Jump to content

Archived

This topic is now archived and is closed to further replies.

tomfmason

information not being inserted into data base

Recommended Posts

[code]I am sure that this is a simple error but I am kind of lost at this point. I will post the entire script and then below that will post the section that I am referring to

[code]<?php
include 'db.php';
$first_name = $_POST['first_name'];
$lastname_name = $_POST['last_name'];
$username = $_POST['username'];
$email_address = $_POST['email'];

$first_name = stripslashes($first_name);
$last_name = stripslashes($last_name);
$username = stripslashes($username);
$email_address = stripslashes($email);

# Any errors in the posted fields? Lets check...
if((!$first_name) || (!$last_name) || (!$email) || (!$username)){
echo 'You did not submit the following required information! <br/>';
if(!$first_name){
echo '<font id=UserNameRed />First name <font id=UserPanelText />is a required field. Please enter it below. <br/>';
}
if(!$last_name){
echo '<font id=UserNameRed />Last name <font id=UserPanelText />is a required field. Please enter it below. <br/>';
}
if(!$email){
echo '<font id=UserNameRed />Email address <font id=UserPanelText />is a required field. Please enter it below. <br/>';
}
if(!$username){
echo '<font id=UserNameRed />Username <font id=UserPanelText />is a required field. Please enter it below. <br/>';
}
include("../join.php");
exit();
}

$sql_email_check = mysql_query("SELECT email FROM users WHERE email='$email'");
$sql_username_check = mysql_query("SELECT username FROM users WHERE username='$username'");

$email_check = mysql_num_rows($sql_email_check);
$username_check = mysql_num_rows($sql_username_check);

if(($email_check > 0) || ($username_check > 0)){
echo 'Please fix the following errors: <br/>';
if($email_check > 0){
echo '<strong>Your email address has already been used by another member in our database. Please use a different Email address!<br/>';
unset($email);
}
if($username_check > 0){
echo 'The username you have selected has already been used by another member in our database. Please choose a different Username!<br/>';
unset($username);
}
include("../join.php"); // Show form again
exit();
}

function makeRandomPassword() {
  $salt = "abchefghjkmnpqrstuvwxyz0123456789";
  srand((double)microtime()*1000000); 
      $i = 0;
      while ($i <= 7) {
            $num = rand() % 33;
            $tmp = substr($salt, $num, 1);
            $pass = $pass . $tmp;
            $i++;
      }
      return $random_password;
}

$random_password = makeRandomPassword();

$db_password = md5($random_password);

$sql = mysql_query("INSERT INTO users (first_name, last_name, email_address, username, password, signup_date, 

decrypted_password)
        VALUES('$first_name', '$last_name', '$email_address', '$username', '$db_password', now(), '$random_password')") or die (mysql_error());

if(!$sql){
    echo 'There has been an error creating your account. Please contact the webmaster.';
} else {
    $to = '$email_address';
    $subject = 'Your Membership at owpt.biz';
    $message = 'Dear $first_name $last_name,
    You are now registered at our website, http://www.owpt.biz!
     
    To activate your membership, please login here: http://www.owpt.biz/home/index.php
     
    Once you activate your membership, you will be able to login with the following information:
    Username: $username
    Password: $random_password
    Please keep this username and password in a location that is easily accessible by you.
     
    Thanks!
    WebMaster, Owpt.biz
     
    This is an automated response, please do not reply!';
    $headers = "From: noreply@owpt.biz\r\n" .
       'X-Mailer: PHP/' . phpversion() . "\r\n" .
       "MIME-Version: 1.0\r\n" .
       "Content-Type: text/html; charset=utf-8\r\n" .
       "Content-Transfer-Encoding: 8bit\r\n\r\n";
    mail($to, $subject, $message, $headers)or die('something went wrong');
    echo 'Your membership information has been mailed to your email address! Please check it and follow the directions!';
}
?>[/code]

And here is the part that I am having an issue with

[code]function makeRandomPassword() {
  $salt = "abchefghjkmnpqrstuvwxyz0123456789";
  srand((double)microtime()*1000000); 
      $i = 0;
      while ($i <= 7) {
            $num = rand() % 33;
            $tmp = substr($salt, $num, 1);
            $pass = $pass . $tmp;
            $i++;
      }
      return $random_password;
}

$random_password = makeRandomPassword();

$db_password = md5($random_password);
$decrypted_password = $random_password;
$sql = mysql_query("INSERT INTO users (first_name, last_name, email_address, username, password, signup_date, decrypted_password)
        VALUES('$first_name', '$last_name', '$email_address', '$username', '$db_password', now(), '$decrypted_password')") or die (mysql_error()); [/code]

The problem is with the decypted_password it is not being inserted into the database

[/code]

Share this post


Link to post
Share on other sites
$db_password is being posted but not $decrypted_password

sorry was not clear as to what was being posted and what was not.

Share this post


Link to post
Share on other sites
Your makeRandomPassword function doesnt return anything. Try...

[code=php:0]
return $pass;
[/code]

Share this post


Link to post
Share on other sites
[quote]Out of curiosity, why would you want to store a decrypted version of the password?[/quote]
There is no decryption going on. Just confusing variable and field names. You cannot decrypt an md5'd hash.

Share this post


Link to post
Share on other sites
[quote author=thorpe link=topic=99481.msg391769#msg391769 date=1152079024]
Your makeRandomPassword function doesnt return anything. Try...

[code=php:0]
return $pass;
[/code]
[/quote]

LOL I was looking at my post and realized that I had done that. :o

Share this post


Link to post
Share on other sites
Sorry wasn't clear, I meant like if your encrypting a copy of the password why would you want the original un-crypted password?

Would it decrease the security? (IE. Injections?)

Share this post


Link to post
Share on other sites
it is only for testing reasons. I am having some  difficulty with sending mail with mecury mail via php.

Once I get the issue solved I will no longer have a decrypted password option

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.