Here is my Code for Register.php for a Login System with MySQL:
<?php
session_start();
require_once 'config.php';
require_once 'dbh.php';
require_once 'functions.php';
require_once 'PHPMailer/PHPMailerAutoload.php';
if (isset($_POST['register']))
{
$fname=$conn->real_escape_string(clean_input($_POST['firstname']));
$lname=$conn->real_escape_string(clean_input($_POST['lastname']));
$email=$conn->real_escape_string(clean_input($_POST['email']));
$password=$conn->real_escape_string(clean_input($_POST['password']));
$password=password_hash($password, PASSWORD_DEFAULT);
$vcode=substr(md5(uniqid(rand(), true)), 16, 10);
if (check() === 0){
$sql="INSERT INTO users (fname,lname,email,password,vcode) VALUES ('$fname','$lname','$email','$password','$vcode')";
$conn->query($sql);
$fullname=$fname.' '.$lname;
$id= $conn->insert_id;
$mail = new PHPMailer;
//$mail->SMTPDebug = 3;
$mail->isSMTP();
$mail->Host = MAILHOST;
$mail->SMTPAuth = true;
$mail->Username = EMAIL;
$mail->Password = SECRET;
$mail->SMTPSecure = MAILSECURE;
$mail->Port = MAILPORT;
$mail->setFrom(EMAIL, 'CloudMate SSO');
$mail->addAddress($email,$fullname);
$mail->addReplyTo('[email protected]', 'CloudMate Support');
$mail->isHTML(true);
$mail->Subject = 'Single Sign ON verification link';
$mail->Body = 'Click on the link to verify your account <a
href="https://sso.cloudmate.in/verify.php?v={$vcode}&id={$id}">click here</a>';
$mail->send();
$_SESSION['id']=$userid;
header('location:index.php');
}
else{
$error='User already exists';
}
}
?>
The Problem is Email Verification Links that are being Sent. The Current Configuration is with SSL and TLS and It encrypts the User ID and VCODE needed in Verification Link. I tried the same with HTTP instead of HTTPS and Its working fine then.
Email Link for Verification:
https:// sso.cloudmate.in/verify.php?v=%7B$vcode%7D&id=%7B$id%7D
%7B$vcode%7D and %7B$id%7D got encrypted when they should be just Numbers. How to FIx that?