Confirmation? Frustration.

rayge99

Im trying to figure out how to add a confirmation to my signup and for changing your email address. Im in the processes of trying to make a clone of This site
http://www.freelancersdirect.com/cgi-bin/freelancers.cgi?new=user
as far as signup and email changing goes and I cant seem to figure out a good clean way to make it work.
If anyone has any ideas Please lemme know. Been thinking about a way for 2 days now and am frustrated now.

Thanks

ray

FrozNic

um, when they goto your page, send back an email with a randomly generated number/letter combo or whatever, log it in db both addy and number, in email tell them that after 7 days their confirmation number will expire and they'll have to reg again if they don't come to the page and confirm that they exhist. have a link to the login page in the email, and in order for them to get in right, they have to supply the email and the number you gave them... should work?!? don't know why not 🙂 good luck

rayge99

Well I was thinking the same thing But theres issues.
How to generate the ID without it possibly being a duplicate? If i use autonumber then
1 How do i get it to the user properly if theres no records in that table?
I mean Id have to inset the autonumber into the DB and the email address THEN findt hat number by the email address JUST to send it as a confirm number and what if they tried singing up more than once without confirming yet? Kinda messy. Same thing with if they change their email and i wanna have a confirm for it.

Any Ideas? I reammy need them :-/
Thanks

FrozNic

generate the id by taking the date and time and do this.. just an idea i thought of.. might work...

date time stamp

112932100403
11:29 p.m. 32 seconds the date is 10/04/03
1=a
2=c
3=e
4=g
5=i
6=k
7=l
8=n
9=p
0=r
or whatever combo of letters u want
hence
112932100403
would read
aacpecarrgre
(use less sequencial letters for better results)
therefore, you'll never get the same conformation number
that'll get u a number.
if they try to reg again, send em the same key outta the dbase

they type in the right email addy and confo number then they get sent to a form that they fill out for username password etc.
if they tried signing up more than once, then they'll get sent the same confo id and a message sayin they already requested the confo number and they have 7 days to 'claim' (i guess is the word) an account. otherwise, it'll be erased from the dbase (after 7 days) and they'll have to sign up for another confo number. once they are reged give them the option to change their email in the admin props for each user (assuming u have one) if they come back to the page with a different email addy, have them log in with a username and password that they used before.

i'd make their username their email addy because even if they lose there email account, that username and pword will still work. so they can login to the site, and change their email addy that way which in turn will change there username to their new email addy.. sounds complicated but, i see no reason why the logic won't work. if u need more questions answered, ask away.

by the way, it isn't hard to do a query on the dbase for the email address string, then pulling that row to get the conformation number.. u just pull than check it against what they typed and if what they type in the box equals what's in the dbase.. whalla! anyway, i need to go to bed, i got acts at 8 in the morning 🙁 so i won't get back online to check this till probly around 3ish tomorrow afternoon, but i'll check. lates - Froz

............

another thought that just crossed my mind... it could be fun to write a function to make that number/letter combo.

depending on how secure you made it, you can encrypt it deeper and deeper. if u do do it this way, could u send me what u made? i'd kinda like to see it in working action 🙂, if not, i got some ideas on how to build it, but it'd be cool to see and possibly use down the road.

instead of a=1
u could do 4KcWa=1 or if there are two numbers side by side -> 11 you could make it b=11 and just a=1 for 1 number.. i got all kinds of ideas runnin through my head now, so if ur stuck, lemee know!

rayge99

WELL although its gonna be VERY rare. its possible that a time date stamp could be a duplicate. so an autonumber would be more reliable.
BUt thats not the issue here.

The real Issue here is simply Getting the Confirm number and the email address in the DB If theres no item in the db to use as a relation to add a number cause otehrwise id have to do more queries.
IE
User enteres an email.
Before the confirm is sent out id have to:
save the email to the Database with an autonumber.
Then find the autonumber by the email address.
If the user done this process moret han once there would be duplicate email addresses so theres an issue.

I dont wanan make this too complicated. I have done sites before that uset he emai las the username But id like to allow a friendly username for display when the user bids for a project.

If i could just know what the last number is at all times so i can increment it and know what it is before saving it to the db it would be best. Then i can have a timestamp in the table for deletion purposes.
Then say once the record is older than X hours it gets deleted.

Thats the IDEA anyways..
I think your idea is just a bit too complicated 😉 I like the idea of a number letter combo but it has to be uniqu always and Like i said beofre the issue isnt generating teh ID number, its making sure I get it without a lot of hassle to the user without a lotta stupid tricks to find it 😉

Lemme know what you can come up with LOL

TTYL man and thnx.

rayge99

Okay I dont like it but heres what i came up with and I'll write a script to delete the record after X hours in another page.
I use adodb for my database abstract layer. and Yes there will need to be somthing bettert han just the use of an autonumber to make it harder for somone to just put in a number and accidently or purposly signup as another person.

// If the email passed validation process the following
IF($email_check) {
	/* Check to see if that email address is in the database already */
	$query = "
	SELECT email
	FROM freelancers
	WHERE email = '".$_POST['email']."'
	";
	$res = $Link->Execute($query) 
		or die("email check - line 21 ".$Link->ErrorMsg());

	if($res->fields['email'] == $_POST['email']) {
		echo $message['accountexists'];
	} else {
		//Check to see if the email exists in the table already
		$query = "
		SELECT confirm_id
		FROM confirm
		WHERE email = '".$_POST['email']."'
		";
		$res = $Link->Execute($query) 
			or die("Confirm ID - Line 33".$Link->ErrorMsg());
		$numrows = $res->RecordCount();
		if ($numrows == 0) { 

			//insert email into the confirm table to make a confirm id
			$query = "
			INSERT into confirm
			SET email = '".$_POST['email']."'
			";
			$Link->Execute($query) 
				or die("Confirm ID - Line 43".$Link->ErrorMsg());

			//Get the new confirm id to be emailed to the potential user
			$query = "
			SELECT confirm_id
			FROM confirm
			WHERE email = '".$_POST['email']."'
			";
			$res = $Link->Execute($query) 
				or die("Confirm ID - Line 52".$Link->ErrorMsg());
			$confirm_id = $res->fields['confirm_id'];
		} else {
			$confirm_id = $res->fields['confirm_id'];
		}

rayge99

Okay someone gave me a great idea and it looks to work.

Herest he random ID

md5(uniqid(rand(0,10000)))

Small and easy. FIgured youd like to know 😉

FrozNic

thanks! i've been in oregon for about 4 days now, but i'm back home and just checked the forum! good idea, thanks for sending it my way. - Froz