Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

› WebAssist Forums › General / Announcements › PHP and MySQL › Email / Form authentication

Email / Form authentication

Thread began 1/07/2010 10:29 am by Alan Shaw | Last modified 1/08/2010 10:06 am by Jason Byrnes | 1455 views | 3 replies |

1/07/2010 10:29 am | #1 Alan Shaw

Email / Form authentication

Don't know what this is but I'm sure somebody will.
I'd like to put a new booking form on my site, now that bit is easy, but I'd like to authenticate in some way with a signature.

Currently the customer submits a HTML form where the input is sent to a PHP file, I receive the details via email and at the same time, the customer receives a ‘Thank You’ email.

Now what I would like to do is somewhere along the lines of:
Customer submits form.
I receive form details via email
Customer receives confirmation to the email address submitted.

But then I’d like to add something like a link, whereby the customer has to reply to the link to authenticate that he/she was the person who sent the original email.

This would then act as an electronic signature.

Or do any of you have other / better ideas?

1/07/2010 1:37 pm | #2 Jason ByrnesWebAssist

you would need a database for this.

create a table in the database as follows:
emailID - primary Key
emailAddress - test: This will store the email address
randomString - text: this will store a random string
emailEncrypted - text: This will store an encrypted copy of the email address
verified: int: default value 0: this will be used to verify the email address.

when they fill out the form, store the email address, a random string and the encrypted email address in the database. The default value for the verified column should be set to 0 so any new record created will automatically be set to not verified.

Security Assist has a random password generator that can be used for the random string and SHA1 encryption that can be used to encrypt the email address.

In the email, you will send a link to a verification page, send the random string and the encrypted email as part of this link in querystring variables:
verify.php?rand=<Random String>&em=<encrypted email address>

On the verify.php page, create a recordset that will be used to look up the corect record based on the "rand" and "em" variables to find the value in the emailID column, then use the update record behavior to update the verified column for that record.

1/07/2010 6:15 pm | #3 Alan Shaw

Thanks Jason

Is there an actual term for what I am trying to do?

Is it something already covered in one of WebAssist's packages?

1/08/2010 10:06 am | #4 Jason ByrnesWebAssist

No, not for what you are trying to do.

The closest would be Double Opt In used from Signing up to a news letter or for registration.

In the user registration solution pack, we do something similar:

The user registers and the account status is set to 0.

they are emailed a link to verify the account.

once they have verified the account the account status is updated to 1.

They cannot log into the suite until the account is verified.

This is a bit different than what you are trying to accomplish, but the principles are the same.

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.