I've been at this for a few hours now and scratching my head as to what the problem is.
The form works and sends the email, but when the verification link is clicked, it does not show the echoed "Success" message, but the die("error message"); message. Anything to do with the $salt ?
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="text" size="35" name="email" title="Email">
<input id="button" type="submit" name="submit" value="Submit your Email" />
</form>
<?php
$salt = "mysecret";
if(isset($_POST["confirm"]) && isset($_POST["email"])){
$confirm = $_POST["confirm"];
$to_email = $_POST["email"];
if(sha1($salt.$to_email) == $confirm){
echo "Success";
} else{
die("error: mail not confirmed");
}
} elseif(isset($_POST["email"])){
$to_email = $_POST["email"];
$confirm_link = "http://www.mysite.com/form.php?confirm=".urlencode(sha1($salt.$to_email))."&mail=".urlencode($to_email);
$msg = "to confirm ... click the link: \n ".$confirm_link;
mail($to_email, "pls confirm your mail", $msg);
} else{
die("error message");
}
?>
When you click on that verification link from an email, the values are going to be passed via GET not via POST.