>- see footer for list info -<
I would definitely not use the user id. Can you can use a uuid which is more difficult to guess. With regards to rendering the link useless after it has been used for the first time why don't you have a table that links the uuid with the userid and once the link has been clicked remove the record? Sent using BlackBerry® from Orange
-----Original Message----- From: Paul Swingewood <[email protected]> Date: Tue, 16 Jun 2009 10:54:52 To: <[email protected]> Subject: [CF-Dev] Is this right? >- see footer for list info -< Hi all, A fairly simple task i guess but is this the right way to do it. I have a form where bod fills in some personal details, email address and a username. Sysytem then emails the email address and send a verification link. User follows link and then enters a password to use the system in the future. So, What is in the link? Do I include the userID - www.thesite.co.uk?id=1 (but encrypt it) www.thesite.co.uk?...@$%$£%^^gh something like that? This will tell me who the user is. Should i be suing session variables for this? If so how? I'm not sure of the correct process to do this? Also how do I render the link useless once it has been used. Flag in the database? Any suggestions or examples? Regards - Paul _______________________________________________ For details on ALL mailing lists and for joining or leaving lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo -- CFDeveloper Sponsors:- >- cfdeveloper Hosting provided by www.cfmxhosting.co.uk -< >- Lists hosted by www.Gradwell.com -< >- CFdeveloper is run by Russ Michaels, feel free to volunteer your help -<
_______________________________________________ For details on ALL mailing lists and for joining or leaving lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo -- CFDeveloper Sponsors:- >- cfdeveloper Hosting provided by www.cfmxhosting.co.uk -< >- Lists hosted by www.Gradwell.com -< >- CFdeveloper is run by Russ Michaels, feel free to volunteer your help -<
