersCode上的system-through-email-using-php.php
// Table Scheme for Verify Table
CREATE TABLE `verify` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`email` text NOT NULL,
`password` text NOT NULL,
`code` text NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM AUTO_INCREMENT=6 DEFAULT CHARSET=latin1
// Table Scheme for verified_user table
CREATE TABLE `verified_user` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`email` text NOT NULL,
`password` text NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM AUTO_INCREMENT=6 DEFAULT CHARSET=latin1
if(isset($_POST['register']))
{
$email_id=$_POST['email'];
$pass=$_POST['password'];
$code=substr(md5(mt_rand()),0,15);
mysql_connect('localhost','root','');
mysql_select_db('sample');
$insert=mysql_query("insert into verify values('','$email','$pass','$code')");
$db_id=mysql_insert_id();
$message = "Your Activation Code is ".$code."";
$to=$email;
$subject="Activation Code For Talkerscode.com";
$from = 'your email';
$body='Your Activation Code is '.$code.' Please Click On This link <a href="verification.php">Verify.php?id='.$db_id.'&code='.$code.'</a>to activate your account.';
$headers = "From:".$from;
mail($to,$subject,$body,$headers);
echo "An Activation Code Is Sent To You Check You Emails";
}
if(isset($_GET['id']) && isset($_GET['code']))
{
$id=$_GET['id'];
$code=$_GET['id'];
mysql_connect('localhost','root','');
mysql_select_db('sample');
$select=mysql_query("select email,password from verify where id='$id' and code='$code'");
if(mysql_num_rows($select)==1)
{
while($row=mysql_fetch_array($select))
{
$email=$row['email'];
$password=$row['password'];
}
$insert_user=mysql_query("insert into verified_user values('','$email','$password')");
$delete=mysql_query("delete from verify where id='$id' and code='$code'");
}
}
回答by Halcyon
In your explanation you forgot the most important part: the random hash. Compare the hash, not the password. The guide explains it correctly.
在您的解释中,您忘记了最重要的部分:随机哈希。比较哈希值,而不是密码。该指南正确解释了它。
The guide looks solid.
该指南看起来很可靠。
I would implement a better random password generator though, rand(1000,5000)is really not very good. You could even set up a first-time logon that asks for a password.
我会实现一个更好的随机密码生成器,但rand(1000,5000)真的不是很好。您甚至可以设置要求输入密码的首次登录。
回答by Patty
A warning: According to the PHP Manual, EREGI is DEPRECATED! http://php.net/manual/en/function.eregi.php
警告:根据 PHP 手册,EREGI 已弃用!http://php.net/manual/en/function.eregi.php
preg_match would be a good option. http://www.php.net/manual/en/function.preg-match.php
preg_match 将是一个不错的选择。http://www.php.net/manual/en/function.preg-match.php
