PHP Email Verification Script

Database Sample database users table contains four columns uid, email, password, activation and status. CREATE TABLE IF NOT EXISTS `users` ( `uid` int(11) NOT NULL AUTO_INCREMENT, `email` varchar(300) NOT NULL UNIQUE, `password` varchar(300) NOT NULL, `activation` varchar(300) NOT NULL UNIQUE, `status` enum('0','1') NOT NULL DEFAULT '0', PRIMARY KEY (`uid`) ) HTML Code Contains simple HTMl code. <form action="" method="post"> <label>Email</label> <input type="text" name="email" class="input" autocomplete="off"/> <label>Password </label> <input type="password" name="password" class="input" autocomplete="off"/><br/> <input type="submit" class="button" value="Registration" /> <span class='msg'><?php echo $msg; ?></span> </form> db.php Database configuration file, modify username, password, database and base url values. <?php define('DB_SERVER', 'localhost'); define('DB_USERNAME', 'username'); define('DB_PASSWORD', 'password'); define('DB_DATABASE', 'database'); $connection =@mysqli_connect(DB_SERVER,DB_USERNAME,DB_PASSWORD,DB_DATABASE); $base_url='http://www.youwebsite.com/email_activation/'; ?> index.php Contains PHP code, storing user registration values into users table. Here activation code generation using MD5 encryption. <?php include 'db.php'; $msg=''; if(!empty($_POST['email']) && isset($_POST['email']) && !empty($_POST['password']) &&  isset($_POST['password']) ) { // username and password sent from form $email=mysql_real_escape_string($_POST['email']); $password=mysql_real_escape_string($_POST['password']); // regular expression for email check $regex = '/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/'; if(preg_match($regex, $email)) { $password=md5($password); // encrypted password $activation=md5($email.time()); // encrypted email+timestamp $count=mysqli_query($connection,"SELECT uid FROM users WHERE email='$email'"); // email check if(mysqli_num_rows($count) < 1) { mysqli_query($connection,"INSERT INTO users(email,password,activation) VALUES('$email','$password','$activation')"); // sending email include 'smtp/Send_Mail.php'; $to=$email; $subject="Email verification"; $body='Hi, <br/> <br/> We need to make sure you are human. Please verify your email and get started using your Website account. <br/> <br/> <a href="'.$base_url.'activation/'.$activation.'">'.$base_url.'activation/'.$activation.'</a>'; Send_Mail($to,$subject,$body); $msg= "Registration successful, please activate email."; } else { $msg= 'The email is already taken, please try new.'; } } else { $msg = 'The email you have entered is invalid, please try again.'; } } // HTML Part ?> Send_Mail.php Sending email function, just modify SMTP host, username and password. Here you can use GMail SMTP details for testing click here to see GMail SMTP article. <?php function Send_Mail($to,$subject,$body) { require 'class.phpmailer.php'; $from       = "from@yourwebsite.com"; $mail       = new PHPMailer(); $mail->IsSMTP(true);            // use SMTP $mail->IsHTML(true); $mail->SMTPAuth   = true;                  // enable SMTP authentication $mail->Host       = "tls://smtp.yourwebsite.com"; // SMTP host $mail->Port       =  465;                    // set the SMTP port $mail->Username   = "SMTP_Username";  // SMTP  username $mail->Password   = "SMTP_Password";  // SMTP password $mail->SetFrom($from, 'From Name'); $mail->AddReplyTo($from,'From Name'); $mail->Subject    = $subject; $mail->MsgHTML($body); $address = $to; $mail->AddAddress($address, $to); $mail->Send(); } ?> activation.php Contains PHP code, here based on activations code user status updating from 0to 1. <?php include 'db.php'; $msg=''; if(!empty($_GET['code']) && isset($_GET['code'])) { $code=mysql_real_escape_string($_GET['code']); $c=mysqli_query($connection,"SELECT uid FROM users WHERE activation='$code'"); if(mysqli_num_rows($c) > 0) { $count=mysqli_query($connection,"SELECT uid FROM users WHERE activation='$code' and status='0'"); if(mysqli_num_rows($count) == 1) { mysqli_query($connection,"UPDATE users SET status='1' WHERE activation='$code'"); $msg="Your account is activated"; } else { $msg ="Your account is already active, no need to activate again"; } } else { $msg ="Wrong activation code."; } } ?> //HTML Part <?php echo $msg; ?> Email Verification .htaccess URL redirection script it turns http://website.com/activation.php?code=ACTIVATION_CODE to http://website.com/activation/ACTIVATION_CODE RewriteEngine On RewriteRule ^activation/([a-zA-Z0-9_-]+)$ activation.php?code=$1 RewriteRule ^activation/([a-zA-Z0-9_-]+)/$ activation.php?code=$1 CSS code body { font-family: "Helvetica",Arial,sans-serif; font-weight: 500; color:#333; } label { width:100px; display:block; font-weight:bold; color:#666666; } #main { margin:0 auto; width:800px; } .input { padding:10px; font-size:14px; border:1px solid #999999; width:200px; margin-bottom:10px; } .button { padding:10px; background-color: #5fcf80 !important; border-color: #3ac162 !important; } .msg { font-size:11px; color:#666; padding:10px; }