CoverYourASP --> Adding member services --> Part 2

Free membership

Join in the fun! Sign in
Member Services

Site navigation
Download the entire site!
Search my articles
Free Magazines
Browse the directory

Send me feedback
Buy my boxer shorts

Recommend this page
Printer-friendly page

Resources I recommend
Link to my site
Advertising slashed!
About your privacy
Legal stuff
Site statistics
26 active users
2322 visitors today
2015 pages today
(only part of today)
Tools I use

Copyright © 1999-2016 James Shaw.
All rights reserved.

RSS submissions

Now open source with SourceForge!

Email validation of membership changes
I wanted to validate the creation and deletion of members via email, and I wanted it to be automatic. A simple email to me wasn't good enough, but I didn't want to develop an application that listened to email coming in either.

I compromised by sending the member an email that contained a link to a new confirm page, named C.asp. The user has to click on the link (if their email client supports that), or cut/paste the link into their browser.

The email I send to confirm a new user was created with this code:

// send Email with our generic function
var sBody = 'Dear ' + sName + '\n\n';

sBody += 'To complete the registration of your CoverYourASP membership account please click on the link below, or copy and paste the entire URL into your browser.\n\n';
sBody += '' + sEmail + '&i=' + nID + '\n\n';
sBody += 'Regards,\n';
sBody += '[email protected]\n';
sBody += '';

SendEmail ( 'MemberServices@' + sHostDomain, sEmail, '', 'New membership', sBody );

This generates an email that contains this line:;[email protected]&i;=7

(Note: Many email clients will suffer from a "wrap" problem, meaning the hyperlink they show will only include the part of the URL on the first line. In this case the user must use the cut/paste method to use the entire URL)

C.asp in turn has the following code to decode that URL and perform the task of setting the Confirmed flag in the member record.

var sAction = '' + Request.QueryString ( 'a' );
var sEmail = '' + Request.QueryString ( 'e' );
var nID = Request.QueryString ( 'i' ) - 0;

switch ( sAction )
case 'a':
   DBInitConnection ( );

   // set the confirmed status on the membership
   oConnection.Execute ( 'UPDATE Members SET Confirmed=1 WHERE MemberID=' + nID + ' AND Email="' + sEmail + '"' );

   DBReleaseConnection ( );

One last note - C.asp doesn't bother reporting if the parameters given were invalid. If the Email doesn't match the given ID then the database won't be modified thanks to the SQL statement used.

Part 3: Signing in and out...

Featured sponsor
My favorite resources

Qualify for Free Trade Magazines

Free subscriptions to industry leading publications for those who qualify!

CoverYourASP Mugs, T-shirts, caps - even Boxer shorts...
I don't make a penny from these, but they're a lot of fun! Don't you need a new mouse mat?