最近、正常に動作するログインおよび登録スクリプトを作成しましたが、スパマーからより安全にしたいので、メール検証システムの作成方法を誰か知っているかどうか疑問に思っていました.
このスクリプトにメール検証を追加するにはどうすればよいですか。これが理にかなっていることを願っています
<?php
require("php/bp-connection.php");
if(!empty($_POST))
{
if(empty($_POST['username']))
{
die("Please enter a username.");
}
if(empty($_POST['password']))
{
die("Please enter a password.");
}
if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
{
die("Invalid E-Mail Address");
}
$query = "
SELECT
1
FROM users
WHERE
username = :username
";
$query_params = array(
':username' => $_POST['username']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if($row)
{
die("This username is already in use");
}
$query = "
SELECT
1
FROM users
WHERE
email = :email
";
$query_params = array(
':email' => $_POST['email']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if($row)
{
die("This email address is already registered");
}
$query = "
INSERT INTO users (
username,
password,
salt,
email
) VALUES (
:username,
:password,
:salt,
:email
)
";
$salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647));
$password = hash('sha256', $_POST['password'] . $salt);
for($round = 0; $round < 65536; $round++)
{
$password = hash('sha256', $password . $salt);
}
$query_params = array(
':username' => $_POST['username'],
':password' => $password,
':salt' => $salt,
':email' => $_POST['email']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
header("Location: login.php");
die("Redirecting to login.php");
}
?>
<html lang="en">
<head>
<title>Register | BinaryPaw</title>
<link rel="shortcut icon" href="favicon.ico" type="icon" />
<link rel="stylesheet" href="css/bp-grid.css" type="text/css" />
<link rel="stylesheet" href="css/bp-styles.css" type="text/css" />
</head>
<body>
<?php
include 'php/bp-siteBar.php';
?>
<div class="container">
<?php
include 'php/bp-sideBar.php';
?>
<div class="span4">
<h1>User Registration</h1>
<form action="register.php" method="post">
<div class="space1">
<label>Username</label>
</div>
<div class="space2">
<input type="text" name="username" class="username" value="" />
</div>
<div class="space1">
<label>Email</label>
</div>
<div class="space2">
<input type="text" name="email" class="email" value="" />
</div>
<div class="space1">
<label>Password</label>
</div>
<div class="space2">
<input type="password" name="password" class="password" value="" />
</div>
<div class="space3">
<input type="submit" class="submit" value="Register" />
</div>
</form>
</div>
<div class="space3"></div>
<div class="span10" id="footer">
<h6>Created by Mathew Berry ©2013 </h6>
</div>
</div>
</body>