Simple Email Validation

Demonslay · 08-26-2006, 05:58 PM

This is the official support topic of the Simple Email Validation tutorial at Webdesigndev.com

Simple Email Validation

Alright, in this tutorial I will teach you a small version of how to implement email verification for registration to a certain service, such as a newsletter, membership, etc.
Keep in mind this most probably isn't 100% secure, but it is about as close as it gets, other than serializing, hashing, and lengthening the code and all of that of course.

First, let's get a little preview at the code at hand that we will be working with.

Code:

<?php
// Function checks
function emailChecker($email){
	global $check_result; // Make our result able to be used anywhere from the script
	$check = "SELECT id FROM subscribers WHERE email = '$email'"; // Try to check the data against the database
	$check_result = mysql_query($check) or die(mysql_error()); // Query or kill the script and print error
	if(!mysql_num_rows($check_result))	return false; // If no results are found, return false
	else	return true; // Otherwise, return true
}
function verificationChecker($email, $code){
	global $check_result; // Make our result able to be used anywhere from the script
	$check = "SELECT id FROM subscribers WHERE email = '$email' AND verification_code = '$code'"; // Try to check the data against the database
	$check_result = mysql_query($check) or die(mysql_error()); // Query or kill the script and print error
	if(!mysql_num_rows($check_result))	return false; // If no results are found, return false
	else	return true; // Otherwise, return true
}

if(!$_POST){ // If no post data is present
	if(!$_GET['email'] && !$_GET['code']){ // If no email and code are awaiting validation, give the form
?>
Subscribe to our newsletter today!

<form method="POST" action="<?php echo $PHP_SELF; ?>">
	Email: <input type="text" name="email" size="40" />
	<input type="submit" value="Subscribe!" />
</form>
<?php
	}
	else{ // Otherwise, validate the email and code given by the link
		$email = trim($_GET['email']); // Get the email
		$code = trim($_GET['code']); // Get the code
		if(!emailChecker($email)){ // Check if email is even awaiting validation
			echo 'Error! Email Not Subscribed!This email has not been signed up for verification.'; // Echo the problem
		}
		elseif(!verificationChecker($email, $code)){ // Then check if the code matches
			echo 'Error! Invalid Verification Code!Incorrect verification code.'; // Echo the problem
		}
		else{ // Otherwise, go ahead and verify the email
			require('connect.php'); // Connect to the database
			$id = mysql_result($check_result, 0, 'id'); // Get the id from our result in our checker functions
			$verify_email = "UPDATE subscribers SET verified='TRUE' WHERE id = '$id'"; // Set the verified field to true
			$result = mysql_query($verify_email) or die(mysql_error()); // Query or kill the script and print error
			mysql_close(); // Close the database connection
			echo 'Email Validated!Your email has been verified by email You are now verified as a member!'; // Echo successful verification!
		}
	}
}
else{ // Otherwise, if there IS post data
	require('connect.php'); // Connect to the database
	function randomCode(){ // Random code function I found from a random zite =P
		$alphabet = "abcdefghijklmnopqrstuvwxyzZ0123456789";
		srand((double)microtime()*100000);
		$i = 0; // Set $i for the loop
		while($i <= 7){
			$num = rand() % 27;
			$a_Rand = substr($alphabet, $num, 1);
			$security = $security.$a_Rand;
			$i++;
		}
		return $security;
	}
	$email = trim($_POST['email']); // Get the email address
	$subject = 'Email Verification'; // Give a subject so the person knows what this email is about
	$message = 'Thank you for your subscription request! To subscribe, simply click the link provided below.'; // Give some instructions as to what this is
	$verification_code = randomCode().randomCode(); // Generate the random code twice, and string it together
	$insert_unverified = "INSERT INTO subscribers VALUES(NULL, '$email', '$verification_code', 'FALSE')"; // Insert email and code into database
	mysql_query($insert_unverified) or die(mysql_error()); // Query or kill the script
	$message .= "\nhttp://yoursite.com/subscribe.php?email=".$sendto.'&code='.$verification_code; // Give the link for the person to verify their account
	mysql_close(); // Close the database connection
	
	mail($sendto, $subject, $message); // Send the email!
	
	echo 'A confirmation email has been sent to your email. Simply click the link in the email to verify your account.'
}

It may look a tad intimidating now, but it really isn't if you take it one line at a time, and take note of the comments. This took longer to plan than it did to work with!
This is actually a very dumbed down version of the newsletter subscription script I coded that is available here at Webdesigndev!

First off though, we have to make sure we have a database set up for our subscriptions. A simple 3 column table will be exactly what we will need; one for an uto-incrementing id, one for email addresses, and one for the verification code. By now I am assuming you know how to do this.
Also, you will need to connect to the database with the mysql_connect() and mysql_select_db() functions. I assume you have this established, and always choose to make a seperate file for this so I can use it for any script on a site. In this example, I use the line require('connect.php'); so that the script will automatically terminate if the file cannot be found on the server (save the trouble of possibly echoing vital information if the connection wasn't established anyways!).
Alright, lets jump to it then!

First, we declate a few simple functions that will help us later on. We also open up the PHP tags.
To be honest, I found part of this function on a website which I cannot remember, and edited it a bit to make it simpler to understand.

Code:

<?php
// Function checks
function emailChecker($email){
	global $check_result; // Make our result able to be used anywhere from the script
	$check = "SELECT id FROM subscribers WHERE email = '$email'"; // Try to check the data against the database
	$check_result = mysql_query($check) or die(mysql_error()); // Query or kill the script and print error
	if(!mysql_num_rows($check_result))	return false; // If no results are found, return false
	else	return true; // Otherwise, return true
}
function verificationChecker($email, $code){
	global $check_result; // Make our result able to be used anywhere from the script
	$check = "SELECT id FROM subscribers WHERE email = '$email' AND verification_code = '$code'"; // Try to check the data against the database
	$check_result = mysql_query($check) or die(mysql_error()); // Query or kill the script and print error
	if(!mysql_num_rows($check_result))	return false; // If no results are found, return false
	else	return true; // Otherwise, return true
}

The two are pretty much identical, only one checks for just the email, while the other checks both the email and the code.
Reading the comments, should be quite self-explanatory.

Now, let's open up the page by actually giving a form for the user to submit their email.
Before we do that however, we must check if there is POST data, because otherwise we would need to do something with that data.

Code:

if(!$_POST){ // If no post data is present

We then check that there is not an email and verification code to be validated, since we will be using GET data to validate the verification.

Code:

if(!$_GET['email'] && !$_GET['code']){ // If no email and code are awaiting validation, give the form

Alright, now we can display the form. For easy display, and for the sake of clarity, it is usually easier to exit the PHP code and print simple HTML so we don't have to sift through and escape any quotes, characters, etc.

Code:

?>
Subscribe to our newsletter today!

<form method="POST" action="<?php echo $PHP_SELF; ?>">
Email: <input type="text" name="email" size="40" />
<input type="submit" value="Subscribe!" />
</form>

Just a generic form with a text field for the email, and a submit button; nothing fancy.
Now that we have put up a form, and since we are still in an if conditional saying that no POST data is present, we might as well validate our email and code.
We start off by opening another PHP block and closing the last if conditional (the one our form should be displayed with if no email or verification data are present). We then set up an else statement, saying that if there is an email and verification code supplied in the URL, then we should start executing this code.

Code:

<?php
	}
	else{ // Otherwise, validate the email and code given by the link

Now, we will grab our email and code data from the URL, and use the trim function just to make sure no extra spaces were slapped on somehow.

Code:

$email = trim($_GET['email']); // Get the email
$code = trim($_GET['code']); // Get the code

Now, we will first make sure the email is even in the database and waiting for verification, using our handy little function we defined earlier.

Code:

if(!emailChecker($email)){ // Check if email is even awaiting validation
echo 'Error! Email Not Subscribed!This email has not been signed up for verification.'; // Echo the problem
}

If it is, then we check to make sure the verification code is correct with our other handy function we defined earlier.

Code:

elseif(!verificationChecker($email, $code)){ // Then check if the code matches
echo 'Error! Invalid Verification Code!Incorrect verification code.'; // Echo the problem
}

Alright, now if this block proves false, then the email and code pair are valid, so we can go ahead and verify them.
We also close up the conditional saying that email and code data needed validation, and the conditional saying that there is no POST data present.

Code:

else{ // Otherwise, go ahead and verify the email
require('connect.php'); // Connect to the database
$id = mysql_result($check_result, 0, 'id'); // Get the id from our result in our checker functions
$verify_email = "UPDATE subscribers SET verified='TRUE' WHERE id = '$id'"; // Set the verified field to true
$result = mysql_query($verify_email) or die(mysql_error()); // Query or kill the script and print error
mysql_close(); // Close the database connection
echo 'Email Validated!Your email has been verified by email You are now verified as a member!'; // Echo successful verification!
}
}
}

First, we simply connect to our database, and find out what the id of the successful query was back when we were validating the code with the functions earlier defined. We then set up a query to update our 'verification' column, to say that the user has been successfully verified. We then close the database connection, and echo the success.

We're almost there! Now all we have to do is send an email and generate a verification code for them.
First we must open a connection to our database. Also here, we can use a randomizer function. A quick search on Google will give you plenty of good random code functions, but I chose this one for its simplicity. It may not be the most random out there, but it works for me.

Code:

require('connect.php'); // Connect to the database
function randomCode(){
$alphabet = "abcdefghijklmnopqrstuvwxyzZ0123456789";
srand((double)microtime()*100000);
$i = 0;
while($i <= 7) {
$num = rand() % 27;
$a_Rand = substr($alphabet, $num, 1);
$security = $security.$a_Rand;
$i++;
}
return $security;
}

This is one of the only parts of the code I cannot explain 100%. A quick Google search may result in the forum I found this function from. All that matters here is it generates a random code 8 digits long.
This next block of code is simply setting some variables for our email, such as where to send it, the subject, and our message.

Code:

$email = trim($_POST['email']); // Get the email address
$subject = 'Email Verification'; // Give a subject so the person knows what this email is about
$message = 'Thank you for your subscription request! To subscribe, simply click the link provided below.'; // Give some instructions as to what this is

Now, we will take our randomCode() funtion and make a random code for our verification code. I chose to do it twice and string it together, just for the heck of it. You can choose to do whatever function or method you want to randmize your code more if you need.

Code:

$verification_code = randomCode().randomCode(); // Generate the random code twice, and string it together

Now we can make our query. Here we are simply inserting the email, verification code, and a 'FALSE' to our verified column.

Code:

$insert_unverified = "INSERT INTO subscribers VALUES(NULL, '$email', '$verification_code', 'FALSE')"; // Insert email and code into database
mysql_query($insert_unverified) or die(mysql_error()); // Query or kill the script

Now we can give the person the link in order to verify their account. It simply takes the email and verification code and puts it into the URL for the script to retrieve it and check it, which we already did in the last conditional. We can also now close our database since we won't need it anymore.

Code:

$message .= "\nhttp://yoursite.com/subscribe.php?email=".$sendto.'&code='.$verification_code; // Give the link for the person to verify their account
mysql_close(); // Close the database connection

Almost done! Now all we have to do is email the verification email, and echo a success! Then we can close our last conditonal, and our PHP block.

Code:

mail($sendto, $subject, $message); // Send the email!
echo 'A confirmation email has been sent to your email. Simply click the link in the email to verify your account.'
}
?>

And we are now done!
Try and experiment, and have fun verifying your members before they sign up for your services!
For extra credit, make email verification for unsubscription too!

Michael · 08-26-2006, 06:02 PM

Great tutorial, looks great on webdesigndev, as you said, im 4years older then you but your 20 years ahead

Charlie · 09-07-2006, 10:33 AM

lmao :P I love the 'Simple' Email Validation, i was just scrolling down and thought it'd never end :P

jcmurphy · 03-21-2007, 09:49 AM

having trouble with the code.

after creating the database, personalising the fields etc and trying to run the script, i get some errors in regards to the section of code that connects to the database. I have created a connect.php file with the particulars in it... my problem is that i get an error relating to the $security field not being defined.... any ideas. have i missed out a descriptor in the connect.php file.

thanks

Jason

08-26-2006, 06:02 PM	#2 (permalink)
Michael Status: Senior Member Join Date: Aug 2006 Posts: 255 Trader Rating: (0) TD$: 0.00 Donate	Re: Simple Email Validation Great tutorial, looks great on webdesigndev, as you said, im 4years older then you but your 20 years ahead

09-07-2006, 10:33 AM	#3 (permalink)
Charlie Status: Junior Member Join Date: Sep 2006 Posts: 16 Trader Rating: (0) TD$: 0.00 Donate	Re: Simple Email Validation lmao :P I love the 'Simple' Email Validation, i was just scrolling down and thought it'd never end :P

03-21-2007, 09:49 AM	#4 (permalink)
jcmurphy Status: Junior Member Join Date: Mar 2007 Posts: 1 Trader Rating: (0) TD$: 0.00 Donate	Re: Simple Email Validation having trouble with the code. after creating the database, personalising the fields etc and trying to run the script, i get some errors in regards to the section of code that connects to the database. I have created a connect.php file with the particulars in it... my problem is that i get an error relating to the $security field not being defined.... any ideas. have i missed out a descriptor in the connect.php file. thanks Jason

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Wordpress Themes by ben.johnson	Ben.Johnson	Web Design Resources	225	12-08-2008 09:12 AM
Free Wordpress Theme - Simple Weblog	techfreaks	Web Design Resources	0	07-26-2008 01:18 PM
Simple logo - photoshop	Math	Graphics Tutorials	3	12-26-2006 03:38 PM