PHP Email Verification

Posted By: adminon: November 13, 2013In: PHP, TIPSNo Comments

How to implement email verification system using PHP. This is very basic tutorial explained how to create database and proper activation code. Implemented with mysqli_() fuctions, because mysql_() functions are depreciated.

Database
Sample database users table contains four columns uid, email, password, activation and status.

CREATE TABLE IF NOT EXISTS `users` (
`uid` int(11) NOT NULL AUTO_INCREMENT,
`email` varchar(300) NOT NULL UNIQUE,
`password` varchar(300) NOT NULL,
`activation` varchar(300) NOT NULL UNIQUE,
`status` enum(‘0′,’1’) NOT NULL DEFAULT ‘0’,
PRIMARY KEY (`uid`)
)

HTML Code
Contains simple HTMl code.

<form action=”” method=”post”>
<label>Email</label>
<input type=”text” name=”email”font-family: inherit; font-style: inherit; border: 0px none; outline: 0px; padding: 0px; margin: 0px; color: blue;”>input” autocomplete=”off”/>
<label>Password </label>
<input type=”password” name=”password”font-family: inherit; font-style: inherit; border: 0px none; outline: 0px; padding: 0px; margin: 0px; color: blue;”>input” autocomplete=”off”/><br/>
<input type=”submit”font-family: inherit; font-style: inherit; border: 0px none; outline: 0px; padding: 0px; margin: 0px; color: blue;”>button” value=”Registration” />
<span class=’msg’><?php echo $msg; ?></span>
</form>

db.php
Database configuration file, modify username, password, database and base url values.

<?php
define(‘DB_SERVER’, ‘localhost’);
define(‘DB_USERNAME’, ‘username’);
define(‘DB_PASSWORD’, ‘password’);
define(‘DB_DATABASE’, ‘database’);
$connection =@mysqli_connect(DB_SERVER,DB_USERNAME,DB_PASSWORD,DB_DATABASE);
$base_url=’http://www.youwebsite.com/email_activation/’;
?>

index.php
Contains PHP code, storing user registration values into users table. Here activation code generation using MD5 encryption.

<?php
include ‘db.php’;
$msg=”;
if(!empty($_POST[’email’]) && isset($_POST[’email’]) && !empty($_POST[‘password’]) && isset($_POST[‘password’]) )
{
// username and password sent from form
$email=mysql_real_escape_string($_POST[’email’]);
$password=mysql_real_escape_string($_POST[‘password’]);
// regular expression for email check
$regex = ‘/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/’;if(preg_match($regex, $email))
{
$password=md5($password); // encrypted password
$activation=md5($email.time()); // encrypted email+timestamp
$count=mysqli_query($connection,”SELECT uid FROM users WHERE email=’$email'”);
// email check
if(mysqli_num_rows($count) < 1)
{
mysqli_query($connection,”INSERT INTO users(email,password,activation) VALUES(‘$email’,’$password’,’$activation’)”);
// sending email
include ‘smtp/Send_Mail.php’;
$to=$email;
$subject=”Email verification”;
$body=’Hi, <br/> <br/> We need to make sure you are human. Please verify your email and get started using your Website account. <br/> <br/> <a href=”‘.$base_url.’activation/’.$activation.'”>’.$base_url.’activation/’.$activation.'</a>’;

Send_Mail($to,$subject,$body);
$msg= “Registration successful, please activate email.”;
}
else
{
$msg= ‘The email is already taken, please try new.’;
}

}
else
{
$msg = ‘The email you have entered is invalid, please try again.’;
}

}
// HTML Part
?>

Send_Mail.php
Sending email function, just modify SMTP host, username and password.

<?php
function Send_Mail($to,$subject,$body)
{
require ‘class.phpmailer.php’;
$from = “from@yourwebsite.com”;
$mail = new PHPMailer();
$mail->IsSMTP(true); // use SMTP
$mail->IsHTML(true);
$mail->SMTPAuth = true; // enable SMTP authentication
$mail->Host = “tls://smtp.yourwebsite.com”; // SMTP host
$mail->Port = 465; // set the SMTP port
$mail->Username = “SMTP_Username”; // SMTP username
$mail->Password = “SMTP_Password”; // SMTP password
$mail->SetFrom($from, ‘From Name’);
$mail->AddReplyTo($from,’From Name’);
$mail->Subject = $subject;
$mail->MsgHTML($body);
$address = $to;
$mail->AddAddress($address, $to);
$mail->Send();
}
?>

activation.php
Contains PHP code, here based on activations code user status updating from 0to 1.

<?php
include ‘db.php’;
$msg=”;
if(!empty($_GET[‘code’]) && isset($_GET[‘code’]))
{
$code=mysql_real_escape_string($_GET[‘code’]);
$c=mysqli_query($connection,”SELECT uid FROM users WHERE activation=’$code'”);if(mysqli_num_rows($c) > 0)
{
$count=mysqli_query($connection,”SELECT uid FROM users WHERE activation=’$code’ and status=’0‘”);

if(mysqli_num_rows($count) == 1)
{
mysqli_query($connection,”UPDATE users SET status=’1’ WHERE activation=’$code'”);
$msg=”Your account is activated”;
}
else
{
$msg =”Your account is already active, no need to activate again”;
}

}
else
{
$msg =”Wrong activation code.”;
}

}
?>
//HTML Part
<?php echo $msg; ?>

Email Verification

.htaccess
URL redirection script it turns
http://website.com/activation.php?code=ACTIVATION_CODE
to
http://website.com/activation/ACTIVATION_CODE

RewriteEngine OnRewriteRule ^activation/([a-zA-Z0-9_-]+)$ activation.php?code=$1
RewriteRule ^activation/([a-zA-Z0-9_-]+)/$ activation.php?code=$1

CSS code

body
{
font-family: “Helvetica”,Arial,sans-serif;
font-weight: 500;
color:#333;
}
label
{
width:100px;
display:block;
font-weight:bold;
color:#666666;
}
#main
{
margin:0 auto;
width:800px;
}
.input
{
padding:10px;
font-size:14px;
border:1px solid #999999;
width:200px;
margin-bottom:10px;
}
.button {
padding:10px;
background-color: #5fcf80 !important;
border-color: #3ac162 !important;
}
.msg
{
font-size:11px;
color:#666;
padding:10px;
}