Visit the forum for help! phpacademy.info Follow on Twitter! twitter.com Make users activate their user account by email before they log in using your register/login process
PHP Tutorials: Login/Register Email Activation (Part 2)
July 26th, 2010 
phpmoz 
Posted in 
Tags: 
Does he show the global.php page? I can’t seem to find it.
in activate.php u need to select a unique field as well, as depending only on $code is not enough, so mysql_num_rows($check) not nesessarli will equal only 1, suppose a user with activation code=123 for ex, is activated, and a new registered user has the same random code (no guarantee tht this couldnt happen) so when this new user tries to activate his account the script will say u r already activated, although he’s not!
OMFG .. 20mins of footage !
Wow dude this is like a Scam page…:D
@superawesomesuperkid
yes you can do all in one page but, there is always a refresh
Would setting the action as “#” or”#register” do anything to this? I want everything to run on one page. No refreshes.
Part 2: Generally your tutorials are not bad for beginners, but because they are for beginners you should take extra care that you teach the newbies how to use PHP correctly. Means proper input validation, correct escape methods, and so on. For the register script, username and email column in the DB should be UNIQUE to avoid to have more than one account with the same user name/login name.
Anyway, keep up your good work.
The tutorial has several weaknesses and is vulnerable to injections. You always should use mysql_real_escape_string and never addslashes, because addslashes does A) alters the original data physically B) is does not escape all potentially dangerous. See online docu for details, where it is explained.
It’s possible to activate ALL inactive account with a simple injection. For UPDATE statements you also should always use LIMIT or little errors can result in applied changes to the whole database.
Thanks for lot without PHP Tutorial
Totally agree with you here!
Alex you have saved ‘my’ technologically inclined life xD !
Thank you!! ^_^
okNotImportant i agree with u we need a tutorial about regular expressions
nice tutorial again alex
in activate.php
the $code variable should also be filtered with addslashes() for security.
Oh yeah, forgot to say that you could better use a session ID as number, this will avoid activation problems.
Hi i did similar script and I used the time() function (at the time of registration) for the conformation code,
Amazing contribution to the web development community!
thanks for this vid
alex please..Do you have any idea about regular expression?
we need it
thanks again ..