Jump to content

Archived

This topic is now archived and is closed to further replies.

wastedthelight

Word Verification on form

Recommended Posts

Hi, I would like to add a word verifciation password to my user sign up.

What this will do is when a user signs up, they have to have the password to put into a field to continue or the script stops and displays Verification error.  This password/code can be put in the PHP file.  The field is called estaffcode on the form.

Thanks.

Share this post


Link to post
Share on other sites
[code]<?php
$the_password = "wombat"; // define the secret word
if ($_POST['estaffcode']!=$the_password) {
    die("Verification Error");
}[/code]

That should help, assuming your form uses the method="post".

Share this post


Link to post
Share on other sites
[quote author=AndyB link=topic=110195.msg444970#msg444970 date=1159753280]
[code]<?php
$the_password = "wombat"; // define the secret word
if ($_POST['estaffcode']!=$the_password) {
    die("Verification Error");
}[/code]

That should help, assuming your form uses the method="post".
[/quote]

Thanks for such a quick reply, however i can't seem to get it to work.  Changed stuff around and played with it but I figure it may be different for how my script is coded so here is the section:

[code]
//--------------------------------------
// [New Registration]
//--------------------------------------
if(!isset($_POST['register']))
{
echo "
<img src=\"images/radioxdjreg.jpg\"><br /><br />
<form action='register.php?action=new' method='POST'>
DJ Name: <br />
<input type='text' name='username' class='register_box'>
<br /><br />
Email: <br />
<input type='text' name='email' class='register_box'>
<br /><br />
Password: <br />
<input type='password' name='password' class='register_box'>
<br />
<br />
<br />
E-Staff Authorization Code: <br />
<input type='password' name='estaffcode' class='register_box'>
<br /><br /><br />
<input type='submit' name='register' value='New Registration!' class='register_box'>
</form>
";
}
elseif(isset($_POST['register']))
{
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$email = mysql_real_escape_string($_POST['email']);
$activation_code = generateCode(25);
$userq = "SELECT username FROM user_system WHERE username = '$username' LIMIT 1";
$emailq = "SELECT email FROM user_system WHERE email = '$email' LIMIT 1";
//put errors into an array
$errors = array();
if(empty($username))
{
$errors[] = "The username field was blank! <br />";
}
if(mysql_num_rows(mysql_query($userq)) > 0)
{
$errors[] = "The username given is already in use! Please try another one! <br />";
}
if(empty($password))
{
$errors[] = "The password field was blank! <br />";
}
if(empty($email))
{
$errors[] = "The email field was blank! <br />";
}
if(mysql_num_rows(mysql_query($emailq)) > 0)
{
$errors[] = "The email given is already in use! Please try another one! <br />";
}
if(count($errors) > 0)
{
foreach($errors as $err)
{
echo $err;
}
}[/code]

Share this post


Link to post
Share on other sites
Don't know what's not working since you don't post your current code - but Give this a go!

[code]
<?php

elseif(isset($_POST['register']))
{
//put errors into an array
$errors = array();
$set_estaffcode = "wombat";

if(!empty($_POST['estaffcode']))
{
if($_POST['estaffcode']==$set_estaffcode)
{
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$email = mysql_real_escape_string($_POST['email']);
$activation_code = generateCode(25);
$userq = "SELECT username FROM user_system WHERE username = '$username' LIMIT 1";
$emailq = "SELECT email FROM user_system WHERE email = '$email' LIMIT 1";
}
else
{
$errors[] = "E-Staff Authorization Code not Valid! <br />";
}
}
else
{
$errors[] = "E-Staff Authorization Code was blank! <br />";
}
if(empty($username))
{
$errors[] = "The username field was blank! <br />";
}
if(mysql_num_rows(mysql_query($userq)) > 0)
{
$errors[] = "The username given is already in use! Please try another one! <br />";
}
if(empty($password))
{
$errors[] = "The password field was blank! <br />";
}
if(empty($email))
{
$errors[] = "The email field was blank! <br />";
}
if(mysql_num_rows(mysql_query($emailq)) > 0)
{
$errors[] = "The email given is already in use! Please try another one! <br />";
}
if(count($errors) > 0)
{
foreach($errors as $err)
{
echo $err;
}
}
}

?>
[/code]

Share this post


Link to post
Share on other sites
Thanks but didn't work.
got:
Parse error: syntax error, unexpected T_CASE in C:\Inetpub\wwwroot\djs\register.php on line 134

[code]<?php
require("config.php");
require("functions.php");
//echo some styles to spice it up...
echo "
<style>
body
{
background: #000000;
font-family: Verdana, Arial;
font-weight: bold;
font-size: 9px;
color: #FFFFFF;
}
.register_box
{
border: 1px solid #323232;
background: #202020;
font-family: Verdana, Arial;
font-weight: bold;
font-size: 9px;
color: #FFFFFF;
}
</style>
";
switch($_GET['action'])
{
case "new":

//--------------------------------------
// [New Registration]
//--------------------------------------
if(!isset($_POST['register']))
{
echo "
<img src=\"images/djreg.jpg\"><br /><br />
<form action='register.php?action=new' method='POST'>
DJ Name: <br />
<input type='text' name='username' class='register_box'>
<br /><br />
Email: <br />
<input type='text' name='email' class='register_box'>
<br /><br />
Password: <br />
<input type='password' name='password' class='register_box'>
<br />
<br />
<br />
E-Staff Authorization Code: <br />
<input type='password' name='estaffcode' class='register_box'>
<br /><br /><br />
<input type='submit' name='register' value='New Registration!' class='register_box'>
</form>
";
}
elseif(isset($_POST['register']))
{
//put errors into an array
$errors = array();
$set_estaffcode = "wombat";

if(!empty($_POST['estaffcode']))
{
if($_POST['estaffcode']==$set_estaffcode)
{
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$email = mysql_real_escape_string($_POST['email']);
$activation_code = generateCode(25);
$userq = "SELECT username FROM user_system WHERE username = '$username' LIMIT 1";
$emailq = "SELECT email FROM user_system WHERE email = '$email' LIMIT 1";
}
else
{
$errors[] = "E-Staff Authorization Code not Valid! <br />";
}
}
else
{
$errors[] = "E-Staff Authorization Code was blank! <br />";
}
if(empty($username))
{
$errors[] = "The username field was blank! <br />";
}
if(mysql_num_rows(mysql_query($userq)) > 0)
{
$errors[] = "The username given is already in use! Please try another one! <br />";
}
if(empty($password))
{
$errors[] = "The password field was blank! <br />";
}
if(empty($email))
{
$errors[] = "The email field was blank! <br />";
}
if(mysql_num_rows(mysql_query($emailq)) > 0)
{
$errors[] = "The email given is already in use! Please try another one! <br />";
}
if(count($errors) > 0)
{
foreach($errors as $err)
{
echo $err;
}
}
}

else
{
$sqlq = "INSERT INTO user_system (username, password, email, is_activated, activation_code)";
$sqlq .= "VALUES ('$username', '".md5($password)."', '$email', '0', '$activation_code')";
mysql_query($sqlq) or die(mysql_error());
echo "Thanks for registering!
You will recieve an email shortly containing your validation code,
and a link to activate your account!";
mail($email, "New Registration, www.WUPX.com", "
Thanks for registering on SITE NAME.
Here are your login details:
Username: ".$username."
Password: ".$password."
In order to login and gain full access, you must validate your account.
Click here to validate:
http://www.wupx.com/djs/register.php?action=activate&user=".$username."&code=".$activation_code."
Thanks!
[Webmaster]
");
}
}
break;

case "activate":
//--------------------------------------
// [Activate Account]
//--------------------------------------
if(isset($_GET['user']) && isset($_GET['code']))
{
$username = mysql_real_escape_string($_GET['user']);
if(mysql_num_rows(mysql_query("SELECT id FROM user_system WHERE username = '$username'")) == 0)
{
echo "That username is not in the database!";
}
else
{
$activate_query = "SELECT is_activated FROM user_system WHERE username = '$username'";
$is_already_activated = mysql_fetch_object(mysql_query($activate_query)) or die(mysql_error());
if($is_already_activated->is_activated == 1)
{
echo "This user is already activated!";
}
else
{
$code = mysql_real_escape_string($_GET['code']);
$code_query = "SELECT activation_code FROM user_system WHERE username = '$username' LIMIT 1";
$check_code = mysql_fetch_object(mysql_query($code_query)) or die(mysql_error());
if($code == $check_code->activation_code)
{
$update = "UPDATE user_system SET is_activated = '1' WHERE username = '$username'";
mysql_query($update) or die(mysql_error());
echo "User $username has been activated! Thanks! You may now login!";
}
else
{
echo "The activation code was wrong! Please try again!";
}
}
}
}
else
{
echo "No ID or user given to activate!";
}
break;

}
?>[/code]

Share this post


Link to post
Share on other sites
You have a misplaced closing bracked in your switch-statement, Remove that and it seems good to go..:

[color=red]}[/color]
break;

case "activate":

Share this post


Link to post
Share on other sites
Thanks Alpine, everything works great other then some SQL errors if the code isnt correct, no big deal though, i can figure that one out. Thanks!
[quote author=alpine link=topic=110195.msg446305#msg446305 date=1159908241]
You have a misplaced closing bracked in your switch-statement, Remove that and it seems good to go..:

[color=red]}[/color]
break;

case "activate":

[/quote]

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.