Jump to content

Recommended Posts

Hi,

 

I have one slight problem, I'm setting up a sign_up process. The confirmation email is received fine however, when clicking the link to activate the account, all I receive is a blank screen. I cannot see where I may have gone wrong. It's resolution is probably looking straight at me.

 

I've checked that the passkey appears in the temp members DB, which is fine.

 

Do you have any ideas what could be going wrong?

Here are the scripts...

 

signup_ac.php

signup_ac.png

 

Confirmation.php

confirmation.png

 

config.php

config.png

 

Any help is appreciated.

 

 

Cheers,

Martin

Link to comment
https://forums.phpfreaks.com/topic/174569-sign-up-script/
Share on other sites

MadTechie,

 

Thanks for the reply. Form what I can see, the DBs are setup correctly.

 

The websmart_registeredmembers table does exist under a separate DB to the temp members one.

 

I'm new to all this, so I may be missing something very simple.

I've included the code again below and ill remove the above images ;)

 

<?
include('config.php');

// table name 
$tbl_name=websmart_tempmembersdb;

// Random confirmation code 
$confirm_code=md5(uniqid(rand()));

// values sent from form 
$name=$_POST['name'];
$email=$_POST['email'];
$country=$_POST['country'];

// Insert data into database 
$sql="INSERT INTO $tbl_name(confirm_code, name, email, password, country)VALUES('$confirm_code', '$name', '$email', '$password', '$country')";
$result=mysql_query($sql);

// if suceesfully inserted data into database, send confirmation link to email 
if($result){

// ---------------- SEND MAIL FORM ----------------

// send e-mail to ...
$to=$email;

// Your subject
$subject="Websmartin confirmation link here";

// From
$header="from: Websmartin.co.uk";

// Your message
$message="Your Comfirmation link \r\n";
$message.="Click on the below link to activate your account \r\n";<br>
$message.="http://www.websmartin.co.uk/confirmation.php?passkey=$confirm_code";<br><br>
$message.="Kinds regards,"<br>
$message.="Websmartin"


// send email
$sentmail = mail($to,$subject,$message,$header);

}

// if not found 
else {
echo "Not found your email in our database";
}

// if your email succesfully sent
if($sentmail){
echo "Your Confirmation link Has Been Sent To Your Email Address<br>Please close this window.";
}
else {
echo "Cannot send Confirmation link to your e-mail address";
}

?>

 

 

<?
include('config.php');

// Passkey that got from link 
$passkey=$_GET['passkey'];

$tbl_name1="websmart_tempmembersdb";

// Retrieve data from table where row that match this passkey 
$sql1="SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'";
$result1=mysql_query($sql1);

// If successfully queried 
if($result1){

// Count how many row has this passkey
$count=mysql_num_rows($result1);

// if found this passkey in our database, retrieve data from table "websmart_tempmembersdb"
if($count==1){

$rows=mysql_fetch_array($result1);
$name=$rows['name'];
$email=$rows['email'];
$password=$rows['password']; 
$country=$rows['country'];

$tbl_name2="websmart_registeredmembers";

// Insert data that retrieves from "websmart_tempmembersdb" into table "websmart_registeredmembers" 
$sql2="INSERT INTO $tbl_name2(name, email, password, country)VALUES('$name', '$email', '$password', '$country')";
$result2=mysql_query($sql2);
}

// if not found passkey, display message "Wrong Confirmation code" 
else {
echo "Wrong Confirmation code";
}

// if successfully moved data from table "websmart_tempmembersdb" to table "registered_members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db"
if($result2){

echo "Your account has been activated";

// Delete information of this user from table "websmart_tempmembersdb" that has this passkey 
$sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'";
$result3=mysql_query($sql3);

}

}
?>

 

<?

$host="localhost"; // Host name 
$username="*****"; // Mysql username 
$password="****"; // Mysql password 
$db_name="websmart_tempmembersdb"; // Database name 

//Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect to server"); 
mysql_select_db("$db_name")or die("cannot select DB");

?>

 

 

 

Link to comment
https://forums.phpfreaks.com/topic/174569-sign-up-script/#findComment-920538
Share on other sites

backup your current Confirmation.php and try this one instead, i have added some debugging, and some markers

 

<?php
include('config.php');

// Passkey that got from link
$passkey=$_GET['passkey'];

$tbl_name1="websmart_tempmembersdb";

// Retrieve data from table where row that match this passkey
$sql1="SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'";
$result1=mysql_query($sql1) or die($sql1.mysql_error());
echo "#1: \n<br>";
// If successfully queried
if($result1){

// Count how many row has this passkey
$count=mysql_num_rows($result1);
echo "#2: \n<br>";
// if found this passkey in our database, retrieve data from table "websmart_tempmembersdb"
if($count==1){
	$rows=mysql_fetch_array($result1);
	$name=$rows['name'];
	$email=$rows['email'];
	$password=$rows['password'];
	$country=$rows['country'];

	$tbl_name2="websmart_registeredmembers";

	// Insert data that retrieves from "websmart_tempmembersdb" into table "websmart_registeredmembers"
	$sql2="INSERT INTO $tbl_name2(name, email, password, country)VALUES('$name', '$email', '$password', '$country')";
	$result2=mysql_query($sql2)or die($sql2.mysql_error());
}

// if not found passkey, display message "Wrong Confirmation code"
else {
	echo "Wrong Confirmation code";
}
echo "#3: \n<br>";
// if successfully moved data from table "websmart_tempmembersdb" to table "registered_members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db"
if($result2){

	echo "Your account has been activated";

	// Delete information of this user from table "websmart_tempmembersdb" that has this passkey
	$sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'";
	$result3=mysql_query($sql3)or die($sql3.mysql_error());
}
}
?>

 

please note your code is vulnerable to SQL injections

(we will get back to that) 

Link to comment
https://forums.phpfreaks.com/topic/174569-sign-up-script/#findComment-920542
Share on other sites

I now receive the following message... (**** replaces email address and password)

 

#1:

#2:

INSERT INTO websmart_registeredmembers(name, email, password, country)VALUES('martinAndrews', '****', '****', 'UK')Table 'websmart_tempmembersdb.websmart_registeredmembers' doesn't exist

 

SQL injection... ?

Link to comment
https://forums.phpfreaks.com/topic/174569-sign-up-script/#findComment-920549
Share on other sites

As i said websmart_registeredmembers doesn't exist!

can you give me an idea how your database are setup, as the code suggests 2 different things

1. 2 tables websmart_registeredmembers and websmart_tempmembersdb

2. 2 databases, both with websmart_registeredmembers

Link to comment
https://forums.phpfreaks.com/topic/174569-sign-up-script/#findComment-920551
Share on other sites

I created two DBs

1. websmart_tempmembersdb which contains the table also named websmart_tempmembersdb

2. websmart_registeredmembers which also contain a table named websmart_registeredmembers

 

As I say I'm a complete novice in this... as you can see :)

Link to comment
https://forums.phpfreaks.com/topic/174569-sign-up-script/#findComment-920554
Share on other sites

sorry forgot to paste in link.

 

This is where I got the codes from http://www.phpeasystep.com/phptu/6.html

 

the temp DB holds those that are not yet activated, then once the activation link is clicked it transfers the data to the registered members DB :S

 

When I have this issue fixed I would then need to use a sign-in script but to then allow registered users to my site. This will be another stumbling block for me.

 

I really appreciated all your help in this.

 

Maybe I should give up on PHP already :) This is my first real attempt at it.

Link to comment
https://forums.phpfreaks.com/topic/174569-sign-up-script/#findComment-920563
Share on other sites

try these updates

 

<?php
$host="localhost"; // Host name
$username="*****"; // Mysql username
$password="****"; // Mysql password
$db_name="websmart_registeredmembers"; // Main Database name
$db_tempname="websmart_tempmembersdb"; // Temp Database name

//Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect to server");
mysql_select_db("$db_name")or die("cannot select DB");

?>

 

<?php
include('config.php');

// Passkey that got from link
$passkey=$_GET['passkey'];

$tbl_name1="websmart_tempmembersdb";
mysql_select_db($db_tempname)or die("cannot select temp DB");

// Retrieve data from table where row that match this passkey
$sql1="SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'";
$result1=mysql_query($sql1) or die($sql1.mysql_error());
// If successfully queried
if($result1){
   
   // Count how many row has this passkey
   $count=mysql_num_rows($result1);
   // if found this passkey in our database, retrieve data from table "websmart_tempmembersdb"
   if($count==1){
      $rows=mysql_fetch_array($result1);
      $name=$rows['name'];
      $email=$rows['email'];
      $password=$rows['password'];
      $country=$rows['country'];
      
      $tbl_name2="websmart_registeredmembers";
      mysql_select_db($db_name)or die("cannot select main DB");
      // Insert data that retrieves from "websmart_tempmembersdb" into table "websmart_registeredmembers"
      $sql2="INSERT INTO $tbl_name2(name, email, password, country)VALUES('$name', '$email', '$password', '$country')";
      $result2=mysql_query($sql2)or die($sql2.mysql_error());
   }
   
   // if not found passkey, display message "Wrong Confirmation code"
   else {
      echo "Wrong Confirmation code";
   }
   // if successfully moved data from table "websmart_tempmembersdb" to table "registered_members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db"
   if($result2){
   
      echo "Your account has been activated";
      mysql_select_db($db_tempname)or die("cannot select temp DB");
      // Delete information of this user from table "websmart_tempmembersdb" that has this passkey
      $sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'";
      $result3=mysql_query($sql3)or die($sql3.mysql_error());
   }
}
?>

Link to comment
https://forums.phpfreaks.com/topic/174569-sign-up-script/#findComment-920571
Share on other sites

I now receive... 'Cannot sleect DB'

Which appears to be coming from signup-ac.php. I've included the code for this below

<?
include('config.php');

// table name 
$tbl_name=websmart_tempmembersdb;

// Random confirmation code 
$confirm_code=md5(uniqid(rand()));

// values sent from form 
$name=$_POST['name'];
$email=$_POST['email'];
$country=$_POST['country'];

// Insert data into database 
$sql="INSERT INTO $tbl_name(confirm_code, name, email, password, country)VALUES('$confirm_code', '$name', '$email', '$password', '$country')";
$result=mysql_query($sql);

// if suceesfully inserted data into database, send confirmation link to email 
if($result){

// ---------------- SEND MAIL FORM ----------------

// send e-mail to ...
$to=$email;

// Your subject
$subject="Websmartin confirmation link here";

// From
$header="from: Websmartin.co.uk";

// Your message
$message="Your Comfirmation link \r\n";
$message.="Click on the below link to activate your account \r\n";<br>
$message.="http://www.websmartin.co.uk/confirmation.php?passkey=$confirm_code";<br><br>
$message.="Kinds regards,"<br>
$message.="Websmartin"


// send email
$sentmail = mail($to,$subject,$message,$header);

}

// if not found 
else {
echo "Not found your email in our database";
}

// if your email succesfully sent
if($sentmail){
echo "Your Confirmation link Has Been Sent To Your Email Address<br>Please close this window.";
}
else {
echo "Cannot send Confirmation link to your e-mail address";
}

?>

 

Link to comment
https://forums.phpfreaks.com/topic/174569-sign-up-script/#findComment-920574
Share on other sites

okay I just reviewed all of the code, (didn't test it as I don't have the database and i'm too lazy to setup one :P)

 

here's an update

 

<?php
//Config.php
$host="localhost"; // Host name
$username="*****"; // Mysql username
$password="****"; // Mysql password
$db_name="websmart_registeredmembers"; // Main Database name
$db_tempname="websmart_tempmembersdb"; // Temp Database name

$tbl_tempname="websmart_tempmembersdb";
$tbl_membername="websmart_registeredmembers";

//Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect to server");
//mysql_select_db("$db_name")or die("cannot select DB");
?>

 

<?php
//signup-ac.php
include('config.php');

// Random confirmation code
$confirm_code=md5(uniqid(rand()));

// values sent from form
$name=$_POST['name'];
$email=$_POST['email'];
$country=$_POST['country'];

// Insert data into database
$sql=sprintf("INSERT INTO $db_tempname.$tbl_tempname (confirm_code, name, email, password, country)VALUES('%s', '%s', '%s', '%s', '%s')",
$confirm_code,mysql_real_escape_string($name), mysql_real_escape_string($email), mysql_real_escape_string($password), mysql_real_escape_string($country));
$result=mysql_query($sql);

// if suceesfully inserted data into database, send confirmation link to email
if($result){

// ---------------- SEND MAIL FORM ----------------

// send e-mail to ...
$to=$email;

// Your subject
$subject="Websmartin confirmation link here";

// From
$header="from: Websmartin.co.uk";

// Your message
$message="Your Comfirmation link \r\n";
$message.="Click on the below link to activate your account \r\n";
$message.="http://www.websmartin.co.uk/confirmation.php?passkey=$confirm_code";
$message.="Kinds regards,";
$message.="Websmartin";

// send email
$sentmail = mail($to,$subject,$message,$header);

}else {
echo "Not found your email in our database";
}

// if your email succesfully sent
if($sentmail){
echo "Your Confirmation link Has Been Sent To Your Email Address<br>Please close this window.";
}else {
echo "Cannot send Confirmation link to your e-mail address";
}

?>

 

<?php
//Confirmation.php
include('config.php');

// Passkey that got from link
$passkey=$_GET['passkey'];

// Retrieve data from table where row that match this passkey
$sql1=sprintf("SELECT * FROM $db_tempname.$tbl_tempname WHERE confirm_code ='%s'",mysql_real_escape_string($passkey));
$result1=mysql_query($sql1) or die($sql1.mysql_error());
// If successfully queried
if($result1){
   
   // Count how many row has this passkey
   $count=mysql_num_rows($result1);
   // if found this passkey in our database, retrieve data from table "websmart_tempmembersdb"
   if($count==1){
      $rows=mysql_fetch_array($result1);
      $name=$rows['name'];
      $email=$rows['email'];
      $password=$rows['password'];
      $country=$rows['country'];
      
   // Insert data that retrieves from "websmart_tempmembersdb" into table "websmart_registeredmembers"
      $sql2=sprintf("INSERT INTO $db_name.$tbl_membername(name, email, password, country)VALUES('%s', '%s', '%s', '%s')",
      	mysql_real_escape_string($name), mysql_real_escape_string($email), mysql_real_escape_string($password), mysql_real_escape_string($country));
      $result2=mysql_query($sql2)or die($sql2.mysql_error());
   }
   
   // if not found passkey, display message "Wrong Confirmation code"
   else {
      echo "Wrong Confirmation code";
   }
   // if successfully moved data from table "websmart_tempmembersdb" to table "registered_members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db"
   if($result2){
   
      echo "Your account has been activated";
      // Delete information of this user from table "websmart_tempmembersdb" that has this passkey
      $sql3=sprintf("DELETE FROM $db_tempname.$tbl_tempname WHERE confirm_code = '%s'",mysql_real_escape_string($passkey));
      $result3=mysql_query($sql3)or die($sql3.mysql_error());
   }
}
?>

 

EDIT: oops

updated confirmation.php

changed

$db_tempname to $db_name

 

updated to

// Insert data that retrieves from "websmart_tempmembersdb" into table "websmart_registeredmembers"
      $sql2=sprintf("INSERT INTO $db_name.$tbl_membername(name, email, password, country)VALUES('%s', '%s', '%s', '%s')",
      	mysql_real_escape_string($name), mysql_real_escape_string($email), mysql_real_escape_string($password), mysql_real_escape_string($country));
      $result2=mysql_query($sql2)or die($sql2.mysql_error());

Link to comment
https://forums.phpfreaks.com/topic/174569-sign-up-script/#findComment-920584
Share on other sites

HAHA, Cheers mate.

 

Unfortunately I have to dash out, will test the scripts a little later and report back.

 

Many thanks for your help so far, really appreciate it.

 

My next step would be to only to have members sign up for access to part of the site.

 

Speak soon ;)

 

 

Link to comment
https://forums.phpfreaks.com/topic/174569-sign-up-script/#findComment-920598
Share on other sites

This is the other 'tutorial' I used...

 

http://www.phpeasystep.com/mysql/2.html

 

I had a quick read, it okay but was probably written is PHP4 (or by a PHP 4 developer) php 5 is a standard and  6 is out soon.

 

for example

session_is_registered() & session_register() has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 6.0.0. Relying on this feature is highly discouraged.

InFact Use of $_SESSION was preferred, as of PHP 4.1.0

 

so change

session_is_registered('whatever')

to

isset($_SESSION['whatever'])

and

session_register("whatever");

to

$_SESSION['whatever'] = $whatever;

however

session_start();

must be called at the start, so add that to the start of

checklogin.php

login_success.php has it already

 

 

here's some code you could add for a members only page (after that tut)

<?php
stsession_start();
if(!isset($_SESSION['myusername']))
{
die("Ahhha a guest.. Go away!");
}
echo "Hello ".$_SESSION['myusername'];

?>

Link to comment
https://forums.phpfreaks.com/topic/174569-sign-up-script/#findComment-920613
Share on other sites

Hi Richard (madtechie)

Been a little busy since my last post.

ok so, the sign up process scripts and now working, many thanks for that :D

 

This may seem like a stupid question (I'm a novice in PHP) The memonly script, should this be added to the html of those pages that are only to be viewed by registered members?

Will this prompt them with the login box?  :-\

Link to comment
https://forums.phpfreaks.com/topic/174569-sign-up-script/#findComment-922578
Share on other sites

Yes you can put that at the top of any page which is for members only,

i have made a one line update, that will redirect guest to  login.php (update as you see fit)

<?php
stsession_start();
if(!isset($_SESSION['myusername']))
{
//die("Ahhha a guest.. Go away!");
header("Location: login.php");
}
echo "Hello ".$_SESSION['myusername'];

?>

Link to comment
https://forums.phpfreaks.com/topic/174569-sign-up-script/#findComment-922588
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.