For a more recent discussion about a similar topic check this question out.
Hi all,
Hoping someone can help me out with this one:
What's the best way to validate whether a particular user has ownership of a website?
Let's say you had this model:
class User < ActiveRecord::Base
has_many :websites
end
In order to make sure the User does indeed own that website I thought about doing email validations. Example: user lists example.com as their website and an email gets sent to [email protected]. If a user sends a response message from example.com the website is validate.
The problem with this is if there was a website where a large group of people could send an email from a website with that domain name, like gmail.com. I wouldn't want a user to register gmail as their personal website.
Thus it seems the best way to do it is to have the user to embed some code in the HTML and the rails applications makes sure that that code is there.
How would you go about doing this?
Kenji