php - Need to hash emailed 'verification' URL? -

-

I have a form that collects basic user information on a later page this user will enter a 'verification' code To be sure that they have access to the email account.

In addition, in some event, a person has accidentally left the site before entering his validity code, I will provide a link with a unique $ _GET variable so that they verify their email address Able to

Some questions:

  1. Is there a disadvantage in collecting the verification code in the plain site next to the email address of the customer (this code is 12345)?
  2. Need a 'hash' verification URL $ _GET variable? I thought that only 64 characters create string, add at the end of the URL and check against the database value (again stored with email address).

    I could never do that user password (leave in open non-hashed) but in this situation, what is the proper method?

    Edit

    It seems that people are like GUID thoughts (though I'm not sure that this is more typical than saying 64 characters randomly generated strings). Does the function look enough below? 

      function getGUID () {if (function_exists ('com_create_guid')) {return com_create_guid (); } Other {MT_SEND ((double) microgram () * 10000); // Optional for PHP 5.2.0 and up $ Charid = strtoupper (md5 (uniqid (rand (), true))); $ Hyphen = "-"; $ Uuid = "{" .substr ($ charid, 0, 8) $ Hyphen .substr ($ charid, 8, 4). $ Hyphen .substr ($ charid, 12, 4). $ Hyphen .substr ($ charid, 16, 4) $ Hyphen .substr ($ charid, 20,12) "}"; Refund $ uuid; }}    
     
     
     Just use a GUID and forget about it! If you want this, you can store it in another table. No need it.

Comments

Post a Comment

Popular posts from this blog

mysql - BLOB/TEXT column 'value' used in key specification without a key length -

-
I have developed an extension which works up to 1.6 on Magren (I'm trying Enterprise Edition, And I think the community is the same problem, because it is the same code). In my install script, I see the $ installer-> gt; CreateEntityTables ($ this- & gt; getTable ('alphanum / info')); The installation is done until it is not in the _text unit table. It crashed there! It turns out that when I log in to SQL and run it via PHPmyadmin, then this error is: Blob / Text column 'value' is used without the key 'key' . I saw the code there, and this is what is trying to create an index on the value column: -> addIndex ($ this- & gt; getIdxName ($ eavTableName, array ( 'attribute_id array (' attribute_id ',' value ')) - & gt; addIndex ($ this- & gt; getIdxName ($ eavTableName, array (' entity_type_id ' , 'Value')), array ('entity_type_id', 'value')) If there is no if statement is n...
Read more

c# - Using Vici cool Storage with monodroid -

-
Oh, for the moment I am not sure how it is officially supported, but for the success of the people Using Monodroid Vic Cool Storage I am able to leave and compile assemblies in my project, but while trying to use some classes, the errors of time have to be gathered. Especially when trying to connect like the example for Mono Touch string dbName = path. Cobain (environment. Gatefolder path (environment specialfolder personal), "mydb.db3"); // The following line will be called coolestation, where is the database, // to make it if it does not exist, and call a delegate that creates the necessary tables (only when the database file was newly created //) CSConfig.SetDB (DbName, true, () => {CSDatabase.ExecuteNonQuery ("Subscriber Integer Primary Key Attribute, Name Text (50) No, Number, Date First Text (30)");); There is no difference when I try to use the methods of CSConfig and when I cscfif If I try to pass 3 aggregates to STDB (3) then I get the invalid ...
Read more

c# - Confused over DLL entry points (entry point not found exception) -

-
I'm learning how to use DLL in C #. I have a very simple DLL to do my basic test. // using the MainForm.cs system; Using System.Collections.Generic; Using System.ComponentModel; Using System.Data; Using System.Drawing; Using System.Linq; Using System.Text; Using System.Windows.Forms; Using System.Runtime.InteropServices; Namespace DLL_Test {public partial class} Form 1: Form {{DllImport ("TestDLL.dll", EntryPoint = "? @ @ YGHHH Add @, Accurate Spelling = True, Calling Communication = Calling Conference. STCL}] Add public static extern int ( Int a, int b); public form 1 () {initialization ();} private zeros button 1_Click (object sender, eventArgs e) {int num; try {num = add (2, 3); RichTextBox1.AppendText (num. ToString () + "\ n");} Hold (DllNotFoundException Pre) {Message Box.Show (ex.ToString ());} Hold (EntryPointNotFoundException Pre) {Message Box.Show (ex.ToString ())}} }} more DLL code: // TestDLL.cpp __declspec (dllexport) Add int __std...
Read more