How to add email verification function when writing login registration system in PHP?

How to add email verification function when writing login registration system in PHP?

With the development of the Internet, login and registration functions have become essential features for any website or application. In order to ensure the security and validity of user information, adding the email verification function can effectively improve user experience and system security. In this article, we will introduce how to use PHP to write a login registration system and add email verification functions.

1. Create database and related tables

First, we need to create a database and two related tables, one for storing user information and the other for storing user information. Temporary verification code and verification status based on email verification.

CREATE DATABASE user_system;

USE user_system;

CREATE TABLE users (
    id INT AUTO_INCREMENT PRIMARY KEY,
    username VARCHAR(50) NOT NULL,
    email VARCHAR(100) NOT NULL,
    password VARCHAR(255) NOT NULL,
    is_verified BOOLEAN DEFAULT 0
);

CREATE TABLE email_verification (
    id INT AUTO_INCREMENT PRIMARY KEY,
    user_id INT NOT NULL,
    code VARCHAR(255) NOT NULL,
    is_valid BOOLEAN DEFAULT 1
);

2. Writing the registration page

In the registration page, we need to collect the username, email and password provided by the user, and send a verification email to the email address provided by the user .

<?php
session_start();

if (isset($_POST['register'])) {
    $username = $_POST['username'];
    $email = $_POST['email'];
    $password = $_POST['password'];

    // 生成随机的验证码
    $code = bin2hex(random_bytes(16));

    // 将用户信息插入到数据库中
    $query = "INSERT INTO users (username, email, password) VALUES ('$username', '$email', '$password')";
    $result = mysqli_query($connection, $query);

    if ($result) {
        // 将验证码和用户ID插入到邮箱验证表中
        $user_id = mysqli_insert_id($connection);
        $query = "INSERT INTO email_verification (user_id, code) VALUES ('$user_id', '$code')";
        $result = mysqli_query($connection, $query);

        if ($result) {
            // 发送验证邮件
            $to = $email;
            $subject = '用户注册验证';
            $message = "请点击以下链接完成注册验证：
";
            $message .= "http://example.com/activate.php?code=$code";
            $headers = "From: noreply@example.com";

            mail($to, $subject, $message, $headers);

            $_SESSION['success'] = '注册成功，请检查你的邮箱进行验证。';
            header('Location: login.php');
            exit;
        } else {
            $_SESSION['error'] = '注册失败，请稍后重试。';
        }
    } else {
        $_SESSION['error'] = '注册失败，请稍后重试。';
    }
}
?>

<!DOCTYPE html>
<html>

<head>
    <title>用户注册</title>
</head>

<body>
    <h2>用户注册</h2>

    <?php if (isset($_SESSION['error'])): ?>
        <div class="error"><?php echo $_SESSION['error']; ?></div>
    <?php unset($_SESSION['error']); endif; ?>

    <form method="POST">
        <input type="text" name="username" placeholder="用户名" required><br>
        <input type="email" name="email" placeholder="邮箱" required><br>
        <input type="password" name="password" placeholder="密码" required><br>
        <input type="submit" name="register" value="注册">
    </form>
</body>

</html>

3. Write email verification page

After the user clicks the link in the verification email, it is necessary to verify the validity of the email verification code and update the user's verification status.

<?php
session_start();

if (isset($_GET['code'])) {
    $code = $_GET['code'];

    // 查询验证表中是否存在该验证码
    $query = "SELECT * FROM email_verification WHERE code='$code' AND is_valid=1";
    $result = mysqli_query($connection, $query);

    if (mysqli_num_rows($result) > 0) {
        $verification = mysqli_fetch_assoc($result);
        $user_id = $verification['user_id'];

        // 更新用户的验证状态
        $query = "UPDATE users SET is_verified=1 WHERE id=$user_id";
        $result = mysqli_query($connection, $query);

        if ($result) {
            // 更新验证码的有效性
            $query = "UPDATE email_verification SET is_valid=0 WHERE code='$code'";
            $result = mysqli_query($connection, $query);

            $_SESSION['success'] = '邮箱验证成功，你现在可以登录了。';
            header('Location: login.php');
            exit;
        } else {
            $_SESSION['error'] = '邮箱验证失败，请稍后重试。';
        }
    } else {
        $_SESSION['error'] = '无效的验证码。';
    }
}
?>

<!DOCTYPE html>
<html>

<head>
    <title>邮箱验证</title>
</head>

<body>
    <h2>邮箱验证</h2>

    <?php if (isset($_SESSION['error'])): ?>
        <div class="error"><?php echo $_SESSION['error']; ?></div>
    <?php unset($_SESSION['error']); endif; ?>

    <?php if (isset($_SESSION['success'])): ?>
        <div class="success"><?php echo $_SESSION['success']; ?></div>
    <?php unset($_SESSION['success']); endif; ?>
</body>

</html>

Through the above steps, we successfully created a basic login registration system and added the email verification function. After the user registers, the system will automatically send a verification email to the email address provided by the user. The user needs to click on the link to complete the email verification. Only after successful verification can they log in to the system. This provides a more secure user registration and login experience to our website or application.

However, please make sure that the email sending function of your website or application is configured correctly, and replace the relevant configuration information with the corresponding parts of the code sample.

Hope the above content can help you!

The above is the detailed content of How to add email verification function when writing login registration system in PHP?. For more information, please follow other related articles on the PHP Chinese website!