Clever Geek Handbook

Generating Unique Strings for PHP Email Activation Links

My question is a bit tricky and couldn't find the right way to effectively formulate it. I'm creating a unique activation string / link that concatenates the hashed username and time in PHP. However, the exact time it receives for the data to be sent to my database and the actual time it takes to send the email activation link to the users' email account is different (maybe in milliseconds and sometimes seconds), and this basically means I have another email activating links from my database and email. Let me show you a piece of code:

$username = $_POST[‘username’];
$table = ‘users’;
$activate_field = ‘activate’;
$activate_code = md5($_POST[‘username’]) +  time(); //provides unique code for activating
//few more lines of code then…
$query = $connect-> prepare("INSERT INTO $table $acivate_field VALUES $activate_code");
$query->execute();

//then the long code for sending the email with the activation code appended to the user’s email account

Is there a better way to generate unique strings every second? Thanks for your time and appreciate any help and / or suggestions. PS I am using phpmailer to send emails.

+3


source to share


3 answers


UUID()

in mysql is better, however uniqid()

in php prefixed with microtime might be a good shot.



+3


source


just write the generated code to a variable and then the variable to mail and database as I see you already have the code stored in the variable before including it in your request



on a side note, you shouldn't go to superglobals like $ _POST as user input can be malicious and for the same reason you should use prepared PDO statements instead of string queries

+2


source


You can md5

with a combination of uniqid

and time

, therefore it will be unique in the same second.

$activate_code = md5(uniqid(time()));
+1


source






More articles:


All Articles