> Yes i thought about this approach. But problem is that i need to make > access only through email, without restrictions in visit count.
In that case don't check for a key's count, jsut allow it. Still use a key though, ideally random per email sent out, something like: $key = substr(md5($user['User']['name'].$user['User']['email']), 0, 20); Only a really keen individual will bother trying to guess your hash key, so only valid urls will work. I don't see how you can stop people from passing the urls around though if they can be used more than once. You can spoof the referrer, so I really don't know how you could police it effectively. hth jon -- jon bennett w: http://www.jben.net/ iChat (AIM): jbendotnet Skype: jon-bennett --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
