[Phplib-users] Re: [phplib] preexisting auth integration
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
[Phplib-users] Re: [phplib] preexisting auth integration
|
From: Guillaume D. <gde...@pr...> - 2001-08-23 17:50:28
|
> I see that most applications > that require an email confirmation for a registration, tend to keep a > separate file/table for pending_subs, and only after clearing that, the > actual registration takes place. I've developed a two-phase email registration with by integrating email and a state field in the auth_user table... When the user registers his account I don't demand the password... and I store a random password for him in the table... with the state flag to "unregistered"... Then the user receive an email with the password. He can use the password just one time to avoid "email piracy" : when he connects with the temporary password and the state "unregistered", I change the password automatically and force the user to put its own password before he can do anything... then I store the good password and I turn the state flag to "registered"... To do that I've not modified the auth class... just create an extend class in my local.inc... Guillaume |
