dnenb Posted July 15, 2013 Posted July 15, 2013 Do you verify your players email addresses? How are you doing it? Have you always done it? I just started doing it because a banned player started abusing the fact that the registration for my game didn't require a valid email. Now I've removed the password field from registration, and I instead generate a simple password and email it to them. Quote
Ben Nash Posted July 15, 2013 Posted July 15, 2013 Email verification puts some people signing up. Don't use it.... Quote
rjddev Posted July 15, 2013 Posted July 15, 2013 I do have Email Verification, but then a lil bit different. When a user signs up, They will be sent an email with a link to verify their email, however they could still login if the email hasn't been verified yet, they will just have limited acces, and once they verify their email they will have full acces to the game. Quote
HauntedDawg Posted July 15, 2013 Posted July 15, 2013 I do have Email Verification, but then a lil bit different. When a user signs up, They will be sent an email with a link to verify their email, however they could still login if the email hasn't been verified yet, they will just have limited acces, and once they verify their email they will have full acces to the game. This is the best method, coupled with a "Resend verification link" at the very top in-case they did not receive it. Quote
dnenb Posted July 15, 2013 Author Posted July 15, 2013 This is the best method, coupled with a "Resend verification link" at the very top in-case they did not receive it. I think I agree. I'll have to implement that when I'm not too lazy :) Quote
KyleMassacre Posted July 15, 2013 Posted July 15, 2013 Much like my nwe email module. You still gain full access though but you just have an annoying box that shows where ever you go saying to verify your email. Quote
Venom Posted July 18, 2013 Posted July 18, 2013 Just like I do as well, some areas such as messaging and casino are locked until the email is verified. The option to change the email used and to resend is available too. Forcing players to activate before playing can turn some away immediately, but it can also help prevent spammed accounts. Quote
Dominion Posted July 18, 2013 Posted July 18, 2013 Email verification puts some people signing up. Don't use it.... I haven't found it's that big of a problem, but then again I haven't got any real numbers on it. How many people go to sign up, and then stop at the verification (on average)? It's already been said but I wouldn't block every feature for those unverified. Quote
SilvaTungDevil Posted July 18, 2013 Posted July 18, 2013 I approach it with: Allow users to sign up with any email address, then leave a notice (not restricting any gameplay) and let them know that they havent verified their email address. This notice remains until they do, but they also get a reward of say $10,000 for verifying Quote
KyleMassacre Posted July 18, 2013 Posted July 18, 2013 I approach it with: Allow users to sign up with any email address, then leave a notice (not restricting any gameplay) and let them know that they havent verified their email address. This notice remains until they do, but they also get a reward of say $10,000 for verifying I think that is one of the best ways to go. some people just don't like to give their email because of spam and what not which is fine but its also beneficial to have as much non important information about a player as possible. Reason being I had on an old game of mine where I had an abusive player and I mean ABUSIVE making crazy threats but I won't go into details here and told the victim because he came at me about it to notify the authorities and I will comply so I had to backup my db and sent over the messages and all his player information to his local authorities when they requested it. Do I know if it was a legit email? no because I didn't have a validation. So moral of my story is players see it as a hindrance but they fail to realize that it can be potentially useful information at times Quote
Razor42 Posted February 18, 2014 Posted February 18, 2014 I'v had a few players recently creating multis and sending cash between accounts which has lead me towards maybe adding email verification to put players off doing this, what are your thoughts on this? Quote
dnenb Posted February 18, 2014 Author Posted February 18, 2014 Do it! I know for sure it stopped one guy from creating multiple accounts on my game, and it has probably stopped others as well. Quote
Razor42 Posted February 18, 2014 Posted February 18, 2014 Have you since seen a decline in registrations though? I'm scared it may put people off signing up which is the last thing I need as a new game! Quote
Guest Posted February 18, 2014 Posted February 18, 2014 Have you since seen a decline in registrations though? I'm scared it may put people off signing up which is the last thing I need as a new game! For sure this is a possiblilty, but if your game is good people will play, along with that in the long run the quality of players could increase due to only serious players playing. Quote
dnenb Posted February 18, 2014 Author Posted February 18, 2014 (edited) Have you since seen a decline in registrations though? I'm scared it may put people off signing up which is the last thing I need as a new game! I guess my way of doing it (you get your password via email) puts some people off since they can't start playing at once. But do it like this: You can't level up until you've verified your email. That way people can start playing at once, and they will verify if they like the game. Edited February 18, 2014 by dnenb Quote
Guest Posted February 18, 2014 Posted February 18, 2014 I guess my way of doing it (you get your password via email) puts some people off since they can't start playing at once. But do it like this: You can't level up until you've verified your email. That way people can start playing at once, and they will cerify if they like the game. Just make sure to disable communications incase of spammers. :) Quote
Razor42 Posted February 18, 2014 Posted February 18, 2014 How do I go about setting up email verification? Quote
sniko Posted February 18, 2014 Posted February 18, 2014 (edited) Still wouldn't stop me (or someone) from nuking your database table(s) with ~1,000 entries per second (or however long). I like this idea for e-mail verification; I guess my way of doing it (you get your password via email) puts some people off since they can't start playing at once. But do it like this: You can't level up until you've verified your email. That way people can start playing at once, and they will cerify if they like the game. +1 for that. -1 for sending a password in an email. Edited February 18, 2014 by sniko Quote
dnenb Posted February 18, 2014 Author Posted February 18, 2014 Just make sure to disable communications incase of spammers. :) +1 for that. You can google "php email verification", Razor. I found some ok guides there. If you already have a "forgot password" system, you can use much of the same logic. Quote
rockwood Posted February 18, 2014 Posted February 18, 2014 // do something like this $user_activation_hash = sha1(uniqid(mt_rand(), true)); function verifyNewUser($user_id, $user_activation_hash) { // if database connection opened if ($this->databaseConnection()) { // try to update user with specified information $query_update_user = $this->db_connection->prepare('UPDATE users SET user_active = 1, user_activation_hash = NULL WHERE user_id = :user_id AND user_activation_hash = :user_activation_hash'); $query_update_user->bindValue(':user_id', intval(trim($user_id)), PDO::PARAM_INT); $query_update_user->bindValue(':user_activation_hash', $user_activation_hash, PDO::PARAM_STR); $query_update_user->execute(); if ($query_update_user->rowCount() > 0) { $this->verification_successful = true; $this->messages[] = MESSAGE_REGISTRATION_ACTIVATION_SUCCESSFUL; } else { $this->errors[] = MESSAGE_REGISTRATION_ACTIVATION_NOT_SUCCESSFUL; } } } 1 Quote
Dayo Posted February 18, 2014 Posted February 18, 2014 To stop a pissed off user you can just set a session after the user has registered, and when processing a new registration check for this session, if it exists say they cant register another account Quote
sniko Posted February 18, 2014 Posted February 18, 2014 To stop a pissed off user you can just set a session after the user has registered, and when processing a new registration check for this session, if it exists say they cant register another account And what if I route my bot through various proxies? I only ask because this seems to be the prime workaround of games being spammed by signup-bots. Quote
KyleMassacre Posted February 18, 2014 Posted February 18, 2014 And what if I route my bot through various proxies? I only ask because this seems to be the prime workaround of games being spammed by signup-bots. Add them to a "Dummy Table"? For example: User registers Maybe dont let them put in a password let the system generate them a password and send that via plain text and make them change it Add them to another table instead of `users` like `<insert table name here>` [*]On successful validation then you insert them into the `users` ,`userstats` tables like normal [*]Make sure when adding them to your dummy table add some sort of timestamp then you can delete them from the table after "X" amount of days/hours etc. Quote
sniko Posted February 18, 2014 Posted February 18, 2014 Add them to a "Dummy Table"? For example: User registersMaybe dont let them put in a password let the system generate them a password and send that via plain text and make them change it Add them to another table instead of `users` like `<insert table name here>` [*]On successful validation then you insert them into the `users` ,`userstats` tables like normal [*]Make sure when adding them to your dummy table add some sort of timestamp then you can delete them from the table after "X" amount of days/hours etc. this. :) Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.