Release access to a page with defined time [closed]

0

Hello. I'm new to site creation and need help with the following situation: One customer requested the following situation: On the "Main Clients" page there should be a way to release temporary access for anyone who wants to see the portfolio containing the products of these "Top Clients" and that this access has a duration of 5 days. The solution I found was that on this page you have a form where you enter CNPJ and email so that there is this access control. I thought after getting the information in the form send a link in the email and the person could access the page in question only in the 5 days as informed above and after that the link does not work anymore.

My question is: Which path should I follow?

As I said I'm new to this area. I know I'll need BD, but I do not even know where to start and what to use.

Could anyone give a light ?? - The form page is ready.

Thank you in advance.

    
asked by anonymous 01.02.2018 / 01:46

2 answers

3

You've already said that you have a form, so I'll list a simple step-by-step without going into detail, you can easily find it here in SOpt or if you have any questions you can ask new specific questions. I'll do it using PHP which is the most common.

1st. Database

First you must create a database (it can be MySQL, which is very common) with a table with 5 columns:

  • is the primary auto-increment column, which only counts the number of records as they are entered into the table.

    li>
  • id : where the user's email will be stored. (type varchar )

  • email : where the user's CNPJ will be stored. (type varchar )

  • CNPJ : where the token is stored (a random single-sequence type for each record, such as a password, eg token ). PHP itself has native capability to generate this. (type varchar )

  • Ah2bd5h8Hjs : In this field you can store the day that the user has registered, and then check if it is more than 5 days old. (type date or datetime )

2nd. Send form to a PHP file

After filling in the form, you will submit it to a PHP file ( dia ) via POST (you can even use Ajax). This PHP file will receive the fields of the form (email and CNPJ) and will write to the database the respective information ( nome_do_arquivo.php , email , CNPJ and token ). Before writing to BD, you must generate the token and get the current date (email and CNPJ already come from the form).

After saving the data to the DB, you will send an email message to the user with a link containing the email and token in this template:

http://seusite.com.br/pagina.php?email=email_do_usuario&token=token_que_foi_gerado

3rd. Validating

The user will receive the message with the link. By clicking it it will be redirected to your site as per the link. In the PHP page where the link takes, you will get the parameters "email" and "token" that are in the URL of the link and consult in the DB if the two belong to the same record. If there is any disagreement, it means that the link is invalid, then you may see an " invalid link " message or redirect (this depends on your choice).

If the DB query returns that the "email" and "token" are correct, you do the last check: see if 5 days have already passed. For this you will use the value of the field dia returned from the query to the DB. For this you will have to use date comparison, see if the day that is in the DB table is more than 5 days from the current date. If it is longer, it means that 5 days have passed and you can either display a " Exhausted" > message or redirect (this is your own). But if the comparison of the dates is a difference of up to 5 days, it means that everything is OK and the user can proceed.

Edit : Above I quoted to do the validation in 2 steps. But you can and even do better in 1 step. In the same DB query, check the email , token and day checks in less than 5 days. p>

In short:

The above schema is just a shallow catch, and at some points will involve data checking etc., but it is not so complicated. I think even beginners, with a little research and effort, will be able to do it. Go step-by-step, testing each step until you reach the end point.

  ENVIO DO FORM PARA O PHP                     VALIDAÇÃO DO LINK
            ↓                                          ↓
    validar email e CNPJ                     captura os parâmetros
    (ver se são válidos)                    "email" e "token" da URL
      ↓            ↓                                   ↓
   não são      válidos                          consulta o BD
   válidos         ↓                              ↓         ↓
      ↓            ↓                          inválidos  válidos
 retorna erro      ↓                           ↓              ↓
(não faz nada)     ↓                      retorna erro  verifica o dia
                   ↓                     (não faz nada)  ↓          ↓
      gerar token e pegar data                           ↓          ↓
                   ↓                                 tem mais de  tem menos
             gravar no BD                              5 dias     de 5 dias
                   ↓                                     ↓          ↓
         enviar email com link                      retorna erro   acesso
            para o usuário                          (nega acesso)  liberado
                   ↓
                  FIM
         (exibe uma mensagem que
             deu tudo certo)
    
01.02.2018 / 03:07
0

First you will need to choose a backend language to implement in the project.

After doing this, to control this 5-day access, you can do the following:

Create 2 more fields in the table, a field to detect whether the user is active or not, that is, if he has not yet exhausted his 5 days and a field to store the date when he was registered. So whenever he logs in, you compare the date to the current date, and if the difference between them is greater than 5, you leave the field I mentioned earlier as disabled.

    
01.02.2018 / 02:51