How to use PHP to implement the automatic expiration function of email verification code

How to use PHP to implement the automatic expiration function of email verification codes, specific code examples are required

With the continuous development of the Internet, email verification has become a common problem for various websites and One of the must-have features of the app. The verification code function is an important means to ensure user security and identity verification. However, the expiration problem of email verification codes has always troubled developers. How to ensure the security and automatic expiration of verification codes is a key issue. This article will introduce how to use PHP language to implement the automatic expiration function of email verification codes, and provide specific code examples.

1. Verification code generation and sending process

The process of user registration or password retrieval that requires email verification is generally as follows:

1. The user enters the email address and submit Form.
2. The background verifies the legitimacy of the email address, such as whether the format is correct, whether it has been registered, etc.
3. Generate a random verification code and save it to the database.
4. Send the verification code to the user's email.
5. User logs in to the email address and obtains the verification code.
6. The user enters the verification code into the verification code input box of the website or application for verification.
7. The background verifies whether the verification code entered by the user is consistent with the verification code saved in the database.

The key is how to generate and save the verification code, and how to implement the automatic expiration function of the email verification code. Next we will implement it step by step.

2. Verification code generation and saving

<?php
// 生成随机的验证码
$verificationCode = mt_rand(100000, 999999);

// 将验证码保存到数据库
$conn = new mysqli('localhost', 'username', 'password', 'database');
$stmt = $conn->prepare("INSERT INTO verification_codes (email, code, expiry_time) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $email, $verificationCode, date("Y-m-d H:i:s", strtotime("+10 minutes"))); // 过期时间为当前时间后10分钟
$stmt->execute();
$stmt->close();
$conn->close();

// 将验证码发送至用户邮箱
$emailSubject = "邮箱验证码";
$emailContent = "您的验证码为：" . $verificationCode . "，该验证码将在10分钟内过期，请及时输入。";
mail($userEmail, $emailSubject, $emailContent);
?>

In the above code, first use the mt_rand() function to generate a 6-digit random number as the verification code, and then insert it through the database The operation saves the verification code and expiration time to the verification_codes table. Next, use the mail() function to send the verification code to the user's mailbox.

3. Verification code expiration function implementation

<?php
// 验证用户输入的验证码是否有效
$conn = new mysqli('localhost', 'username', 'password', 'database');
$stmt = $conn->prepare("SELECT * FROM verification_codes WHERE email = ? AND code = ? AND expiry_time > ? LIMIT 1");
$stmt->bind_param("sss", $email, $verificationCode, date("Y-m-d H:i:s")); // 只查询未过期的验证码
$stmt->execute();
$result = $stmt->get_result();

if ($result->num_rows == 1) {
    // 验证码有效，做相应处理
    // ...
} else {
    // 验证码无效或已过期，给出相应提示
    // ...
}

$stmt->close();
$conn->close();
?>

The above code verifies whether the verification code entered by the user is valid by querying the database. Among them, the expiry_time field is used to determine whether the verification code has expired. expiry_time > ? means that only unexpired verification codes are queried. For valid verification codes, corresponding processing can be performed; for invalid or expired verification codes, corresponding prompts can be given.

To sum up, the above is a specific code example of using PHP to implement the automatic expiration function of the email verification code. Through the above steps, we can ensure the security and effectiveness of the verification code and improve the user's sense of security and user experience. Of course, in practice, it is also necessary to appropriately adjust and optimize the table structure of the database, and implement security protection measures to improve the stability and security of the system.

The above is the detailed content of How to use PHP to implement the automatic expiration function of email verification code. For more information, please follow other related articles on the PHP Chinese website!