need of help

[jwk811]

I'm looking to create a membership database. I'm having many problems with the tutorial here and was wondering if someone who has created one themself or knows about how to, to walk me through the registry part maybe with some sample scripts that I could use.

[drkstr]

Membership database as in a database of users?

I had to cook one up for my php project so threw something together. It won't work by itself since it uses some other classes/functions I wrote, but maybe it will give you an idea on where to start.

note: I'm pretty new to PHP, use at your descretion.
[code]<?php
# user-lib.php (libs)
# functions / classes for kitool users

include_once("$ROOT/kitool-lib.php");

# kitools user class
class User {

  # user data
  private $myName;
  private $myPass;
  private $myLoginStatus;

  # class initialization (default = Null name/password)
  function User( $name = "", $pass = "" ) {
    $this->myName = $name;
    $this->myPass = crypt($pass);
    $this->myLoginStatus = False;
  }

  # return user name
  function getName() {
    return $this->myName;
  }

  # return encrypted password
  function getPass() {
    return $this->myPass;
  }

  function isLoggedIn() {
    return $this->myLoginStatus;
  }

  function changePass( $newpass ) {
    $this->myPass = crypt($newpass);
  }
 
  # reads user from database and assign to this user if password matches
  # Then return True, otherwise returns False
  function loginUser( $name, $pass ) {
 
    $newUser = new User();

    if (! $newUser = readUser($name) ) { #can we get a user from the DB?
      throwError("Invalid username and/or password.", STD);
      return False;
    }
    if ( crypt($pass, $newUser->getPass()) != $newUser->getPass() ) { #does the password match?
      throwError("Invalid username and/or password.", STD);
      return False;
    }

    #get each property of the new user and assign it to this user
    if ( get_class($newUser) != get_class($this) ) {
      throwError("Invalid item recieved from databse, could be corrupted", CRI);
      return False;
    }

    $arUserVars = get_object_vars($newUser);
    foreach ($arUserVars as $key => $data) {
      $this->$key = $data;
    }
    $this->myLoginStatus = True;
    $_SESSION['user'] = serialize($this); #register user in session environment
    return True;
  }

  function logoutUser() {
    $this->myLoginStatus = False;
    $_SESSION['user'] = ""; #unregister user in session environment
  }

}


# add user to data base. returns True if sucsesfull, otherwise false
function addUser( $name, $pass ) {

  $user = new User($name,$pass);

  if ( $dbUsers = dba_open( getUserDBFile(), "c", "gdbm" ) ) {  #can we open database?
    if ( dba_exists($user->getName(), $dbUsers) ) {  #does the user allready exist?
      dba_close($dbUsers);
      throwError("The user $name allready exists", STD);
      return False;
    }
    else {
      dba_insert( $user->getName(), serialize($user), $dbUsers );
      dba_close($dbUsers);
    }
  }
  else {
    throwError("Failed to open user database file for writing", NCR);
    return False;
  }

  return True;  #if all went well
}


# returns user in database that matches name
# or returns False if fialed
function readUser( $name ) {

  $user = new User();
  if ( ! $dbUsers = dba_open( getUserDBFile(), "r", "gdbm" ) ) {
    throwError("Could not open user database file for reading.", CRI);
    return False;
  }

  if ( ! dba_exists($name, $dbUsers) ) {
    dba_close($dbUsers);
    return False;
  }
  else {
    $user = unserialize(dba_fetch( $name, $dbUsers ));
    dba_close($dbUsers);
  }

  return $user;  # all went well
}

#delete selected user.  returns true if sucsessfull, otherwise False
function deleteUser( $name ) {

  if ( ! $dbUsers = dba_open( getUserDBFile(), "w", "gdbm" ) ) {
    throwError("Could not open user database file for writing.", NCR);
    return False;
  }

  if ( ! dba_exists($name, $dbUsers) ) {
    dba_close($dbUsers);
    throwError("User: " .$name. " does not exist in the database.", NCR);
    return False;
  }
  else {
    dba_delete($name, $dbUsers);
    dba_close($dbUsers);
    return Null;
  }

  return True;  #all went well
}

# update user in database returns false if failed,
function updateUser( $user ) {
  $user->logout();  # never save an authenticated login status
  if ( ! $dbUsers = dba_open( getUserDBFile(), "w", "gdbm" ) ) {
    throwError("Could not open user database file for writing.", NCR);
    return False;
  }

  dba_replace($user->getName(), $user, $dbUsers);
  dba_close($dbUsers);
  return True;

}



# returns a sorted array of usernames or False if failed
function retriveAllUserNames() {

  $arNames = array();
  if (! $dbUsers = dba_open( getUserDBFile(), "r", "gdbm" ) ) {
    throwError("Failed to open user database file", NCR);
    return False;
  }
  else { # get each key (username) from database and add to an array
    $strKey = dba_firstkey($dbUsers);
    array_push($arNames,$strKey);
    while ( $strKey = dba_nextkey($dbUsers) ) {
      array_push($arNames,$strKey);
    }
  }
  dba_close($dbUsers);
  sort($arNames);
 
  return $arNames; # all went well
}


?>[/code]

regards,
...drkstr

**edit**
By the way, if any one can offer any improvements, please share

[AdRock]

If you're looking for a registration form I took 2 tutorials and added them together to make the form I wanted

[code]<?php

// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";


// You do not need to edit below this line

$first_name = stripslashes($_POST['first_name']);
$last_name = stripslashes($_POST['last_name']);
$email_address = stripslashes($_POST['email_address']);
$username = stripslashes($_POST['username']);
$password1 = stripslashes($_POST['password1']);
$password2 = stripslashes($_POST['password2']);
$sex = stripslashes($_POST['sex']);

if (!isset($_POST['first_name'])) {

?>
<h2>Member Registration</h2>

<form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <p class="style3"><label for="first_name">First Name:</label>
    <input type="text" title="Please enter your first name" name="first_name" size="30"/></p>

    <p class="style3"><label for="last_name">Second Name:</label>
    <input type="text" title="Please enter your last name" name="last_name" size="30"/></p>

    <p class="style3"><label for="email_address">Email address:</label>
    <input type="text" title="Enter your email address" name="email_address" size="30"/></p>

    <p class="style3"><label for="username">Username:</label>
    <input type="text" title="Please enter a username" name="username" size="30"/></p>

    <p class="style3"><label for="password1"">Password:</label>
    <input type="password" title="Please enter a password" name=password1 size="30"></p>

    <p class="style3"><label for="password2">Re-enter Password:</label>
    <input type="password" title="Please re-enter password" name=password2 size="30"></p>

    <p style="text-align:left"><label for="sex">Sex:</label>
    <input style="border:none" type="radio" value="male" checked name="sex">Male <input style="border:none" type="radio" value="female" name="sex">Female</p>

    <p>For security purposes, please enter the image text shown in the text box below.<br>If you have trouble reading the image, refresh the page to display a new one.</p>

    <p class="style3"><label for="captcha"></label>
    <div class="captcha"><img src="/includes/captcha.php" alt="captcha image"></div></p>

    <p class="style3"><label for="verify">Image text:</label>
    <input type="text" title="Please enter the image text" name="verify" id="verify" size="6"/></p>

    <p class="style3"><label for="submit">&nbsp</label>
    <input type="submit" value="Register" class="submit-button"/>

</form>

<?php

}

elseif (empty($first_name) || empty($last_name) || empty($email_address) || empty($username) || empty($password1) || empty($password2) || empty($_POST['verify']) && $_POST['verify'] == $_SESSION['captchstr']) {

    echo $empty_fields_message;

}

else {

    // Stop the form being used from an external URL
    // Get the referring URL
    $referer = $_SERVER['HTTP_REFERER'];
    // Get the URL of this page
    $this_url = "http://".$_SERVER['HTTP_HOST'].$_SERVER["REQUEST_URI"];
    // If the referring URL and the URL of this page don't match then
    // display a message and don't send the email.
    if ($referer != $this_url) {
        echo "You do not have permission to use this script from another URL.";
        exit;
    }

include 'includes/connection.php';

$status = "OK";
$msg="";

// if userid is less than 3 char then status is not ok
if(!isset($username) or strlen($username) <3){
$msg=$msg."Username should be 3 or more characters in length<BR>";
$status= "NOTOK";}

if(mysql_num_rows(mysql_query("SELECT username FROM users WHERE username = '$username'"))){
$msg=$msg."The username you have selected has already been used by another member in our database. Please choose a different Username!<BR>";
$status= "NOTOK";}

if(mysql_num_rows(mysql_query("SELECT email_address FROM users WHERE email_address = '$email_address'"))){
$msg=$msg."Your email address has already been used by another member in our database. Please submit a different Email address!!<BR>";
$status= "NOTOK";}

if ( strlen($password1) < 3 ){
$msg=$msg."Password must be more than 3 characters in legth<BR>";
$status= "NOTOK";}

if (strcmp( $password1,$password2 ) !=0){
$msg=$msg."Both passwords do not match<BR>";
$status= "NOTOK";}

if($status<>"OK"){
  echo "<font face='Verdana' size='2' color=red>$msg</font><br><input type='button' class='submit-button' value='Retry' onClick='javascript:history.go(-1)'>";
  exit();
  }
else
  {
   

$db_password = md5($password1);

// Enter info into the Database. 
$sql = mysql_query("INSERT INTO users (first_name, last_name, 
        email_address, username, password, sex, signup_date)
        VALUES('$first_name', '$last_name', '$email_address', 
        '$username', '$db_password', '$sex', now())") 
        or die (mysql_error());

if(!$sql){
    echo 'There has been an error creating your account. Please contact the webmaster.';
} else {
    $userid = mysql_insert_id();
    // Let's mail the user!
    $subject = "Your Membership at Jack Godfrey Honeylands Support Fund!";
    $message = "Dear $first_name $last_name,

Thank you for registering at our website, http://www.jackgodfrey.org.uk!
   
You are two steps away from logging in and accessing our exclusive members area.
   
To activate your membership, 
please click here: http://www.jackgodfrey.org.uk/users/activate.php?id=$userid&code=$db_password
   
Once you activate your memebership, you will be able to login
with the following information:
Username: $username
Password: $password1
   
Thanks!
The Webmaster
   
This is an automated response, please do not reply!";
   
mail($email_address, $subject, $message, 
    "From: jackgodfrey.org.uk Webmaster<[email protected]>\n
    X-Mailer: PHP/" . phpversion());
echo 'Your membership information has been mailed to your email address! 
Please check it and follow the directions!';
}
}   
}

?>[/code]

I have used some css to lay out the form how i wanted

In this line of code I had a cpatcha image where the user has to enter the image text before they can register
[code]elseif (empty($first_name) || empty($last_name) || empty($email_address) || empty($username) || empty($password1) || empty($password2) || empty($_POST['verify']) && $_POST['verify'] == $_SESSION['captchstr']) {[/code]

[jwk811]

Is this the script that the registry form is directed to?

[AdRock]

After the user has registered and is sent an activation email they click the link to activate their account

This script activates their account so they can login
[url=http://<?
/* Account activation script */

// Get database connection
include '../includes/connection.php';

// Create variables from URL.

$userid = $_REQUEST['id'];
$code = $_REQUEST['code'];

$sql = mysql_query("UPDATE users SET activated='1' WHERE userid='$userid' AND password='$code'");

$sql_doublecheck = mysql_query("SELECT * FROM users WHERE userid='$userid' AND password='$code' AND activated='1'");
$doublecheck = mysql_num_rows($sql_doublecheck);

if($doublecheck == 0){
    echo "<strong><font color=red>Your account could not be activated!</font></strong>";
} elseif ($doublecheck > 0) {
    echo "<strong>Your account has been activated!</strong> Click <a href='http://yoursite.com/login.php'>here</a> to log in!<br />";
   
}

?>]<?
/* Account activation script */

// Get database connection
include '../includes/connection.php';

// Create variables from URL.

$userid = $_REQUEST['id'];
$code = $_REQUEST['code'];

$sql = mysql_query("UPDATE users SET activated='1' WHERE userid='$userid' AND password='$code'");

$sql_doublecheck = mysql_query("SELECT * FROM users WHERE userid='$userid' AND password='$code' AND activated='1'");
$doublecheck = mysql_num_rows($sql_doublecheck);

if($doublecheck == 0){
    echo "<strong><font color=red>Your account could not be activated!</font></strong>";
} elseif ($doublecheck > 0) {
    echo "<strong>Your account has been activated!</strong> Click <a href='http://yoursite.com/login.php'>here</a> to log in!<br />";
   
}

?>[/url]


I changed some of the code in this tutorial to how i want it but htis may help you
[url=http://www.phpfreaks.com/tutorials/40/0.php]http://www.phpfreaks.com/tutorials/40/0.php[/url]