Confirmation e-mail question

Results 1 to 2 of 2

Thread: Confirmation e-mail question

  1. #1
    Join Date
    Dec 1969

    Default Confirmation e-mail question

    Hey again :)<BR><BR>I&#039;ve got a system where people can apply for a password to a site. After entering their e-mail address, they are sent an e-mail which includes a link to confirm the subscription, to protect against spamming innocent users.<BR><BR>However, the only way I can think to enter the e-mail into the database is to pass the whole e-mail address as a parameter. So the link in the e-mail would look something like this:<BR><BR><BR><BR>Obviously, I&#039;d put this into the query string using Server.URL.Encode, but to me, this doesn&#039;t seem like a very secure method of validation. It would be very simple to change the e-mail address in the address bar to add a different user.<BR><BR>In some e-mails I receive, similar systems are used, but the e-mail address isn&#039;t passed as a parameter. Instead, a number is used. Something like:<BR><BR><BR><BR>My question is this, since I&#039;m using a virtual host, I can&#039;t schedule scripts to delete redundant records in the database if a user doesn&#039;t confirm his/her subscription within a certain time period. So the result is that I get a bloated database (assuming that the users&#039; e-mails are stored with reference numbers until they confirm, which the record is then moved to a live table and deleted from the temporary table.).<BR><BR>Does anyone have any suggestions?<BR><BR>Thanks in advance,<BR><BR>hellz.

  2. #2
    Join Date
    Dec 1969
    Los Angeles, CA

    Default There are 2 METHODS to send data

    use the "other"<BR><BR><BR>and for the second part of your post...why not schedule a asp page to run once a day or something like that...this page will delete all records that are over a month old which have not been confirmed.<BR><BR><BR><BR>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts