Jump to content

Confirmation Code system


nexuzkid

Recommended Posts

Hi guys. Recently, I've tried to experiment abit with php, and try to make a confirmation code system on my website. Though there's one problem... Each time I try to select the code, relating to the username, it just injects a "True" into ALL Columns. How can I select the username, which the code ($str) relates to?

 

<?php


	if($_GET['act'] != "")
	{
		$str_temp = $_REQUEST['forgot'];	

		$connect = mysql_connect("HOST", "USERNAME", "PASSWORD");
		if(!$connect){
		die(mysql_error());
		}

		$select_db = mysql_select_db("youjelly", $connect);
		if(!$select_db){
		die(mysql_error());
		}

		$result = mysql_query("SELECT * FROM users WHERE username='$username' AND str='$str'");
		$row = mysql_fetch_array($result);
		$id = $row['id'];

		$_SESSION['str'] = $row['str'];
		$str_1 = $_SESSION['str'];

		$select_user = mysql_query("SELECT username FROM users WHERE id='$id'");
		$row2 = mysql_fetch_array($select_user);
		$user = $row2['str'];


	 	if(empty($str_temp)){
		die("Please enter your confirmation code!");
		}

		$account_check = mysql_query("SELECT confirmacc FROM users WHERE confirmacc='$confirmacc'");
		$do_account_check = mysql_num_rows($account_check);


		if($do_account_check == "true")
		die("Your account has already been activated once before!");


		if($str_1 < 0){
			die("The confirmation code does not exist!");
		}

		$code_check = mysql_query("SELECT confirmacc FROM users WHERE confirmacc='$confirm1'");

		mysql_query("UPDATE users SET confirmacc='true' WHERE confirmacc='$confirmacc'");

		echo "Congratulations".$username2.$username1.$username."Your account has been activated succesfully!";{
			mail($email, "Congratulations $username!","Congratulations $username ! Your account has now been activated and you're now free to surf on MYWEBSITE, ", "From:" . "MYEMAIL")
		}

	}else
	{
		echo "<br /><div id='form'><center><form action='?act=confirm' method='post'>
		Activation code:<br /><input type='text' placeholder='Your confirmation code' name='forgot' size='30' value=''>
		<br /><br /><center></div><input type='submit'></center>
		</form>";	
	}

	?>

Link to comment
Share on other sites

if($do_account_check == "true"){

die("Your account has already been activated once before!");

}

 

Here I check if the account is already checked

 

$account_check = mysql_query("SELECT confirmacc FROM users WHERE confirmacc='$confirmacc'");

$do_account_check = mysql_num_rows($account_check);

 

 

And i get the data (confirmacc) out of the database here.

Link to comment
Share on other sites

$account_check = mysql_query("SELECT confirmacc FROM users WHERE confirmacc='$confirmacc'");

$do_account_check = mysql_num_rows($account_check);

 

 

And i get the data (confirmacc) out of the database here.

 

No, you don't. You are selecting the number of rows returned, which will never be equal to (string) "true".

 

You have several undefined variables in your script. I tried to rewrite your code, but because of all the undefined and arbitrarily named variables, I cannot.

 

Also, why are you querying the same table to get the same row 4 different times, especially when you have already returned all of the columns in the first query?

Link to comment
Share on other sites

Which is exactly my problem :P Everytime I do a project like this, I always mess up the strings. My current problem is just selecting the username, so that it doesn't inject "true" into all the users, but only the user that the $str (confirmation code) relates to. Sorry for the messy variables, all of my codings are like this...

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.