Jump to content

Recommended Posts

Ok,

3rd post on same topic...

I have managed to let the user complete a registration form, send a confirmation e-mail and link back successful but...

If I look at the database, the password is the same as the database password and not of the users selected/preferred password

 

So I changed my var values etc. but no avail...

 

Please check if you can see anything

THE FORM: signup.php

<html>
<head></head>
<body>
<table border="1" align="center" cellpadding="0" cellspacing="0" bgcolor="#DEDEDE" bordercolor="#000000">
<tr>
<td><form name="form1" method="post" action="signup_ac.php">
<table border="0" cellspacing="4" cellpadding="0">
<tr>
<td colspan="3" align="center"><strong>Register</strong></td>
</tr>
<tr>
<td width="150">Name</td>
<td width="3">:</td>
<td width="305"><input name="name" type="text" id="name" size="30"></td>
</tr>
<tr>
<td>E-mail</td>
<td>:</td>
<td><input name="email" type="text" id="email" size="30"></td>
</tr>
<tr>
<td>Password / Mem. No</td>
<td>:</td>
<td><input name="password" type="password" id="password" size="30" ></td>
</tr>
<tr>
<td>State / Province</td>
<td>:</td>
<td><input name="country" type="text" id="country" size="30"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Submit">  
<input type="reset" name="Reset" value="Reset"></td>
</tr>
</table>
</form></td>
</tr>
</table>
</body>
</html>

No Problem

then, THE FORM HANDLER: SIGNUP_AC.PHP

<?
require_once('config2.php');
//include('config.php');

// table name
$tbl_name=temp_members_db;

// Random confirmation code
$confirm_code=md5(uniqid(rand()));

// values sent from form
$name=$_POST['name'];
$email=$_POST['email'];
$country=$_POST['country'];

// Insert data into database
$sql="INSERT INTO $tbl_name(confirm_code, name, email, password, country)VALUES('$confirm_code', '$name', '$email', '$password', '$country')";
$result=mysql_query($sql) or die(mysql_error());

// if suceesfully inserted data into database, send confirmation link to email
if($result){

// ---------------- SEND MAIL FORM ----------------

// send e-mail to ...
$to=$email;


// Your subject
$subject="Your confirmation link";

// From
$header="from: DO-NOT-Reply@pssanw.co.za";

// Your message
$message="Your Comfirmation link \r\n";
$message.="Click on this link to activate your account \r\n";
$message.="http://www.pssanw.co.za/php/cpd/confirmation.php?passkey=$confirm_code";

// send email

$sentmail = mail($to,$subject,$message,$header);

}

// if not found
else {
echo "Not found your email in our database";
}

// if your email succesfully sent
if($sentmail){
echo "Your Confirmation link Has Been Sent To Your Email Address.";
}
else {
echo "Cannot send Confirmation link to your e-mail address";
}

?>

No Problem, the confirmation link incl. passkey is sent to [$email](User e-mail)

Get the link and click on it...

CONFIRMATION.PHP:

ok, first things first... I had trouble where I got an error that the temp_db does not have the correct row etc, etc, etc so I tried using a session and destroy the session after the script. That did n`t work. Then I simply connect to db, disconnect and connect again to the 2nd db... please see below

<?

require_once('config2.php');  //I have tried to take out this line     /*this is the connection strings, username and passwords to the DB*/
include('config.php');  //I have tried to take out this line
//I have tried to take out both these lines above

// Passkey that got from link
$passkey=$_GET['passkey'];

$tbl_name1="temp_members_db";

//**********************My connect to db...

$host="localhost"; // Host name
$username="username"; // Mysql username
$pass="db_password"; // Mysql password
$db_name="pharmacz_tempMEM"; // Database name

//Connect to server and select database.
mysql_connect("$host", "$username", "$pass")or die("cannot connect to server");
mysql_select_db("$db_name")or die("cannot select DB");

//*****************************************

// Retrieve data from table where row that match this passkey
$sql1="SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'";
$result1=mysql_query($sql1)or die(mysql_error());

// If successfully queried
if($result1){

// Count how many row has this passkey
$count=mysql_num_rows($result1);

// if found this passkey in our database, retrieve data from table "temp_members_db"
if($count==1){

$rows=mysql_fetch_array($result1);
$name=$rows['name'];
$email=$rows['email'];
$password=$rows['password'];
$country=$rows['country'];

mysql_close();  //disconnect from db

//new connection to 2nd db
$host2="localhost"; // Host name
$username2="username"; // Mysql username
$pass2="db_password"; // Mysql password
$db_name2="pharmacz_regMEM"; // Database name


//Connect to server and select database.
mysql_connect("$host2", "$username2", "$pass2")or die("cannot connect to server");
mysql_select_db("$db_name2")or die("cannot select DB");
$tbl_name2="registered_members";

// Insert data that retrieves from "temp_members_db" into table "registered_members"
$sql2="INSERT INTO $tbl_name2(name, email, password, country)VALUES('$name', '$email', '$password', '$country')";
$result2=mysql_query($sql2)or die(mysql_error());
}

// if not found passkey, display message "Wrong Confirmation code"
else {
echo "Wrong Confirmation code";
}

// if successfully moved data from table"temp_members_db" to table "registered_members" displays message "Your account has been activated"
//delete confirmation code from table "temp_members_db"
if($result2){

echo "Your account has been activated";

// Delete information of this user from table "temp_members_db" that has this passkey
$sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'";
$result3=mysql_query($sql3);

}

}
mysql_close();//close 2nd connection
?>

again, I get the message: "Your account has been activated" but the user password is the same as my db password

please help...

I'm 2 stupid  8)

 

Link to comment
https://forums.phpfreaks.com/topic/205036-mysql-password-in-user-var/
Share on other sites

In SIGNUP_AC.PHP, your INSERT statement inserts a variable called $password. Where is this variable defined?

Yes, That is the password of the user [$password]

But $pass and $pass2 is the vars to connect to the db'S in CONFIRM.PHP only after the confirmation link are clicked

 

In SIGNUP_AC.PHP, your INSERT statement inserts a variable called $password. Where is this variable defined?

Yes, That is the password of the user [$password]

But $pass and $pass2 is the vars to connect to the db'S in CONFIRM.PHP only after the confirmation link are clicked

 

 

Well, I don't see it defined anywhere in that script.

In SIGNUP_AC.PHP, your INSERT statement inserts a variable called $password. Where is this variable defined?

Yes, That is the password of the user [$password]

But $pass and $pass2 is the vars to connect to the db'S in CONFIRM.PHP only after the confirmation link are clicked

 

 

Well, I don't see it defined anywhere in that script.

1st instance

//**********************My connect to db...

$host="localhost"; // Host name
$username="username"; // Mysql username
$pass="db_password"; // Mysql password
$db_name="pharmacz_tempMEM"; // Database name

//Connect to server and select database.
mysql_connect("$host", "$username", "$pass")or die("cannot connect to server");
mysql_select_db("$db_name")or die("cannot select DB");

//*****************************************

So, I need to add it in the signup_ac.php?

Why do I have to include // require the config files which is:

<?

$host="localhost"; // Host name
$username="MySqlUsername"; // Mysql username
$pasw="MySqlPassword"; // Mysql password
$db_name="MySqlDataBaseName"; // Database name

//Connect to server and select database.
mysql_connect("$host", "$username", "$pasw")or die("cannot connect to server");
mysql_select_db("$db_name")or die("cannot select DB");

?> 

and the same for config2 which is the 2nd db...

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.