php - validation link via email

Question

When a user subscribes to my newsletter via their email address, using php, how would I send them an 'Activation Link' via email to confirm it is their email address and not a fake one.

so at the moment I have

PHP:

<?php
 $to = "recipient@example.com";
 $subject = "Hi!";
 $body = "Hi,

How are you?";
 if (mail($to, $subject, $body)) {
   echo "<p>Message successfully sent!</p>";
  } else {
   echo "<p>Message delivery failed...</p>";
  }
 ?>

I guess i would change the $body to this:

$body = "Please click the link to activate your email 

http://www.activationlink.com?";

How would I make it so that if a user clicked that link it would add their details to the Mysql database recognising they are a legitimate subscriber?

Any help or suggestions appreciated. Thanks

Answer 1

What I like to do is:

• Generate a unique, random ID in the registration process

• Store the ID along with the E-Mail address, a "confirmed" field (default: "no") and any additional data in a database table

• Send out the E-Mail with an URL pointing to activate the unique ID (e.g. domain.com/activate.php?id=102939505595

• The activation page checks whether the unique key exists and changes the confirmed field to yes (or 1 or whatever).

• Additionally and optionally, save the confirmation date/time, IP address and user agent.