1

只需要一种简单的方法来使通过电子邮件发送给我网站上的用户的激活链接过期。当前用户注册的日期存储在 mysql 数据库中。电子邮件中发送的链接是这样的:/activation.php?id=20

这是我的激活

    <? 
include_once "scripts/connect_to_mysql.php";
// Get the member id from the URL variable
$id = $_REQUEST['id'];
$id = ereg_replace("[^0-9]", "", $id); // filter everything but numbers for security
if (!$id) {
    echo "Missing Data to Run";
    exit(); 
}
// Update the database field named 'email_activated' to 1
$sql = mysql_query("UPDATE members SET emailactivated='1' WHERE id='$id'"); 
// Check the database to see if all is right now 
$sql_doublecheck = mysql_query("SELECT * FROM members WHERE id='$id' AND emailactivated='1'"); 
$doublecheck = mysql_num_rows($sql_doublecheck); 
if($doublecheck == 0){ 
// Print message to the browser saying we could not activate them
print "<br /><br /><div align=\"center\"><h3><strong><font color=red>Your account could not be activated!</font></strong><h3><br /></div>"; 
} elseif ($doublecheck > 0) {
// Print a success message to the browser cuz all is good 
// And supply the user with a link to your log in page, please alter that link line 
print "<br /><br /><h3><font color=\"#0066CC\"><strong>Your account has been activated!<br /><br />
</strong></font><a href=\"\">Click Here</a> to log in now.</h3>"; 
} 
?>
4

2 回答 2

1

创建激活链接时,将 unix 时间戳与它一起存储在表中的记录中

表可能如下所示:

activation_links
id,link_hash,created_date,expiration_date,is_active,used_date

然后在激活时只需检查到期日期

$key = $_GET['key'];
$sql = "SELECT COUNT(*) FROM activation_links WHERE link_hash = '$key' AND expiration_date <= ".time();

此外,您不想使用简单的数字激活键。您应该生成不容易被猜到的长随机字符串。

function generateRandomString($length = 10) {
    $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $randomString = '';
    for ($i = 0; $i < $length; $i++) {
        $randomString .= $characters[rand(0, strlen($characters) - 1)];
    }
    return $randomString;
}

旁注: 您应该使用 MySQLi 或 PDO

前任。

$db = new mysqli($host,$user,$pass,$dbname);
于 2013-02-06T03:22:14.767 回答
0

您需要在数据库中的成员表上放置一个激活到期日期字段。这样,当您创建成员记录时,插入日期,例如提前 6 小时。然后在处理链接点击时,确保尚未超过激活日期。

于 2013-02-06T03:23:40.273 回答