如何验证会员系统中用户的邮箱是否真实存在

在开发网站时，我们需要对用户注册的邮箱进行核对与验证，用户填写的邮箱是否有效邮箱。

好吧，我们先从数据库入手，修改用户表让用户有填写email的字段，添加了2个字段：

ALTER TABLE [dbo].[Users]ADD [Email] VARCHAR(100) NULL, [IsVerify] BIT NOT NULL DEFAULT(0) SELECT * FROM [dbo].[Users]

CREATE TABLE [dbo].[RequestActionType]( [Type] NVARCHAR(2) NOT NULL PRIMARY KEY, [Description] NVARCHAR(30) NULL)GOINSERT INTO [dbo].[RequestActionType] ([Type],[Description])VALUES ('V',N'验证邮箱是否有效。'),('C',N'用户修改密码')

CREATE TABLE [dbo].[UserRequestAction]( [Type] NVARCHAR(2) NOT NULL FOREIGN KEY REFERENCES [dbo].[RequestActionType] ([Type]), [Token] [uniqueidentifier] NOT NULL DEFAULT(NEWID()), [Account] [nvarchar](30) NOT NULL, [Email] [nvarchar](150) NOT NULL, [Expire] [datetime] NOT NULL DEFAULT (DATEADD(day,(1),CURRENT_TIMESTAMP)),)GOSource Code

CREATE TRIGGER [dbo].[tri_Users_Update] ON [dbo].[Users]FOR UPDATEASDECLARE @U_nbr NVARCHAR(20),@IsVerify BITDECLARE @old_email VARCHAR(100),@new_email VARCHAR(100)SELECT @new_email = [Email] FROM INSERTEDSELECT @U_nbr = [U_nbr],@old_email = [Email],@IsVerify = [IsVerify] FROM DELETEDIF @IsVerify = 1 AND (lEN(ISNULL(@new_email,'')) = 0 OR @new_email <> @old_email) UPDATE [dbo].[Users] SET [IsVerify] = 0 WHERE [U_nbr] = @U_nbrGOSource Code

CREATE PROCEDURE [dbo].[usp_UserRequestAction_Request]( @Type NVARCHAR(2), @U_nbr NVARCHAR(20))ASIF NOT EXISTS(SELECT TOP 1 1 FROM [dbo].[Users] WHERE [U_nbr] = @U_nbr)BEGIN RAISERROR(N'帐号错误或不存存在，请联系系统管理员。',16,1) RETURNENDDECLARE @Email NVARCHAR(100)SELECT @Email = [Email] FROM [dbo].[Users] WHERE [U_nbr] = @U_nbrIF EXISTS(SELECT TOP 1 1 FROM [dbo].[UserRequestAction] WHERE [Type] = @Type AND [Account] = @U_nbr AND [Email] = @Email) UPDATE [dbo].[UserRequestAction] SET [Token] = NEWID(),[Expire] = DATEADD(day,(1),CURRENT_TIMESTAMP) WHERE [Type] = @Type AND [Account] = @U_nbr AND [Email] = @EmailELSE INSERT INTO [dbo].[UserRequestAction] ([Type],[Account],[Email]) VALUES (@Type,@U_nbr,@Email)GOSource Code

均是使用这个存储过程[dbo].[usp_UserRequestAction_Request]。

接下来的流程是，用户会打开他的邮箱，查阅刚刚系统发送的邮件。邮件内容就是看实际需求了，如提示用户，是不是自己本人操作，安全性等，这些都不是怎样重要，重要的是那一条链接。

指示用户点击链接。这个链接会导上到网站一个页面。当到这个页面时，系统会在这页面进行一些程序处理，检查链接有效性，时间是否过期，如果一切没有问题，会进更新IsVerify字段为ture.

如果是用户忘记密码的话，在用户点击链接，系统也会检有效性，没有期，面会出现更改密码的form，让用户进行更改全新的密码。

Ok,还差2个存储过程，第一个是更新IsVerify字段值：

CREATE PROCEDURE [dbo].[usp_Users_UpdateIsVerifyField](  @token NVARCHAR(36))ASIF EXISTS(SELECT TOP 1 1 FROM [dbo].[UserRequestAction] WHERE [Token] = @token AND [Expire] >= CURRENT_TIMESTAMP)BEGIN  DECLARE @Account NVARCHAR(30)  SELECT @Account = [Account] FROM [dbo].[UserRequestAction] WHERE [Token] = @token  UPDATE [dbo].[Users] SET [IsVerify] = 1 WHERE [U_nbr] = @Account  UPDATE [dbo].[UserRequestAction] SET [Expire] = DATEADD(DAY,-1,CURRENT_TIMESTAMP) WHERE [Token] = @tokenENDGOSource Code

CREATE PROCEDURE [dbo].[usp_Users_ResetPassword](  @token NVARCHAR(36),  @Password NVARCHAR(100))ASIF EXISTS(SELECT TOP 1 1 FROM [dbo].[UserRequestAction] WHERE [Token] = @token AND [Expire] >= CURRENT_TIMESTAMP)BEGIN  DECLARE @Account NVARCHAR(30)  SELECT @Account = [Account] FROM [dbo].[UserRequestAction] WHERE [Token] = @token  DECLARE @pwd VARBINARY(MAX) = ENCRYPTBYPASSPHRASE('insus#sec!%y',@Password)  UPDATE [dbo].[Users] SET [Pwd] = @pwd WHERE [U_nbr] = @Account   UPDATE [dbo].[UserRequestAction] SET [Expire] = DATEADD(DAY,-1,CURRENT_TIMESTAMP) WHERE [Token] = @tokenENDELSEBEGIN  RAISERROR(N'无法更改密码，请联系客服或网络管理员。',16,1)  RETURNENDSource Code

更多相关文章

随机推荐