Email confirmation after form submit

[ijp]

I have a signup form that registers people on our website. I'd like to insert some code into it that will send out a confirmation email after they click on submit which can greet them by their first name AND give them a password in order to login to our website. The password needs to be unique to that person so whether it's some sort of sequential counter or uses a combination of the other form inputs (such as last name & tel no etc) eg brown2347869 it just needs to be something easy enough for them to remember for future reference.

 

The last thing (and I know it's a little strange) is that I'd like the confirmation email delayed for 5 or 10 mins before they receive it.

 

If anyone can help me with all 3 problems or even just one of them I would be really grateful.

 

The form is as follows...

 

 

<?php

 

session_start();

    $_SESSION['username'] = $access_login;

 

 

// load settings

include_once('sett.php');

 

 

class_signup_form {

 

  function_signup_form() {

 

    $this->error = '';

    $this->login = '';

    $this->email = '';

 

    if (USE_EMAIL && !USE_USERNAME)

      die('"USE_USERNAME" must be set to "true" when "USE_EMAIL" is set to "true"');

  }

 

  function parse_user_input() {

    $this->login = isset($_POST['access_login']) ? $_POST['access_login'] : '';

    $this->pass = $_POST['access_password'];

    $this->email = LOGIN_AS_EMAIL

                ? $this->login

                : (isset($_POST['access_email']) ? $_POST['access_email'] : '');

$this->redirect = $_POST['landing'];

$this->firstname = $_POST['firstname'];

$this->lastname = $_POST['lastname'];

$this->telephone = $_POST['telephone'];

   

 

// remove suspicious characters

    $remove_chars = array("\n","\r", "\r\n", '"', "'", '&','<','>',',','/', '\\');

    $this->login = str_replace($remove_chars, '', $this->login);

    $this->pass = str_replace($remove_chars, '', $this->pass);

    // convert to lowercase

    $this->email = strtolower(str_replace($remove_chars, '', $this->email));

  }

 

  function showSignupPasswordProtect() {

    include('header.php');

    include('form.php');

    include('footer.php');

  }

 

 

  function validate_user_input() {

 

// login validation

    if ($this->firstname === '') {

      $this->error = "Please enter your First Name.";

      return false;

    }

 

// login validation

    if ($this->lastname === '') {

      $this->error = "Please enter your Last Name.";

      return false;

    }

 

// email validation

    if (USE_EMAIL && preg_match('/[a-z0-9._%+-]+@[a-z0-9.-]+\.[a-z]{2,4}/', $this->email)

 

== 0) {

      $this->error = "Invalid email.";

      return false;

    }

 

 

// login validation

    if ($this->telephone === '') {

      $this->error = "Please enter your Telephone Number.";

      return false;

    }

 

   

 

 

  }

 

 

  function load_users_list() {

    // list of users

    $users = @file(USERS_LIST_FILE);

    if ($users) {

      // remove php "die" statement (hackers protection)

      unset($users[0]);

    }

 

    // prepare users list

    $this->LOGIN_INFORMATION = array();

    foreach ($users as $user) {

      $u = explode(',',$user);

      $this->LOGIN_INFORMATION[trim($u[0])] = trim($u[1]);

    }

  }

 

  function validate_user() {

    // check if user exists

    foreach($this->LOGIN_INFORMATION as $key => $value) {

      if ($key == $this->login) {

        $this->error = "Username $key already taken.";

        return false;

      }

    }

  }

 

 

  function save_user() {

    // save user to database

    $fusers = fopen(USERS_LIST_FILE,'a+');

    if (!$fusers) {

      $this->error = "Cannot add user to database.";

      return false;

    }

    fputs($fusers, "\n" . $this->login. ','. $this->pass. ','. $this->email.

 

','.$this->redirect. ','.$this->firstname. ','. $this->lastname. ','. $this->telephone);

    fclose($fusers);

  }

 

  function redirect() {

    header('Location: ' . THANKS_URL);

    exit();

  }

 

}

 

 

 

$signup_form_instance = new_signup_form();

 

if (isset($_POST['access_password'])) {

 

  while (true) {

    $signup_form_instance->parse_user_input();

    if ($signup_form_instance->error) break;

 

    $signup_form_instance->validate_user_input();

    if ($signup_form_instance->error) break;

 

    $signup_form_instance->load_users_list();

    if ($signup_form_instance->error) break;

 

    $signup_form_instance->validate_user();

    if ($signup_form_instance->error) break;

 

    $signup_form_instance->save_user();

    if ($signup_form_instance->error) break;

 

    $signup_form_instance->redirect();

 

    break;

  }

 

  if ($signup_form_instance->error) $signup_form_instance->showSignupPasswordProtect();

 

}

else {

 

  // show signup form

  $signup_form_instance->showSignupPasswordProtect();

 

   

}

 

 

 

?>

[jl5501]

The sending of the email is relatively straight forward. Look at the manual for the mail() function to see the details.

 

There are many ways in which you could generate the password. Having the first few chars from the user name with a random number on the end is one good way to go and you can do that with

substr() on the user name as append the output of rand() or uniqid() to that.

 

As far as the delay is concerned, then I would add the new user to the database, and set a 'newuser' flag. Then, the script that does all the above including sending the email, could be run by cron every 10 minutes and process all users with the 'newuser' flag set. It would send the emails and of course, reset the 'newuser' flag.

[ijp]

Thanks for your help. That gives me a great starting point. I'm relatively new to php so I'll have to read up on those functions and see how I can put it all together.

 

 

 

[ijp]

I've been working on the password problem.. One question I hope someone can help me with. For simplicity I'm just using substr to create the password from the first name and the first 2 letters of the last name which I can easily do when it has fixed values such as..

 

<?php

echo substr("John",0);

echo substr("Smith",0,2);

?>

 

After submitting the form I now have JohnSm appearing in the password column in my database.

 

Of course the actual values are the names being typed into the form. How do I rework the above code using the first & last name inputs from the form? Does the substr code need to be on the same page as the javascript form with the submit button or does it have to be on the php page I have shown above that goes into action once the form has been submitted?

[jl5501]

Your code to generate passwords is fine and it can work on the page handling the POST from the form.

 

If, like your example, you want to use the whole firstname and the 1st 2 chars from the lastname then you do this.

<?php
$newpassword =  substr($_POST['firstname'],0) . substr($_POST['lastname'],0,2);
?>

 

after your server-side checks to confirm that your required fields have been filled in

 

 

[ijp]

Thanks for that. I really appreciate your speedy replies. As a result I've now got a functioning form that creates it's own passwords and then sends an email out with the login details so first 2 problems solved!

 

However, I'm still a little unsure about the 'newuser flag' that you mentioned and how I go about doing that.

 

I also have another question - I currently have a javascript form page with input boxes and a submit button. When the submit button is pressed the php script that has all the code I have been working on (sending out the emails and creating the password) does it's job and then the client gets a "thank you for registering" confirmation page. If I have the cron running that script every 10 mins am I right in thinking that it would also take 10 mins for that confirmation page to appear or is that not how it works?