when a user asks for forgot password , i send an activation email which works okay. but when the user activated the code and created the new password, if the user try to access the activation code for second it should say the activation code is failed/Invalid. how to check the clicks on the activation code?
Asked
Active
Viewed 597 times
2 Answers
0
You could delete the activation code from your database, once it has been used successfully? (or generate a new one "for next time")
Rowland Shaw
- 37,700
- 14
- 97
- 166
-
can you explain me, how to delete the activation code from database once its been used? – billstep May 02 '11 at 14:21
-
It all depends on your table schema, and *how* you connect to the database, but Pseudo-code would loosely be: Validate code is valid; Update, set activation code to be null (or a different one), also set password to be new value at the same time – Rowland Shaw May 02 '11 at 15:55
-
i think rather than deleting the activation code i just want to remove or make it null(in the code itself) and i don't want to touch the database – billstep May 02 '11 at 16:05
-
The only way of using an activation code once, is to store that it's been used, or otherwise make it invalid. sure you can do that in code, but you're going to have to store that somewhere, and it would be sensible to store it in the database, alongside the rest of the data (heck, it'll be a lot easier if you ever need to restore from backups) – Rowland Shaw May 02 '11 at 17:34
