Scott,
Thanks. I think I understand it.
I haven't tried to actually code a user validation piece yet, but what I was thinking (some one tell me why it won't work) is that on the user registration initially set the account to unapproved and not logged on, send the email to the supplied address with the userid (guid) on a reply link. When the receive the email and reply, then use the guid on the request string to find the user acct and if not approved, toggle the approved flag. I think this last bit is what you are doing in your verify page.
But that wouldn't log them in, only allow them to.
What else am I missing?
Steve
|