Welcome Guest, Not a member yet? Register   Sign In
Email verification and what to check against?
#1

[eluser]sdotsen[/eluser]
My email verification URL is as follows ...

http://domain.com/account/confirm/<USERNAME>/<RANDDOM HASH CODE>

I guess it's just a matter of preference but I wanted to hear what others have to say.
Ideally you would want to confirm against both username and the hash code. I have working code
but then it occurred to me. If one clicked on the URL, you would check against the username and hash code
passed in the URL. Wouldn't it make more sense to check against the "hash code" and the username the person logs in against? If that's the case, then why pass the username in the URL.

I realize a lot of sites do this by inserting either the username or email in the URL address.
I wasn't sure if I should still include it in the URL I send to the user.
#2

[eluser]InsiteFX[/eluser]
Check this out.

Auth 1.0.6

Enjoy
InsiteFX




Theme © iAndrew 2016 - Forum software by © MyBB