I have a confirmation page that is directed from email after clicking confirm button, But what if someone open this page without email direction?
I though about making a data field filter(sent confirm), when confirm button is clicked change to yes when directed on page load if yes, change (confirmed) data field of user to yes.
But still i can click the button and open the page without permission from email, How can i avoid this headaches, something that can help to detect direction from email.
That’s a great idea!
The only other thing I can think of is.
You could add “&user=current user’s email” to the link sent in the email, and
When the page loads, if it doesn’t match the user’s email, it won’t load.
How about that?
The confirmation process match user email anyway i think or you could use the unique ID which is more safe, the issue is about when opening the confirmation page without clicking the link sent to the email before confirming process.
If someone had also entered the URL key, I certainly would not have been able to solve the problem. Sorry about that.
I think my idea and yours together would be a perfect security solution, don’t you think?
I have tested again, and you know what is inspiring in the confirming process action?
That it’s working perfectly, It does not matter if you have opened this page.
When click on confirm, just set there a WF confirm email directed to the confirmation page.
If confirmation page is loaded before confirming process and Current use is not confirmed… If yes: direct the user to 404.
When clicking the confirmation page URL during the email, It simply match that its confirmed and logged in.
Thank you for your effort and helping.
I’m glad it’s been resolved.
This topic was automatically closed after 70 days. New replies are no longer allowed.
