PHP Email Verification

If you have any type of website where a user signs up and enters an email address, you must verify that this is in fact their email address. Otherwise, you could find yourself in trouble for emailing someone who didn’t want you to email them.

These code snippets are only a portion of what you’d need. Of course you’d need some sort of HTML forms, and database, but you should be able to figure out how they work together easy enough.

Send The Email

<?
if ($action == "submit") {
$code = "Secret Code $email here";
$good = substr(md5($code),8,5);
mail($email, "Your Verification Code",
     "Please click the following URL to verify your email:\n\n".
     "http://www.mysite.com/verify.php?v=$good&email=$email\n\n".
     "Thanks Again!","From: \"My Name\" <[email protected]>");
echo "We've sent an email to verify your account.".
     " Simply click the link and you're all set.";
exit();
}
?>

This piece of code creates a verification code ($good) from a 5 character chunk of an MD5 hash of a secret code ($code). Note that $code contains the email address to be verified. It then just sends a link to the user and says to click it.

The verify code

<?
$code = "Secret Code $email here";
$good = substr(md5($code),8,5);

if ($v != $good) {
    echo "The Verification Code is invalid. Please Try Again.";
    exit();
}

echo "Congratulations, You've been verified.";
?>

It is as simple as generating the same verification code from a secret code. Note that if register_globals is off, you’ll have to use $_GET[“email”] instead of $email.