How do I create, validate email form register.

[adeang_1]

Okay here is my code I have so far.

PHP Code:

<?php
include("connect.php");

//This code runs if the form has been submitted
if (isset($_POST['submit'])) {

//This makes sure they did not leave any fields blank
if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] ) {
die('You did not complete all of the required fields');
}

// checks if the username is in use
if (!get_magic_quotes_gpc()) {
$_POST['username'] = addslashes($_POST['username']);
}
$usercheck = $_POST['username'];
$check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'")
or die(mysql_error());
$check2 = mysql_num_rows($check);

//if the name exists it gives an error
if ($check2 != 0) {
die('Sorry, the username '.$_POST['username'].' is already in use.');
}

// this makes sure both passwords entered match
if ($_POST['pass'] != $_POST['pass2']) {
die('Your passwords did not match. ');
}

// here we encrypt the password and add slashes if needed
$_POST['pass'] = md5($_POST['pass']);
if (!get_magic_quotes_gpc()) {
$_POST['pass'] = addslashes($_POST['pass']);
$_POST['username'] = addslashes($_POST['username']);
}

// now we insert it into the database
$insert = "INSERT INTO users (username, password)
VALUES ('".$_POST['username']."', '".$_POST['pass']."')";
$add_member = mysql_query($insert);
?>


<h1>Registered</h1>
<p>Thank you, you have registered - you may now login</a>.</p>

<?php
}
else
{
?>


<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table border="0">
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="60">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="10">
</td></tr>
<tr><td>Confirm Password:</td><td>
<input type="password" name="pass2" maxlength="10">
</td></tr>
<tr><th colspan=2><input type="submit" name="submit" value="Register"></th></tr> </table>
</form>

<?php
}
?>

This is what I want to learn to do: I want to learn how to be able to, when user registers asks them for their email and then they have to click a link to activate account.

If you don't know what I mean please post. THanks Adeang.

[callumd]

Well, you need to generate some sort of key that can't easily be replicated.

For example, you might take the user's email address, and splice in some random word of your choosing, eg:

doug@email.com

would become..

doug@specialkeyemail.com

You could use 'specialkey' or anything you like, but it's important you use the same value every time.

You would then run the above string (doug@specialkeyemail.com) through the md5 function, and this will generate a key. Then when you email the user, you would include a link to a script, and pass two values, email and key:

validateuser.php?email=doug@email.com&key=(the md5 string)

(Tip: Make sure you run the email address through the urlencode() function before using it in the url).

In the validateuser.php script, you would take the incoming $_GET value of email (which in this case is doug@email.com), (Tip: If you used the urlencode() function on the email address, you'll need to use urldecode() to get it back to its proper lettering) and you would again splice your specialkey in to the email address, and run it through the md5 function.

You then check to see if this value matches the incoming $_GET value of key.

If they match, then you can validate the user's registration.