Skip to end of metadata
Comment: Migrated to Confluence 4.0
Go to start of metadata

Verification if the user controls an entered email address can be done as following:

  • random but unique cookie string is generated
  • the cookie is stored in the system, keyed by address
  • a probe message containing the cookie is sent
  • the user clicks on link contained in the message
  • user gets screen where he should enter his email again
  • if a match is found, the address is confirmed
  • if the cookie is not found, an error message is displayed on the screen
  • if the cookie is found but the address is different, an error message is displayed on the screen and user has second chance to enter his address
  • if second chance failed, cookie is removed from the system and an error message is sent back
Labels:
None
Edit Labels

2 Comments

Hide/Show Comments

  1. Apr 27, 2004

    Michal Mach

    Why not stay with the clickthrough model? We have it done in password reminder.

    • random but unique cookie string is generated
    • the cookie is stored in the system, keyed by address
    • a probe message containing the cookie is sent
    • the user clicks on link contained in the message
    • user gets screen where he should enter his email again
    • if a match is found, the address is confirmed
    • if the cookie is not found, an error message is displayed on the screen
    • if the cookie is found but the address is different, an error message is displayed on the screen and user has second chance to enter his address
    • if second chance failed, cookie is removed from the system and an error message is sent back

    Please, let's not struggle with getting messages again... (smile)

  2. Apr 29, 2004

    Rafał Krzewski

    Right, your method is better, updating page.