A one-time URL is commonly given to a user to ensure uniqueness when no other
authentication mechanisms are available, or when the user would find authentication
perhaps too tedious for the task at hand. For example, suppose you maintain a
list of newsletter subscribers and want to know which and how many subscribers are
actually reading each monthly issue. Simply embedding the newsletter into an e-mail
won??™t do, because you would never know how many subscribers were simply deleting
the e-mail from their inboxes without even glancing at the contents. Rather, you could
offer them a one-time URL pointing to the newsletter, one of which might look like this:
http://www.example.com/newsletter/0503.php?id=9b758e7f08a2165d664c2684fddbcde2
In order to know exactly which users showed interest in the newsletter issue, a
unique ID parameter like the one shown in the preceding URL has been assigned to
each user, and stored in some subscribers table. Such values are typically pseudorandom,
derived using PHP??™s md5() and uniqid() functions, like so:
$id = md5(uniqid(rand(),1));
The subscribers table might look something like the following:
CREATE TABLE subscribers (
id SMALLINT UNSIGNED NOT NULL AUTO_INCREMENT,
email VARCHAR(55) NOT NULL,
hash VARCHAR(32) NOT NULL,
read CHAR,
PRIMARY KEY(id));
When the user clicks this link, causing the newsletter to be displayed, the following
code could execute before displaying the newsletter:
$query = "UPDATE subscribers SET read='Y' WHERE hash='$id'";
mysql_query($query);
The result is that you will know exactly how many subscribers showed interest in
the newsletter, because they all actively clicked the link.
Pages:
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464