Email Headers

J

Jeebu

hi,
let me explain my problem with a scenario.
after completing a registration procees of a user ,an email will be sent to
the user for confirmation.the email contains a link and when the user clicks
on it he will be taken to a page for confirmation.

problem
----------
i want the user to go to the confirmation page only by clicking the url in
the mail sent to him.if he copy the link from the mail and paste on the
address bar of the browser it should take the user to an error page.

how will i check wheather the user came to the confirmation page by clicking
link in the email.


jeebu
 
M

MWells

Jeebu, what you're requesting probably falls in the category of a "hack",
meaning that there are most likely better / cleaner / safer / more relaible
ways to accomplish the same objectives. Mail readers have an amazing delta
of capability; something that works fine in one environment is likely to
fail in many others.

Having said that, some possible angles of approach;

+ You might try checking the header tags to see if there's any difference;
perhaps the browser identification will be different in some scenarios; but
this is unlikely to be a complete solution.

+ In an HTML email, you can make it slightly more difficult to get at the
Url in the email by embedding a hyperlink; e.g. "Click here to activate".
This at least takes the Url out of direct view. In conjunction with that
you could make the Url horribly ugly and even unrecognizable, e.g. use %xx
for every character.

+ In an HTML email it might also be possible to define a BASE, and then
make the Url relative. This would make copying/pasting the Url ineffectual
(i.e. it's not a complete url); you'd have to click on it in the email in
order for the BASE tag to be processed. This is conjecture; I have no idea
if it would work.

+ In an HTML email you might make the activation hyperlink execute a
javascript function that does the link, rather than linking directly.

However, I suspect there are some specific goals behind your request that
could be solved using other approaches.

For example, if your end goal is to assure yourself that the person
activating the account is the same person that requested activation, you
might consider using cookies instead. Joe visits your website, registers,
gets a unique cookie. He gets an email with a unique registration link,
clicks it, hits your website again, the cookie is checked, and you make a
decision on whether to activate him.

For practical purposes, I'd assume that the "detect where the Url was
launched from" approach is a no-go. Even if you found a solution, it
probably won't work in enough email readers to make it viable. Take a look
at your overall goals and you may find a cleaner solution.

/// M
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,480
Members
44,900
Latest member
Nell636132

Latest Threads

Top