0

PHP login system: validate mail

Hello. What would be the best solution to properly validate the user‘s ownership of a certain email address? I already thought about generating a random string, storing the hash of it in a database and then sending the user a link to a php file with extension .php?code=randomString Then the php script checks if the hash of the password from the url of the email matches the hash stored in the database. Any ideas?

phpscriptsystemgetsecurityloginemailservervalidatesafety
14th Jul 2019, 9:54 PM
Niklas
4 Respostas
+ 2
And where is the question? Looks like a solid plan and don't forget to delete the hash afterwards
14th Jul 2019, 10:06 PM
Lexfuturorum
Lexfuturorum - avatar
+ 1
As long as you don't feed the get string in the sql querry there shouldn't be a problem Mby you should use htmlspecialchars() But now I'm a little bit worried about you password encryption. What's your plan of attack there
14th Jul 2019, 10:11 PM
Lexfuturorum
Lexfuturorum - avatar
0
Lexfuturorum I‘m not very experienced in PHP safety so I wanted to ask whether this could be a good and safe solution. Sure, the hash will be deleted afterwards and a boolean for the column account_verified will be set to true.
14th Jul 2019, 10:08 PM
Niklas
0
Password? Secure question? Maybe easiest especially since you are not to experienced in PHP
14th Jul 2019, 10:19 PM
Dejan Francuz🥇
Dejan Francuz🥇 - avatar

Costuma ter perguntas como essa?

Aprenda de maneira mais eficiente, de graça:

Ver todos os cursos
Quente hoje
Sticky position
3 Votes
Help please?
3 Votes
Hi Friends , how to compile a java code on android.
3 Votes
How to get better with problem-solving and programming
1 Votes
Ejercicio Pytho
0 Votes
Online voting system
2 Votes
Suggestions needed
4 Votes
What is that z for
0 Votes
Odd even threads without condition variable
0 Votes
Bug on "Java for Beginners Module 3 Quiz"
1 Votes