Monday, August 24, 2015

PHP Email Verification Script

Hi all, Email verification has become most common procedure to avoid spam users. Here is the simple script which makes you guys clear in actual process work flow.

1.Database
Create a sample database users table contains four columns uid, email, password, activation and status.                                                                               

CREATE TABLE IF NOT EXISTS `users` (
`uidint(11) NOT NULL AUTO_INCREMENT,
`emailvarchar(300) NOT NULL UNIQUE,
`passwordvarchar(300) NOT NULL,
`activationvarchar(300) NOT NULL UNIQUE,
`statusenum('0','1') NOT NULL DEFAULT '0',
PRIMARY KEY (`uid`)
)


2.HTML Code

Create a simple HTMl code containing Email and Password Login form



<form action=" " method="post">
<label>Email</label>
<input type="text" name="email" class="input" autocomplete="off"/>
<label>Password </label>
<input type="password" name="password" class="input" autocomplete="off"/><br/>
<input type="submit" class="button" value="Registration" />
<span class='msg'><?php echo $msg; ?></span>
</form>

3.db.php

Create Database configuration file, modify username, password, database and base url values. 


<?php
define('DB_SERVER', 'localhost');
define('DB_USERNAME', 'username');
define('DB_PASSWORD', 'password');
define('DB_DATABASE', 'database');
$connection = @mysqli_connect(DB_SERVER,DB_USERNAME,DB_PASSWORD,DB_DATABASE);
$base_url='http://www.youwebsite.com/email_activation/';
?>

4.Index.php

Create PHP code, storing user registration values into users table. Here activation code generation using MD5 encryption. 
<?php
include 'db.php';
$msg='';
if(!empty($_POST['email']) && isset($_POST['email']) && !empty($_POST['password']) &&  isset($_POST['password']) )
{
// username and password sent from form
$email=mysqli_real_escape_string($connection,$_POST['email']);
$password=mysqli_real_escape_string($connection,$_POST['password']);
// regular expression for email check
$regex = '/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/';
if(preg_match($regex, $email))

$password=md5($password); // encrypted password
$activation=md5($email.time()); // encrypted email+timestamp
$count=mysqli_query($connection,"SELECT uid FROM users WHERE email='$email'");
// email check
if(mysqli_num_rows($count) < 1)
{
mysqli_query($connection,"INSERT INTO users(email,password,activation) VALUES('$email','$password','$activation')");
// sending email
include 'smtp/Send_Mail.php';
$to=$email;
$subject="Email verification";
$body='Hi, <br/> <br/> We need to make sure you are human. Please verify your email and get started using your Website account. <br/> <br/> <a href="'.$base_url.'activation/'.$activation.'">'.$base_url.'activation/'.$activation.'</a>';
Send_Mail($to,$subject,$body);
$msg= "Registration successful, please activate email.";
}
else
{
$msg= 'The email is already taken, please try new.';
}
}
else
{
$msg = 'The email you have entered is invalid, please try again.'; 
}
}
?>

5.Send_Mail.php

Sending email function, just modify SMTP host, username and password. Here you can use GMail SMTP details for testing click here to see GMail SMTP article. 


<?php
function Send_Mail($to,$subject,$body)
{
require 'class.phpmailer.php';
$from       = "from@yourwebsite.com";
$mail       = new PHPMailer();
$mail->IsSMTP(true);            // use SMTP
$mail->IsHTML(true);
$mail->SMTPAuth   = true;                  // enable SMTP authentication
$mail->Host       = "tls://smtp.yourwebsite.com"; // SMTP host
$mail->Port       =  465;                    // set the SMTP port
$mail->Username   = "SMTP_Username";  // SMTP  username
$mail->Password   = "SMTP_Password";  // SMTP password
$mail->SetFrom($from, 'From Name');
$mail->AddReplyTo($from,'From Name');
$mail->Subject    = $subject;
$mail->MsgHTML($body);
$address = $to;
$mail->AddAddress($address, $to);
$mail->Send(); 
}
?>

6.activation.php
Contains PHP code, here based on activations code user status updating from 0 to1


<?php
include 'db.php';
$msg='';
if(!empty($_GET['code']) && isset($_GET['code']))
{
$code=mysqli_real_escape_string($connection,$_GET['code']);
$c=mysqli_query($connection,"SELECT uid FROM users WHERE activation='$code'");

if(mysqli_num_rows($c) > 0)
{
$count=mysqli_query($connection,"SELECT uid FROM users WHERE activation='$code' and status='0'");

if(mysqli_num_rows($count) == 1)
{
mysqli_query($connection,"UPDATE users SET status='1' WHERE activation='$code'");
$msg="Your account is activated";
}
else
{
$msg ="Your account is already active, no need to activate again";
}

}
else
{
$msg ="Wrong activation code.";
}

}
?>
//HTML Part
<?php echo $msg; ?>

7.Email Verification
An email verification Link will be sent to the user emailid.
8) .htaccess

URL redirection script it turns
http://yourwebsite_name.com/activation.php?code=ACTIVATION_CODE
to
http:// yourwebsite_name.com/activation/ACTIVATION_CODE
RewriteEngine On

RewriteRule ^activation/([a-zA-Z0-9_-]+)$ activation.php?code=$1
RewriteRule ^activation/([a-zA-Z0-9_-]+)/$ activation.php?code=$1

9.CSS code


body
{
font-family: "Helvetica",Arial,sans-serif;
font-weight: 500;
color:#333;
}
label
{
width:100px;
display:block;
font-weight:bold;
color:#666666;
}
#main
{
margin:0 auto;
width:800px;
}
.input
{
padding:10px;
font-size:14px;
border:1px solid #999999;
width:200px;
margin-bottom:10px;
}
.button {
padding:10px;
background-color: #5fcf80 !important;
border-color: #3ac162 !important;
}
.msg
{
font-size:11px;
color:#666;
padding:10px;
}