Embedded Email ID

Anon

Here's what I want to do:
I want one of my web pages to send an Email that has a link and an embedded ID. When the link is followed back to my site, I want to be able to retreive the ID. I know that you can do it like this, www.mysite.com?id=12345 but I don't want it to be visible. It would be even better if it was encrypted but the material isn't that sensitive.

Any advice??

Mark

Anon

Do you NOT want the id to showing in the URL for vanity reasons? Or, more for security reasons?

Needing the link to be distinctive pretty much forces you to have the parameter after your file name, right?

If it's more for security reasons, you can always use something like base64_encode() to create the value of "id" shown in the link. And then using base64_decode() on the receiving page.

You could also have that "id" simply be a lookup_id. Once the receiving page gets it, it could cross-reference to find the actual id.

(just trinket ideas)

If you want a little more advanced idea, you could create a link where the email_id is part of the actual name of a file or directory (i.e. www.mysite.com/12345). When the user goes to that URL, your server will not find the page and therefore call whatever page a 404 error is set to call. This called page could serve as sort of a "dispatcher", where you could do many things. In this case, you could parse the URL not found (www.mysite.com/12345) and change it to a valid path, (such as www.mysite.com/account.php?id=12345).

This solution allows you to have a little cleaner looking link for the user to see initially, an yet it's distinct enough to allow you to transform it into a legit link "behind the scenes" -- in a split second!

(good luck)

requiem

Hi,

First up - you're going to have to use a URL such as www.site.com?x=xxx in your email in order to figure out just who is coming at your page.

However you don't need to use the ID you've assigned them as that is obviously "sensitive" information in this case.

What I'd do is this - when you generate this email to send to them, generate yourself a unique ID number too and store it into a MySQL table along with whatever the important information was (the stuff you didn't want to send them in the mail).

Then they'll receive an email with a URL like: www.site.com?x=(your unique ID here) and when they click it, it'll look-up their real information which you can put in a session or whatever you wanted to do with it.

See "unique" in the php manual for an easy way of generating one.

Cheers,

Rich

Anon

Sounds good. Thanks for the input.