Jump to content

Word Verification on form


wastedthelight

Recommended Posts

Hi, I would like to add a word verifciation password to my user sign up.

What this will do is when a user signs up, they have to have the password to put into a field to continue or the script stops and displays Verification error.  This password/code can be put in the PHP file.  The field is called estaffcode on the form.

Thanks.
Link to comment
Share on other sites

[quote author=AndyB link=topic=110195.msg444970#msg444970 date=1159753280]
[code]<?php
$the_password = "wombat"; // define the secret word
if ($_POST['estaffcode']!=$the_password) {
    die("Verification Error");
}[/code]

That should help, assuming your form uses the method="post".
[/quote]

Thanks for such a quick reply, however i can't seem to get it to work.  Changed stuff around and played with it but I figure it may be different for how my script is coded so here is the section:

[code]
//--------------------------------------
// [New Registration]
//--------------------------------------
if(!isset($_POST['register']))
{
echo "
<img src=\"images/radioxdjreg.jpg\"><br /><br />
<form action='register.php?action=new' method='POST'>
DJ Name: <br />
<input type='text' name='username' class='register_box'>
<br /><br />
Email: <br />
<input type='text' name='email' class='register_box'>
<br /><br />
Password: <br />
<input type='password' name='password' class='register_box'>
<br />
<br />
<br />
E-Staff Authorization Code: <br />
<input type='password' name='estaffcode' class='register_box'>
<br /><br /><br />
<input type='submit' name='register' value='New Registration!' class='register_box'>
</form>
";
}
elseif(isset($_POST['register']))
{
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$email = mysql_real_escape_string($_POST['email']);
$activation_code = generateCode(25);
$userq = "SELECT username FROM user_system WHERE username = '$username' LIMIT 1";
$emailq = "SELECT email FROM user_system WHERE email = '$email' LIMIT 1";
//put errors into an array
$errors = array();
if(empty($username))
{
$errors[] = "The username field was blank! <br />";
}
if(mysql_num_rows(mysql_query($userq)) > 0)
{
$errors[] = "The username given is already in use! Please try another one! <br />";
}
if(empty($password))
{
$errors[] = "The password field was blank! <br />";
}
if(empty($email))
{
$errors[] = "The email field was blank! <br />";
}
if(mysql_num_rows(mysql_query($emailq)) > 0)
{
$errors[] = "The email given is already in use! Please try another one! <br />";
}
if(count($errors) > 0)
{
foreach($errors as $err)
{
echo $err;
}
}[/code]
Link to comment
Share on other sites

Don't know what's not working since you don't post your current code - but Give this a go!

[code]
<?php

elseif(isset($_POST['register']))
{
//put errors into an array
$errors = array();
$set_estaffcode = "wombat";

if(!empty($_POST['estaffcode']))
{
if($_POST['estaffcode']==$set_estaffcode)
{
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$email = mysql_real_escape_string($_POST['email']);
$activation_code = generateCode(25);
$userq = "SELECT username FROM user_system WHERE username = '$username' LIMIT 1";
$emailq = "SELECT email FROM user_system WHERE email = '$email' LIMIT 1";
}
else
{
$errors[] = "E-Staff Authorization Code not Valid! <br />";
}
}
else
{
$errors[] = "E-Staff Authorization Code was blank! <br />";
}
if(empty($username))
{
$errors[] = "The username field was blank! <br />";
}
if(mysql_num_rows(mysql_query($userq)) > 0)
{
$errors[] = "The username given is already in use! Please try another one! <br />";
}
if(empty($password))
{
$errors[] = "The password field was blank! <br />";
}
if(empty($email))
{
$errors[] = "The email field was blank! <br />";
}
if(mysql_num_rows(mysql_query($emailq)) > 0)
{
$errors[] = "The email given is already in use! Please try another one! <br />";
}
if(count($errors) > 0)
{
foreach($errors as $err)
{
echo $err;
}
}
}

?>
[/code]
Link to comment
Share on other sites

Thanks but didn't work.
got:
Parse error: syntax error, unexpected T_CASE in C:\Inetpub\wwwroot\djs\register.php on line 134

[code]<?php
require("config.php");
require("functions.php");
//echo some styles to spice it up...
echo "
<style>
body
{
background: #000000;
font-family: Verdana, Arial;
font-weight: bold;
font-size: 9px;
color: #FFFFFF;
}
.register_box
{
border: 1px solid #323232;
background: #202020;
font-family: Verdana, Arial;
font-weight: bold;
font-size: 9px;
color: #FFFFFF;
}
</style>
";
switch($_GET['action'])
{
case "new":

//--------------------------------------
// [New Registration]
//--------------------------------------
if(!isset($_POST['register']))
{
echo "
<img src=\"images/djreg.jpg\"><br /><br />
<form action='register.php?action=new' method='POST'>
DJ Name: <br />
<input type='text' name='username' class='register_box'>
<br /><br />
Email: <br />
<input type='text' name='email' class='register_box'>
<br /><br />
Password: <br />
<input type='password' name='password' class='register_box'>
<br />
<br />
<br />
E-Staff Authorization Code: <br />
<input type='password' name='estaffcode' class='register_box'>
<br /><br /><br />
<input type='submit' name='register' value='New Registration!' class='register_box'>
</form>
";
}
elseif(isset($_POST['register']))
{
//put errors into an array
$errors = array();
$set_estaffcode = "wombat";

if(!empty($_POST['estaffcode']))
{
if($_POST['estaffcode']==$set_estaffcode)
{
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$email = mysql_real_escape_string($_POST['email']);
$activation_code = generateCode(25);
$userq = "SELECT username FROM user_system WHERE username = '$username' LIMIT 1";
$emailq = "SELECT email FROM user_system WHERE email = '$email' LIMIT 1";
}
else
{
$errors[] = "E-Staff Authorization Code not Valid! <br />";
}
}
else
{
$errors[] = "E-Staff Authorization Code was blank! <br />";
}
if(empty($username))
{
$errors[] = "The username field was blank! <br />";
}
if(mysql_num_rows(mysql_query($userq)) > 0)
{
$errors[] = "The username given is already in use! Please try another one! <br />";
}
if(empty($password))
{
$errors[] = "The password field was blank! <br />";
}
if(empty($email))
{
$errors[] = "The email field was blank! <br />";
}
if(mysql_num_rows(mysql_query($emailq)) > 0)
{
$errors[] = "The email given is already in use! Please try another one! <br />";
}
if(count($errors) > 0)
{
foreach($errors as $err)
{
echo $err;
}
}
}

else
{
$sqlq = "INSERT INTO user_system (username, password, email, is_activated, activation_code)";
$sqlq .= "VALUES ('$username', '".md5($password)."', '$email', '0', '$activation_code')";
mysql_query($sqlq) or die(mysql_error());
echo "Thanks for registering!
You will recieve an email shortly containing your validation code,
and a link to activate your account!";
mail($email, "New Registration, www.WUPX.com", "
Thanks for registering on SITE NAME.
Here are your login details:
Username: ".$username."
Password: ".$password."
In order to login and gain full access, you must validate your account.
Click here to validate:
http://www.wupx.com/djs/register.php?action=activate&user=".$username."&code=".$activation_code."
Thanks!
[Webmaster]
");
}
}
break;

case "activate":
//--------------------------------------
// [Activate Account]
//--------------------------------------
if(isset($_GET['user']) && isset($_GET['code']))
{
$username = mysql_real_escape_string($_GET['user']);
if(mysql_num_rows(mysql_query("SELECT id FROM user_system WHERE username = '$username'")) == 0)
{
echo "That username is not in the database!";
}
else
{
$activate_query = "SELECT is_activated FROM user_system WHERE username = '$username'";
$is_already_activated = mysql_fetch_object(mysql_query($activate_query)) or die(mysql_error());
if($is_already_activated->is_activated == 1)
{
echo "This user is already activated!";
}
else
{
$code = mysql_real_escape_string($_GET['code']);
$code_query = "SELECT activation_code FROM user_system WHERE username = '$username' LIMIT 1";
$check_code = mysql_fetch_object(mysql_query($code_query)) or die(mysql_error());
if($code == $check_code->activation_code)
{
$update = "UPDATE user_system SET is_activated = '1' WHERE username = '$username'";
mysql_query($update) or die(mysql_error());
echo "User $username has been activated! Thanks! You may now login!";
}
else
{
echo "The activation code was wrong! Please try again!";
}
}
}
}
else
{
echo "No ID or user given to activate!";
}
break;

}
?>[/code]
Link to comment
Share on other sites

Thanks Alpine, everything works great other then some SQL errors if the code isnt correct, no big deal though, i can figure that one out. Thanks!
[quote author=alpine link=topic=110195.msg446305#msg446305 date=1159908241]
You have a misplaced closing bracked in your switch-statement, Remove that and it seems good to go..:

[color=red]}[/color]
break;

case "activate":

[/quote]
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.