NYCPHP Meetup

NYPHP.org

[nycphp-talk] design question: user self-registration

Anthony Papillion papillion at gmail.com
Tue Aug 31 15:09:38 EDT 2010 

Disqus does something like this. If you run into where there is an
email in the system but no "profile" (entry in the "people" table)
just bring up a screen and have the user fill out the rest of the
information. Then, stick it in the database and you're on your merry
way!

On 8/31/10, David Mintz <david at davidmintz.org> wrote:
> On Tue, Aug 31, 2010 at 12:52 PM, Dan Cech <dcech at phpwerx.net> wrote:
>
>> On 8/31/2010 12:43 PM, David Mintz wrote:
>>
>>> I want to provide a self-service user registration, with an email
>>> verification thing. They submit their data, we email them a link to
>>> verify
>>> that they control the email address they provided, bla bla, then the
>>> account
>>> is enabled. So I thought I would go ahead and do the inserts, marking
>>> both
>>> new records as 'inactive' pending email confirmation.
>>>
>>> In some cases, though, there may already be a row in people corresponding
>>> to
>>> the new user.
>>>
>>
>> In this case would it make sense to let the user know that there is
>> already
>> an account and just offer to re-send the verification or password reset
>> email (depending on the status of the account)?
>>
>> Of course that would assume that the account hasn't been disabled for some
>> reason, in which case if you have a hard unique constraint on the email
>> you're going to have to reactivate the account rather than being able to
>> create a "new" account for the user and leave the old account as
>> deactivated.
>>
>>
>
>
>
> Sorry, I didn't explain clearly enough. There may be cases where there is
> already record for the soon-to-be user in the 'people' table, but not the
> 'users.' See the issue? If I try to insert where the email already exists, I
> run into the unique constraint, but then if I say instead 'update ... where
> email = $their_email'  before confirming the email, well, that sounds like a
> poor idea, basically  allowing anyone to run an update on anyone else's
> record in the table.
>
> Not the end of the world, but I am looking for the most graceful solution.
>
>
> --
> Support real health care reform:
> http://phimg.org/
>
> --
> David Mintz
> http://davidmintz.org/
>

-- 
Sent from my mobile device

Anthony Papillion
Lead Developer / Owner
Advanced Data Concepts - "Enabling work anywhere"
(918) 533-9969

Facebook: http://www.facebook.com/cajuntechie
My Blog:   http://www.cajuntechie.com

More information about the talk mailing list