Both php and MySQL support MD5(). Consider this: // Define a secret key $secret_key = "ThisIsASecretKey123";
// Take the user's current email address $email_address = "[EMAIL PROTECTED]"; // And create a unique ID $unique_id = md5($email_address.$secret_key); Stick this unique id in the email you send to you user. http://sitename.com/remove.php?unique_id=$unique_id Then when someone sends back the $unique_id by clicking on your link, you can instuct MySQL to disable the record: "UPDATE users SET send_email = 'NO' WHERE MD5(email_address.'ThisIsASecretKey123')=$unique_id " The $secret_key prevents someone from guessing an email address, MD5 them, and sending it to you script. They would also need to know the secret key to guess correctly. This way you also do not need to "store" the hash anywhere. You could also update the secret key from time to time for security. What do you think? Robert V. Zwink http://www.zwink.net/daid.php -----Original Message----- From: Ashley M. Kirchner [mailto:[EMAIL PROTECTED]] Sent: Friday, March 22, 2002 12:38 PM To: PHP-General List Subject: [PHP] Maillist I need to send out several hundred, to several thousand emails out of our database. Now, before everyone starts telling me to use an actual MLM for this, let me explain what I need to do. I need to send a unique ID with each message, in the form of a URL. We want to make unsubscribing as easy as possible for our clients, so what I plan on doing is sending out a URL in the body of the message that contains a unique ID. When they click on that URL, it hits another script on our website which than takes that ID, searches for it in the database and flags that record (and returns a 'Thank you' page.) So, somehow, I need to generate a unique ID for each message send, stick that ID into the database with the corresponding email address that it was just sent to and then....wait. What's the best way to approach this? Should I generate IDs outside of the script, and then query the database for both the email and the ID and construct the message that way? Or should I dynamically generate an ID during the mailing process and shove it in the DB as the message goes out? Suggestions, criticism, comments...welcome. -- W | I haven't lost my mind; it's backed up on tape somewhere. +-------------------------------------------------------------------- Ashley M. Kirchner <mailto:[EMAIL PROTECTED]> . 303.442.6410 x130 IT Director / SysAdmin / WebSmith . 800.441.3873 x130 Photo Craft Laboratories, Inc. . 3550 Arapahoe Ave. #6 http://www.pcraft.com ..... . . . Boulder, CO 80303, U.S.A. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
