Improve your chat application by adding easy email verification and account activation. This simple process requires just two additional columns in the user table, plus a verification page with background processes. In this guide, I’ll cover everything you need to implement these features seamlessly.
Modification of an existing table in the database
First, add two columns to your user table: one for the activation code and one for the account status. The activation code is a six-digit random number generated during registration. The account status defaults to NULL. During verification, the activation code is set to 0, and the account status changes from NULL to 1, indicating the account is active. This simple enhancement ensures a secure registration process.
Easy Email verification functionality
During registration, an activation code is generated. The data from the registration form, along with the code, are inserted into the user table with the “verification_status” field set to NULL. An email containing the activation code is then sent to the user. While the email can be more detailed, a simple message is sufficient for this purpose. This process ensures a secure and effective user verification system.
The part of the code I’m talking about is:
// create secure password hash $pass = password_hash($password, PASSWORD_DEFAULT); $code = rand(999999, 111111); $insertQuery = mysqli_query($conn, "INSERT INTO users (unique_id, fname, lname, email, password, img, status, code) VALUES ({$random_id}, '{$fname}', '{$lname}', '{$email}', '{$pass}', '{$new_img_name}', '{$status}', {$code})"); if ($insertQuery) { $sql3 = mysqli_query($conn, "SELECT * FROM users WHERE email = '{$email}'"); if (mysqli_num_rows($sql3) > 0) { $row = mysqli_fetch_assoc($sql3); $subject = "Email Verification Code"; $message = "Your verification code is $code"; $sender = "From: email@nenadsky.com"; if(mail($email, $subject, $message, $sender)){ $_SESSION['email'] = $row['email']; echo 'success'; }else{ echo "Failed while sending code!"; } } }
Account activation
After registration, the user is directed to the verification page to enter the code sent via email. Upon entering the code and clicking the verification button, the system checks its validity against the provided email address. If the code is correct, the “verification_status” is updated to 1 (indicating an active user), the “status” field changes to “Active now!”, and the code field is reset to 0. The user can then log in to the chat. Any attempt to log in without activation will redirect the user to the verification page, ensuring a secure process.
$code = 0; $verStatus = 1; $status = 'Active now!'; $sqlAccountActivation = "UPDATE users SET status = '{$status}', code = {$code}, verification_status = {$verStatus} WHERE code = {$otp} AND email = '{$_SESSION['email']}' "; $queryAccountActivation = mysqli_query($conn, $sqlAccountActivation); if ( $queryAccountActivation ) { $_SESSION['unique_id'] = $row['unique_id']; echo 'success'; } else { echo 'Ups! Something went wrong with the query! Error: '. mysqli_error($conn); }
Finally, let me mention one more important thing. User passwords are first encrypted and then inserted into the database – security first 🙂 Code which enables this:
$pass = password_hash($password, PASSWORD_DEFAULT);
A built-in PHP function that encrypts a given string ($ password) with an algorithm that is defined as the second parameter of the function.
Another idea was born while working on this, and that is end-to-end encryption, for maximum data protection and privacy – Punky, Trle, thanks for the idea! 🙂