Hi,
I have an web application to register users with username, password, email,
etc...
I the database i have a field with name: "activate" that its a bit field, 1
account activated, 0 account not activated...
My application works well, when a user wants to registers complete the form,
add this user to the database, and if the user is added, sends an email to
the account that the user put in the form.
In this email i put a link with the querystring id="xxx" and when the user
clicks in this link the user is activated and from that moment the user can
make log-in into the portal...
My question is:
I would like to encrypt the querystring to avoid that any user knows how the
activation of a user works...
What kind of encrypt its better to use in this case?
Any advice would be grateful?
-----------
Thanks.
Regards.
Josema.
2  1013 
Generate a very random string (like sequence of 20 random characters)
and then store that in a database table along with the user id. Make
sure it's unique (being a little paranoid here, but always good to
check to make sure that you don't hit the 1 in 10000000000000000...
chance that the string is the same as one generated earlier).
Send that random string to the user in the e-mail and then in the apsx
page look up the user based on this key. When found, activate the
user, and remove the random string from the database table (it's no
longer needed).
HTH,
Sam
On Fri, 18 Mar 2005 09:01:08 -0800, Josema <Je******@ocu.org> wrote: Hi,
I have an web application to register users with username, password, email,
etc...
I the database i have a field with name: "activate" that its a bit field, 1
account activated, 0 account not activated...
My application works well, when a user wants to registers complete the form,
add this user to the database, and if the user is added, sends an email to
the account that the user put in the form.
In this email i put a link with the querystring id="xxx" and when the user
clicks in this link the user is activated and from that moment the user can
make log-in into the portal...
My question is:
I would like to encrypt the querystring to avoid that any user knows how the
activation of a user works...
What kind of encrypt its better to use in this case?
Any advice would be grateful?
-----------
Thanks.
Regards.
Josema.
B-Line is now hiring one Washington D.C. area VB.NET
developer for WinForms + WebServices position.
Seaking mid to senior level developer. For
information or to apply e-mail resume to
sam_blinex_com.
Thanks Samuel, it helps me a lot.
Kind Regards.
josema.
"Samuel R. Neff" wrote:
Generate a very random string (like sequence of 20 random characters)
and then store that in a database table along with the user id. Make
sure it's unique (being a little paranoid here, but always good to
check to make sure that you don't hit the 1 in 10000000000000000...
chance that the string is the same as one generated earlier).
Send that random string to the user in the e-mail and then in the apsx
page look up the user based on this key. When found, activate the
user, and remove the random string from the database table (it's no
longer needed).
HTH,
Sam
On Fri, 18 Mar 2005 09:01:08 -0800, Josema <Je******@ocu.org> wrote:
Hi,
I have an web application to register users with username, password, email,
etc...
I the database i have a field with name: "activate" that its a bit field, 1
account activated, 0 account not activated...
My application works well, when a user wants to registers complete the form,
add this user to the database, and if the user is added, sends an email to
the account that the user put in the form.
In this email i put a link with the querystring id="xxx" and when the user
clicks in this link the user is activated and from that moment the user can
make log-in into the portal...
My question is:
I would like to encrypt the querystring to avoid that any user knows how the
activation of a user works...
What kind of encrypt its better to use in this case?
Any advice would be grateful?
-----------
Thanks.
Regards.
Josema.
B-Line is now hiring one Washington D.C. area VB.NET
developer for WinForms + WebServices position.
Seaking mid to senior level developer. For
information or to apply e-mail resume to
sam_blinex_com.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Marcel - IDUG Europe 2005 |
last post by:
Hi DB2 users,
=========================================================================================
We just created a blog dedicated to our upcoming IDUG 2005 Europe
Conference
(24-28...
|
by: Marcel - IDUG Europe 2005 |
last post by:
Last Chance to Register Online for IDUG 2005 - Europe - Register Today
Online registration closes this Friday, 14 October.
https://conferences.idug.org/secure/europe/2005/regform.cfm
...
|
by: aruna |
last post by:
What is the disadvantage of using register
storage class specifier?
|
by: junky_fellow |
last post by:
what is the purpose of declaring a register variable ?
why can't we find the address of register variable ?
|
by: orium69 |
last post by:
hi everyone, i'm wondering if there is a way to have sure that a
variable is allocated in the cache, after its declaration with
"register"? Tks!
|
by: Snis Pilbor |
last post by:
With the "as if" rule in play, doesn't that effectively render the
"register" keyword completely useless?
Example: I make a silly compiler which creates code that goes out of
its way to take a...
|
by: sowmiyakc18 |
last post by:
Please clear my doubt. When do we declare a variable to be a register
variable? What is its significance? What are the conditions to be
adhered to when register variables are passed between...
|
by: Vashna |
last post by:
Hi Group,
I have a doubt about register variables.
I know that if we have a variable used very frequently in a function,
then provided we never apply the & function to it, we can define it as...
|
by: George Lft |
last post by:
ok, first of all, i built my register page using dreamweaver tool which the codes haven been out of control. Now i'm thinking that turning over everything - by using this another set of codes. And...
|
by: RANNA |
last post by:
Say the CPU has only AL, BL, CL, DL or eight 8 bit registers, and if
want to declare 10 register variables in my code, is it possible to do
it?
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |
