On PHPMaster.com there's a new tutorial posted showing you how to generate one-time use URLs that could be used for various things across an application, including things like account verification links.
A one-time URL is a specially crafted address that is valid for one use only. It's usually provided to a user to gain privileged access to a file for a limited time or as part of a particular activity, such as user account validation. In this article I'll show how to generate, implement, and expire one-time URLs.
Included in the post is the SQL to create a sample "pending_users" table that includes a "token" column for storing the generated hash. Code is also included for generating the hash and checking the incoming URL to see if it matches the requested user (and hasn't expired).
As a matter of general house keeping you could write a secondary script to keep expired tokens from accumulating in the database if a user never follows them. The script could be run periodically by an administrator, or preferably set up as a scheduled task or cron job and run automatically.
Link: http://phpmaster.com/generating-one-time-use-urls
没有评论:
发表评论