www.webdeveloper.com
Results 1 to 2 of 2

Thread: Account Activation

  1. #1
    Join Date
    Jul 2006
    Posts
    655

    Account Activation

    Hi, i have a few questions in relation to account activation, which i hope someone can help me with:

    01 - when a user creates an account, should we limit the time in which they can activate the account using the link in their email

    02 - if so, how should we handle the link if the token no longer appears in the database

    03 - is there anything i need to look out for in terms a user misusing the link below

    http://www.website.com/activate-acco...f17a30a67d9ea4

    Thanks in advance for your help

  2. #2
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,318
    When I've done something along those lines, I include both the token used in the link and the timestamp when it was generated/sent as 2 fields in the relevant db table. Then if a request comes in with a token, I only process it if (a) the token is found in the DB and (b) the current date/time is no more than the stored timestamp + whatever max interval you choose.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles