[Zope] double opt-in or opt-in with confirmation.
I am looking for a strategy or samples (or even just a hint as to the best process) to create an email opt-in strategy in Zope. I am thinking that what you do is use some sort of hash or unique id creation mechanism (based on the email address, time or something else). Based on what I am seeing -- some sort of MD5(not totally sure what that means but I understand there are Python supplied functions to generate it) hash of a combination of the email address and date/time stored and then sent to the user should guarantee that it is unique, can't be auto generated by some bot and should allow verification on http access using the hash in the url? All the potential solutions I am seeing use Python 2.5 + -- the version of Zope I am using is based on Python 2.4.4. Anybody have any ideas or have implemented something like this? ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] double opt-in or opt-in with confirmation.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Brian Sullivan wrote: I am looking for a strategy or samples (or even just a hint as to the best process) to create an email opt-in strategy in Zope. I am thinking that what you do is use some sort of hash or unique id creation mechanism (based on the email address, time or something else). Based on what I am seeing -- some sort of MD5(not totally sure what that means but I understand there are Python supplied functions to generate it) hash of a combination of the email address and date/time stored and then sent to the user should guarantee that it is unique, can't be auto generated by some bot and should allow verification on http access using the hash in the url? All the potential solutions I am seeing use Python 2.5 + -- the version of Zope I am using is based on Python 2.4.4. Anybody have any ideas or have implemented something like this? As an example look at the Products.EasyNewsletter code. In a recent project we implemented as similar functionality where we generated 32 char longs strings (based on random numbers) and stored the token in an external DB (MongoDB). Sending out a confirmation email and implementing a view for validating the token through an URL is straight forward. - -aj -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQGUBAEBAgAGBQJM9ToyAAoJEADcfz7u4AZjUfcLwIl28L7mHM82x0NmLEizNHKc qcFHi+rQshpg/DqiIgSiYPIgf+608LbbGX5B+ZR4ekBXQBaHJSuzy/kT/xPxlfO2 EaPYnk/ri93PkmGNHFq5ASz5amNn1kwNrOolM32iP24krbzP91vCujFGvIJ4izJk UkacsI6CD8m7q+9StNPjs/uoHEb5ceHBwiC+u/ipBpAnhHNeum0BxNsWIsiQa/Ns M5+ckS0wMfbyQ+FYEtA7+KnmSiDTnHmg0M0Ii3INXbEZgx9h7u+ezHDFpxU5V2UD kYBf+3eTFu5rRmqbiHMNwnEzBHt1pe8QHPns3+3v15fi7b3i3r4x7PxHHDLbawQq +wtLDlCBzz02vcKjHd0aItSTCxCPu3vOPgCY/hMpsCnz2ElQIgBb6Np0tl6Vt1D6 A3XIkM39X1+wOQUgiqWgylvKvYosx9rrUM+zJ3L6zNZt6YpaDT8+d3cA3hqBNMUA fqRaDaMFL7xclCzB4BOUoEUYwHdjzC0= =uy5J -END PGP SIGNATURE- attachment: lists.vcf___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] double opt-in or opt-in with confirmation.
Looking at the code now -- do you remember where the code to generate the strings is situated? On Tue, Nov 30, 2010 at 12:53 PM, Andreas Jung li...@zopyx.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Brian Sullivan wrote: I am looking for a strategy or samples (or even just a hint as to the best process) to create an email opt-in strategy in Zope. I am thinking that what you do is use some sort of hash or unique id creation mechanism (based on the email address, time or something else). Based on what I am seeing -- some sort of MD5(not totally sure what that means but I understand there are Python supplied functions to generate it) hash of a combination of the email address and date/time stored and then sent to the user should guarantee that it is unique, can't be auto generated by some bot and should allow verification on http access using the hash in the url? All the potential solutions I am seeing use Python 2.5 + -- the version of Zope I am using is based on Python 2.4.4. Anybody have any ideas or have implemented something like this? As an example look at the Products.EasyNewsletter code. In a recent project we implemented as similar functionality where we generated 32 char longs strings (based on random numbers) and stored the token in an external DB (MongoDB). Sending out a confirmation email and implementing a view for validating the token through an URL is straight forward. - -aj -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQGUBAEBAgAGBQJM9ToyAAoJEADcfz7u4AZjUfcLwIl28L7mHM82x0NmLEizNHKc qcFHi+rQshpg/DqiIgSiYPIgf+608LbbGX5B+ZR4ekBXQBaHJSuzy/kT/xPxlfO2 EaPYnk/ri93PkmGNHFq5ASz5amNn1kwNrOolM32iP24krbzP91vCujFGvIJ4izJk UkacsI6CD8m7q+9StNPjs/uoHEb5ceHBwiC+u/ipBpAnhHNeum0BxNsWIsiQa/Ns M5+ckS0wMfbyQ+FYEtA7+KnmSiDTnHmg0M0Ii3INXbEZgx9h7u+ezHDFpxU5V2UD kYBf+3eTFu5rRmqbiHMNwnEzBHt1pe8QHPns3+3v15fi7b3i3r4x7PxHHDLbawQq +wtLDlCBzz02vcKjHd0aItSTCxCPu3vOPgCY/hMpsCnz2ElQIgBb6Np0tl6Vt1D6 A3XIkM39X1+wOQUgiqWgylvKvYosx9rrUM+zJ3L6zNZt6YpaDT8+d3cA3hqBNMUA fqRaDaMFL7xclCzB4BOUoEUYwHdjzC0= =uy5J -END PGP SIGNATURE- ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )