[RESOLVED] Verification emails and PHP

davo666

hi, i have a form which takes input

userid passwd and email address, these things are placed into a daabase, and i send them an email.

that is it. this isnt an error post its an i dunno what to do post, i would like to:
1. know how to echo a verify picture, you know how they have to type in the letters

put a unique verification link in each email i send after the web register process

and 3. determine privileges of a user eg admin or normal and where do i store the "profile: if you want to call it that eg (database)

sorry for all the words, but i have just been powering through php and mysql integration every thing just works... its great!!!!!

thanks

jmack159

hi there,

1. know how to echo a verify picture, you know how they have to type in the letters

do a google search for "visual captcha", and youll get a ton of results for scripts

2. put a unique verification link in each email i send after the web register process

what i do is create a random alphanumeric key, put that into a table with other user info, for just registrations. then put together a url like so:

http://www.mysite.com/register.php?uname=$uname&amp;key=$key

so when the user clicks the link, your php script can get the key and uname from the $_GET, and check it against the values in the table. if they are a match, then put the user info into the regular user table.

to store user privileges, add a field to the user table called ulevel. i use 9 for admins, 1 for users. so then you can check their level by the number. so if you want to show something only to the admin you could do:

if($ulevel == 9){
     echo "some important admin stuff!";
}

hope this helps.

p.s. -- i guess i kinda assumed you used databases for all this.

davo666

awesome thanks heaps, that is a really big help, and it all makes sens, BUT how should - and how do you NORMALLY do the whole verification

is it

a) dont modify your db, until the link is visited

-OR-

b) give them "pre rego" privileges ( verified = 0 (false) ) and if they dont click the link in x amount of dayz then they get deleted.

yeah

like which is easiest, which uses less stuff (resources) and code, and any crucial points that i am missing out that will severly compromise all data on my server

🙂 thanks for all the help

jmack159

for that, i have one table that is just for registrations, and one for confirmed users. when the user registers, they go into the register table. i record name, email, the key, and the time created. then send the email with the link. when the user clicks the link, it takes them to the register page. i verify that the key is in the db and matches the one given with the name and email. then i record the time it was confirmed (in a separate field in the register tbl). then i ask what the user wants for a uname and pass. then i copy the name, email, and some other preset attributes for the user (like user level, group, etc) from the register table to the user table + the uname and pass, thus making the user able to use your site, but not before they are confirmed. i made it use 2 tables, because the random key, and the 2 timestamps are not necessary for anything but the registration process. i suppose you could prune the register table for registrations that dont have the confirmed timestamp, and the created timestamp < time()+6060xdays. that just a base method. the attributes you need to collect and when might be different for your site. this was setup for the admin to create the user, then send the user the confirm email, then the user confirms the registration and chooses a uname and pass.

as for security, just make sure you check all your data before putting into ANY query. sql injection is not fun. mysql_real_escape_string() will usually do the trick for user submitted data

hope this is clear🙂

davo666

hi, back to visual captchas

i am following directions and source from this site:

http://www.ejeliot.com/

because it had visual <b>and</b> audio captchas

but i dont get my captcha i get a box with red X and my alt text which is Visual CAPTCHA

is there any unwritten rules that i am missing.

the actual tag <img src = a php file?? >

thanks

jmack159

hi there,

you must have the GD image library installed for this to work. upload a file to your server that only has this in it:

<?php phpinfo(); ?>

and go to that file in your browser. that will tell you if you have the GD library installed. it sounds like the image is not being created. do you get any php errors? did you set to error_reporting(E_ALL)? it is correct that you get the generated image by using this: <img src='visual_captcha.php' alt='captcha'/> the way it works is the browser goes to the php file looking for an image, but what we do is send an content type header to tell the browser that it indeed is an image were going to send to the browser and the code will spit out the image right to the browser. the 'intermediate' php file should look something like this:

visual_captcha.php:

require('php-captcha.php');

$aFonts = array('fonts/VeraBd.ttf', 'fonts/VeraIt.ttf', 'fonts/Vera.ttf');
$oVisualCaptcha = new PhpCaptcha($aFonts, 100, 50);
//$oPhpCaptcha->UseColour(true);
$oVisualCaptcha->SetNumChars(4);
$oVisualCaptcha->Create();

you can download the fonts from here: http://www.gnome.org/fonts/ free!

hope thats clear.

davo666

hi again i have tried your intermediate php file i have installed php4-gd (a debian package)

and to no avail

im stumped- the only lead in the intermediate file the fonts are at

fonts/ttf-font

where is this location, my internet dir, or /var/www/html/fonts

or even /usr/share/fonts

thanks

davo666

actually i have tried debian package and source but in phpinfo(); it dosent show gd library?? go figure

this which i thought would be a small incorporation has turned into a huge problem!, i cant even begin to think about audio captcha as well...

ah well, any thoughts...

davo666

yes! i have switched to php5 and gd is included in phpinfo()

it still dosent work though...

davo666

HI !!!!! after installing php5 and mucking round with the source code, somehow.. i made the visual captcha work!!!!

although the audio one still says here are the 0 characters, which means my flite binary is working, it is storing the wav file in temp but the

this->sCode

( i dont know what it means)

isnt getting the characters to say.

im so pleased with my self

thanks for all the help!

jmack159

i haven't messed around with the audio captchas yet.... haven't had the time to get the flite extension installed and mess around with it, so i wont really be able to help you with that. sorry. but im glad to hear that you got the visual working! 🙂

davo666

nup, its all good sound and visual is working!!!!!

if you need any help with audio captcha then just email! thanks for all ya help

shaved hours off getting my web hosting company off the ground!

Thanks!!

bradgrafelman

Don't forget to mark this thread resolved.