A Script to test an email account

you could use imap_open() and test for an error, but you would need their password to check their account, etc. Far, far to insecure. I think that'd be the only way to do it.

Easier to just send them a confirmation e-mail.

Well, StormyWaters, I thank you, but it sounds like greek for me, because I'm not a programmer. So, I need something like a ready-made Script.

Mario./

There is no real way to do this without compromising people's security.


It's much easier to send a confirmation e-mail like most major companies do. Use this php script:


Change the $content variable to whatever you want, and the stuff in the $header variable to whatever you want it to be from.
<?php echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?".">"; ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Your E-mail</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
</head>

<body>
<?
$email = $HTTP_POST_VARS['email'];
if(isset($email)) {
  $content = "Hello! Someone has used your e-mail address to sign up for our site. To confirm this, follow this link:\nhttp://www.yoursite.com/confirm.php?code=".base64_encode($email)."\nThank you for your time.";
  $subject = "Confirm address";
  $headers = "From: Intelligent Shade Of Blue mailer";
  mail($email, $subject, $content, $headers);
  echo "An email has been sent to $email. Please confirm it.";
} else {
echo <<<END
  <form method="post" action="$PHP_SELF">
  <input type="text" name="email" />
  <input type="submit" name="sbmt" value="Submit!"/>
  </form>
END;
}
?>
</body>
</html>

That's your form page.



Then this is confirm.php:
Do whatever you want if they've got a valid address where I've just echo'd some information.
<?php echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?".">"; ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
</head>

<body>
<?
$email = $HTTP_GET_VARS['code'];
if(isset($email)) {
  echo 'Address '.base64_decode($email).' confirmed.';
}
?>
</body>
</html>

I'm sorry, the server I tested that script on runs an old version of PHP.
$HTTP_GET_VARS should be replaced with $_GET and $HTTP_POST_VARS with $_POST on newer versions.

Great, StormyWaters, it does exactly what I need. But before accepting, please, explain to me why people's security is compromised with such a procedure? At which extent it could be a danger to my domain/server?

Thanks,

Mario./

In order to check their account, you would need to know their e-mail account's password. Firstly, nobody in their right mind would give that to you, even if your purpose was honest. Secondly, if you didn't have a secure server others could retrieve that information and get people's passwords.
As I said, it's relatively simple to use a confirmation email script, so I wouldn't suggest using something different.

Hi, StormyWaters:

Ansewring to your first comment, as a matter of fact, this procedure will be used by each of our customers, individually, that is, when we give him/her a new mailbox, he/she will test his/her own mailbox. So, here there's no problem about password, ok?

I didn't understand your second comment that says that others could retrieve that information and get people's password.

And finally, you told about using a simple confirmation email script. That's what I want. This one you wrote above, and I have already tested, isn't it one of these you mentioned?

Mario./