Home/ Questions/Q 6474847
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T06:38:08+00:00

When a user registers, the script sends an email to verify his account. Clicking

  • 0

When a user registers, the script sends an email to verify his account. Clicking on the link, the script gets the token

$token = mysql_real_escape_string($_GET["token"]);

and what I thought to do is

if($token != '') {
mysql_query("UPDATE members SET verified = '' WHERE verified = '$token'");
}

or

if($token != '') {
    $result = mysql_query("UPDATE members SET verified = '' WHERE verified = '$token'");
    if($result) { }
    else { }
}

What is my purpose is to echo a success or failed message on the user. When it will be success then the verified will be empty.

What is the appropriate way of doing this with my examples above?

Should I check if there is the token in the DB before updating it?

Thank you.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Your current method updates a record if it exists but does not take into account that which does not exist or match. You should run something similar to:

    if($token != '') {
    $result = mysql_query("SELECT COUNT(*) FROM members WHERE verified = '$token'");

    while($row = mysql_fetch_row($result)) {
       $records = $row[0];
    }

    if($records == 0) { echo 'no results'; }
    elseif($records ==1) { echo 'you matched'; then update the record. }
}

    edit

    changed BACK to the while loop, wasn’t thinking of the count returning 0 rows

    • 0