(Advanced) PHP implements email verification and account activation after user registration

When we register members on many websites, after the registration is completed, the system will automatically send an email to the user's mailbox. The content of this email is a URL link. The user needs to click and open this link to activate the registration on the website. account. Membership functions can be used normally only after activation is successful.

This article will use examples to explain how to use PHP+Mysql to complete the functions of registering an account, sending activation emails, verifying the activation account, and handling URL link expiration.

Business process

1. The user submits registration information.

2. Write to the database. The account status is not activated at this time.

3. Encrypt the username, password or other identifying characters to form an activation identification code (you can also call it an activation code).

4. Send the constructed activation identification code into a URL to the email address submitted by the user.

5. The user logs in to the email and clicks on the URL to activate.

6. Verify the activation identification code. If correct, activate the account.

Prepare the data table

The field Email in the user information table is very important. It can be used to verify users, retrieve passwords, and even for website parties, it can be used to collect user information for email marketing. , the following is the table structure of the user information table t_user:

CREATE TABLE IF NOT EXISTS `t_user` ( 
  `id` int(11) NOT NULL AUTO_INCREMENT, 
  `username` varchar(30) NOT NULL COMMENT '用户名', 
  `password` varchar(32) NOT NULL COMMENT '密码', 
  `email` varchar(30) NOT NULL COMMENT '邮箱', 
  `token` varchar(50) NOT NULL COMMENT '帐号激活码', 
  `token_exptime` int(10) NOT NULL COMMENT '激活码有效期', 
  `status` tinyint(1) NOT NULL DEFAULT '0' COMMENT '状态,0-未激活,1-已激活', 
  `regtime` int(10) NOT NULL COMMENT '注册时间', 
  PRIMARY KEY (`id`) 
) ENGINE=MyISAM  DEFAULT CHARSET=utf8;

HTML

Place a registration form on the page, and the user can enter registration information, including user name, password and email.

<form id="reg" action="register.php" method="post"> 
    <p>用户名：<input type="text" class="input" name="username" id="user"></p> 
    <p>密 码：<input type="password" class="input" name="password" id="pass"></p> 
    <p>E-mail：<input type="text" class="input" name="email" id="email"></p> 
    <p><input type="submit" class="btn" value="提交注册"></p> 
</form>

Necessary front-end verification is required for user input. Regarding the form verification function, it is recommended that you refer to the article on this site: An example explains the application of the form verification plug-in Validation. This article skips the front-end verification code. In addition, the page There should also be an input box that requires the user to re-enter the password, so you can skip it if you are lazy.

register.php

The user submits the registration information to register.php for processing. register.php needs to complete two major functions: writing data and sending emails.

First of all, it contains the two necessary files, connect.php and smtp.class.php. These two files are included in the download package provided outside. You are welcome to download.

include_once("connect.php");//连接数据库 
include_once("smtp.class.php");//邮件发送类

Then we need to filter the information submitted by the user and verify whether the username exists (the front end can also verify).

$username = stripslashes(trim($_POST['username'])); 
$query = mysql_query("select id from t_user where username='$username'"); 
$num = mysql_num_rows($query); 
if($num==1){ 
    echo '用户名已存在，请换个其他的用户名'; 
    exit; 
}

Then we encrypt the user password and construct the activation identification code:

$password = md5(trim($_POST['password'])); //加密密码 
$email = trim($_POST['email']); //邮箱 
$regtime = time(); 
 
$token = md5($username.$password.$regtime); //创建用于激活识别码 
$token_exptime = time()+60*60*24;//过期时间为24小时后 
 
$sql = "insert into `t_user` (`username`,`password`,`email`,`token`,`token_exptime`,`regtime`)  
values ('$username','$password','$email','$token','$token_exptime','$regtime')"; 
 
mysql_query($sql);

In the above code, $token is the constructed activation identification code, which is composed of user name, password and current time Composed and md5 encrypted. $token_exptime is used to set the expiration time of the activation link URL. The user can activate the account within this time period. In this example, the activation is valid within 24 hours. Finally, these fields are inserted into the data table t_user.

When the data is inserted successfully, call the email sending class to send the activation information to the user's registered mailbox. Pay attention to forming the constructed activation identification code into a complete URL as the activation link when the user clicks. The following is the details Code:

if(mysql_insert_id()){ 
    $smtpserver = ""; //SMTP服务器，如：smtp.163.com 
    $smtpserverport = 25; //SMTP服务器端口，一般为25 
    $smtpusermail = ""; //SMTP服务器的用户邮箱，如xxx@163.com 
    $smtpuser = ""; //SMTP服务器的用户帐号xxx@163.com 
    $smtppass = ""; //SMTP服务器的用户密码 
    $smtp = new Smtp($smtpserver, $smtpserverport, true, $smtpuser, $smtppass); //实例化邮件类 
    $emailtype = "HTML"; //信件类型，文本:text；网页：HTML 
    $smtpemailto = $email; //接收邮件方，本例为注册用户的Email 
    $smtpemailfrom = $smtpusermail; //发送邮件方，如xxx@163.com 
    $emailsubject = "用户帐号激活";//邮件标题 
    //邮件主体内容 
    $emailbody = "亲爱的".$username."：<br/>感谢您在我站注册了新帐号。<br/>请点击链接激活您的帐号。<br/> 
    <a href=&#39;http://www.helloweba.com/demo/register/active.php?verify=".$token."&#39; target= 
&#39;_blank&#39;>http://www.helloweba.com/demo/register/active.php?verify=".$token."</a><br/> 
    如果以上链接无法点击，请将它复制到你的浏览器地址栏中进入访问，该链接24小时内有效。"; 
    //发送邮件 
    $rs = $smtp->sendmail($smtpemailto, $smtpemailfrom, $emailsubject, $emailbody, $emailtype); 
    if($rs==1){ 
        $msg = &#39;恭喜您，注册成功！<br/>请登录到您的邮箱及时激活您的帐号！&#39;;     
    }else{ 
        $msg = $rs;     
    } 
} 
echo $msg;

There is also a very easy-to-use and powerful email sending class to share with everyone: use PHPMailer to send emails with attachments and support HTML content. You can use it directly.

active.php

If nothing goes wrong, the email you filled in when registering your account will receive an email from helloweba. At this time, you can directly click the activation link and hand it over to active.php deal with.

active.php接收提交的链接信息，获取参数verify的值，即激活识别码。将它与数据表中的用户信息进行查询对比，如果有相应的数据集，判断是否过期，如果在有效期内则将对应的用户表中字段status设置1，即已激活，这样就完成了激活功能。

include_once("connect.php");//连接数据库 
 
$verify = stripslashes(trim($_GET['verify'])); 
$nowtime = time(); 
 
$query = mysql_query("select id,token_exptime from t_user where status='0' and  
`token`='$verify'"); 
$row = mysql_fetch_array($query); 
if($row){ 
    if($nowtime>$row['token_exptime']){ //24hour 
        $msg = '您的激活有效期已过，请登录您的帐号重新发送激活邮件.'; 
    }else{ 
        mysql_query("update t_user set status=1 where id=".$row['id']); 
        if(mysql_affected_rows($link)!=1) die(0); 
        $msg = '激活成功！'; 
    } 
}else{ 
    $msg = 'error.';     
} 
echo $msg;

激活成功后，发现token字段并没有用处了，您可以清空。接下来我们会讲解用户找回密码的功能，也要用到邮箱验证，敬请关注。

以上就是(进阶篇)PHP实现用户注册后邮箱验证，激活帐号的内容，更多相关内容请关注PHP中文网（www.php.cn）！