Login user behavior.. can it only do usernames or can it also use emails?

Report · Jul 27, 2009

hello,

I began working with the logged in user behavior today, and it appears that it can only login via usernames when I want to login via e-mail addresses.

If you could help me out at all it would be very appreciated.

Thanks in advance.

Report · Jul 27, 2009

A username can be whatever you want it to be - if you want your usernames to be email addresses then go ahead and do that. If going that route I would recommend using a script that makes sure the registered "username" is an email address and also an activation script that sends and email to the username (email address) that updates the table when the user clicks on the generated URL in the account activation email.

In Response To DwFAQ · Jul 27, 2009

thanks dwfaq. I am not sure how to write such a script you described above. I'm studying PHP hours per day but I'm still a newbie. Could you give me any links or helpful tips? Thanks

In Response To the_missing_link · Jul 27, 2009

Heya,

Not to be rude but the very best tip you'll ever receive - EVER is search is your friend. With that tip all you need to know is what to search for and you'll most likely find it. For instance if you googled php check email script or something similar you might find what you're looking for.

To check email addresses I'd use a regular expression and for the activation it's pretty straight forward...

Basically you have a DB table field that is named "activated" or something similar. By default the table is entered with the value "0" or "no" etc. After the registration use a script to send an email to the email address. The email should have a link with dynamic URL parameter of registered users id/foreign key/etc. that goes to a page (activate.php) with an UPDATE query that updates the record based on the URL parameter. If you take this one step at a time it's actually very simple to setup. The activate.php will have a filtered query that updates table field "activated" where variable for $_GET['url_param'] = DB for registered users id/foreign key/etc. This will find the record for the user that is being activated through their id and update their activated table field from 0" or "no" to "1" or "yes". Sorry I couldn't describe more but I am too busy to write it all out and it should be enough to go on anyway. The URL parameter could be circumvented by having someone simply visit the URL to activate a user so a randomly-generated foreign key is recommended for the URL parameter on the activate.php page.

In Response To DwFAQ · Jul 27, 2009

Thank you very much. Your post wasn't rude at all. You gave me a lot of

information to research and its very helpful. Thank you, have a nice day.

In Response To the_missing_link · Jul 27, 2009

Heya,

I also wanted to remind you to use a check if username exists script on your registration page to avoid multiple users choosing the same username. You can use the server behavior for this (recommended) and there's also a client side method that uses php and spry to check chosen username in real time without page reload. Look at the demo on http://DwFAQ.info/signup_demo.php to see what I'm talking about. There's a link to show how it's done on the demo page.

You can also use spry validation to check that a correct email syntax is entered into a text field. Look at the source for the third example on this page. Just remember to use server side validation in combination with any spry validation you may use because spry validation can be bypassed by disabling javascript but for those that have javascript enabled it saves time in avoiding having to reload the page upon unsuccessful server side validation.

Hope that helps!

In Response To DwFAQ · Jul 27, 2009

Thank you that was very helpful.I'm sure you've taken the necessary

precautions to protect your script. I didn't see anything in the tutorial

about server-side validation only JavaScript validation. I know the

JavaScript validation\server side validation is a very controversial

subject. Thank you for posting that helpful link all the information you've

shared with me has been very, very helpful .

In Response To the_missing_link · Jul 27, 2009

http://www.developer.com/lang/php/article.php/3290141

They're pretty much all the same. I googled "php email validation" to find the answer. All the articles are pretty much the same in that they use a regular expression to validate email syntax then use getmxrr() function to determine if the domain name is valid through MX record existence. After that use a if/else statement to determine if email is valid then process registration else return error message. It's really easy to do if you just follow the steps and understand the concept of what is being done as you go along. Setup the email validation code then dump your registration script in the if region of the email validation script and put an error message or redirect in the else region.

Hope that helps!

In Response To DwFAQ · Jul 28, 2009

www.DwFAQ.info wrote:
All the articles are pretty much the same in that they use a regular expression to validate email syntax then use getmxrr() function to determine if the domain name is valid through MX record existence.

According to the PHP manual getmxrr() should not be used for the purposes of address verification. Even if you do decide to use it, it's worth pointing out the getmxrr() does not work on Windows servers unless they're running a minimum of PHP 5.3. I know that most PHP servers run on Linux, but quite a few hosting companies use Windows, and probably have not yet upgraded to 5.3.

In Response To David_Powers · Jul 28, 2009

Thanks for replying to my thread David. I did experience some troubles with

the getmxrr command. I just ordered your book on PHP so I hope I can learn

even more. Your first book on DWCS4 and php taught me a lot!

Login user behavior.. can it only do usernames or can it also use emails?

1 Correct answer