Jump to content

Recommended Posts

With a great deal of thanks from the members of this forum I have been able to put together a registration system. (Yet to go through security processes) However I am struggling to get the email authorisation to work. Does anyone have any feedback or suggestions on how I can get the email code to work?

 

 

<?php
   session_start();
   $_SESSION['userLoggedIn'] = 0;
   $_SESSION['userEmail'] = '';
   $_SESSION['userID'] = '';

   // Reset errors and success messages
   $errors = array();
   $success = array();

   // Login attempt
   if(isset($_POST['loginSubmit']) && $_POST['loginSubmit'] == 'true')
   {
    $loginEmail = filter_var(trim($_POST['email']), FILTER_VALIDATE_EMAIL);
    $loginPassword    = trim($_POST['password']);


  if ($loginEmail === false)
    {
	  $errors['loginEmail'] = 'Please enter your email address in a valid format.    Example: bobsmith@companyname.com';
    }
    if(strlen($loginPassword) < 6 || strlen($loginPassword) > 12)
    {
	    $errors['loginPassword'] = 'Your password must be between 6-12 characters.';
    }
    if(count($errors) === 0)
    {
$query    = 'SELECT * FROM users WHERE email = "' . mysql_real_escape_string($loginEmail) . '" AND password = MD5("' . mysql_real_escape_string($loginPassword) . '") LIMIT 1'; 
	    $result = mysql_query($query);
	    if (!$result)
	    {
		    die('Invalid query: ' . mysql_error());
	    }

	    if(mysql_num_rows($result) === 1)
	    {
		    $row = mysql_fetch_assoc($result);
		    $_SESSION['userLoggedIn'] = 1;
		    $_SESSION['userEmail'] = $loginEmail;
		    $_SESSION['userID'] = $row['id'];

		    header('Location: index.php');
		    exit;
	    } else {
		    $errors['login'] = 'No user was found with the details provided.';
	    }
    }
   }
   /*
  The rest of your login page code
   */
 // Reset errors and success messages 
   $errors = array(); 
   $success = array(); 
   // Login attempt 
   if(isset($_POST['loginSubmit']) && $_POST['loginSubmit'] == 'true'){ 
    $loginEmail = trim($_POST['email']); 
    $loginPassword  = trim($_POST['password']); 

$email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
if (!$email)
{
 $error = 'Please enter your email address in a valid format.  Example: bobsmith@companyname.com';
}

    if(strlen($loginPassword) < 6 || strlen($loginPassword) > 12) 
	    $errors['loginPassword'] = 'Your password must be between 6-12 characters.'; 

    if(!$errors){ 
	    $query  = 'SELECT * FROM users WHERE email = "' . mysql_real_escape_string($loginEmail) . '" AND password = MD5("' . $loginPassword . '") LIMIT 1'; 
	    $result = mysql_query($query); 
	    if(mysql_num_rows($result) == 1){ 
		    $user = mysql_fetch_assoc($result); 
		    $query = 'UPDATE users SET session_id = "' . session_id() . '" WHERE id = ' . $user['id'] . ' LIMIT 1'; 
		    mysql_query($query); 
		    header('Location: index.php'); 
		    exit; 
	    }else{ 
		    $errors['login'] = 'No user was found with the details provided.'; 
	    } 
    } 
   } 

   // Register attempt 
   if(isset($_POST['registerSubmit']) && $_POST['registerSubmit'] == 'true'){
   $firstname = mysql_real_escape_string(trim($_POST['firstname']));
   $surname = mysql_real_escape_string(trim($_POST['surname']));
    $registerEmail = trim($_POST['email']); 
    $registerPassword = trim($_POST['password']); 
    $registerConfirmPassword    = trim($_POST['confirmPassword']); 

   if(!isset($firstname) || empty($firstname)) {
    $error = "Please enter your First Name.";
   }

if(!isset($surname) || empty($surname)) {
    $error = "Please enter your Surname.";
   }

    if(strlen($registerPassword) < 6 || strlen($registerPassword) > 12)	
	    $errors['registerPassword'] = 'Your password must be between 6-12 characters.'; 

    if($password != $confirmPassword && !$error) {
    $error = "The passwords you entered did not match.";
   }

$emailAddress = filter_var($_POST['emailaddress'], FILTER_VALIDATE_EMAIL);
if (!$emailAddress)
{
 $error = 'Please enter your email address in a valid format.  Example: bobsmith@companyname.com';
}

    if($registerPassword != $registerConfirmPassword) 
	    $errors['registerConfirmPassword'] = 'Your passwords did not match.'; 

    // Check to see if we have a user registered with this email address already 


if(!$errors){
  $query = "INSERT INTO users (firstname, surname, email, password, date_registered) VALUES ('" . $firstname . "', '" . $surname . "', '" . mysql_real_escape_string($registerEmail) . "', MD5('" . mysql_real_escape_string($registerPassword) . "'), NOW())";

 $result = mysql_query($query) or die(mysql_error()); // remove the or die(mysql_error()) code after you resolve the error
 if($result){
	  $success['register'] = 'Thank you for registering. You can now log in on the left.';
  }else{
	  $errors['register'] = 'There was a problem registering you. Please check your details and try again.';
 }
} 
		   }



   $query = mysql_query("SELECT id FROM users WHERE email = '".$email."' LIMIT 1");
   if(mysql_num_rows($query) > 0 && !$error) {
    $error = "Sorry, that email is already in use!";
   }

   if(!$error) {
    $query = mysql_query("INSERT INTO users (email) VALUES ('".$password."', '".$password."', '".mysql_real_escape_string(md5($password))."', '".$email."')");
    if($query) {
	    $message = "Hello ".$_POST['email'].",\r\n\r\nThanks for registering with site.com! We hope you enjoy your stay.\r\n\r\n Many Thanks,\r\n.com";
	    $headers = "From: ".$website['name']." <".$website['email'].">\r\n";
	    mail($_POST['email'], "Welcome", $message, $headers);
	    setcookie("user", mysql_insert_id(), $time);
	    setcookie("pass", mysql_real_escape_string(md5($password)), $time);
	    header("Location: users.php");
    } else {
	    $error = "There was a problem with the registration. Please try again.";
    }
   }


   ?>   


<link rel="stylesheet" href="/stylesheet.css" type="text/css" />  

   <div class="topheader">	  
<?php
   if ($_SESSION['userLoggedIn'])
{
 $row = mysql_fetch_array($query);
 echo '<div class="loggedin">
You are sucessfully logged in as ' . $_SESSION['userEmail'] . ' <a href="/index.php">Logout</a>
 </div>
 ';
} else { echo
'<div class="headersignin">
<a href="/users/login.php"   rel="nofollow" class="blacklink"   >
Sign in
</a>
</div>
<div class="headerjoin">
<a href="/users/register.php" rel="nofollow" class="whitelink"   > Join free</a>
</div>';
}
?>

  <div class="headerlinkright">
 <a href="/siteinfo/aboutus.php"   rel="nofollow" class='bloglink'   >About Us</a>
</div>
  <div class="headerlinkright">
<a href="/blog/blog.php"   rel="nofollow" class='bloglink'   >Blog</a>
</div>
  </div>
</div>
</div>
 </div>   

    <h1>Login</h1>
    <form class="box400" name="loginForm" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> 

	    <?php if($errors['login']) print '<div class="invalid">' . $errors['login'] . '</div>'; ?> 

	    <label for="email">Email Address</label> 
	    <input type="text" name="email" value="<?php echo htmlspecialchars($loginEmail); ?>" /> 
	    <?php if($errors['loginEmail']) print '<div class="invalid">' . $errors['loginEmail'] . '</div>'; ?> 

	    <label for="password">Password <span class="info">6-12 chars</span></label> 
	    <input type="password" name="password" value="" /> 
	    <?php if($errors['loginPassword']) print '<div class="invalid">' . $errors['loginPassword'] . '</div>';  ?> 

	    <label for="loginSubmit"> </label> 
	    <input type="hidden" name="loginSubmit" id="loginSubmit" value="true" /> 
   <div class="user-area">
<input type="submit" value="Login" class="submit-button" />
 </div>   



    </form> 


	    <h2>Register</h2>
    <form class="box400" name="registerForm" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> 

	    <?php if($success['register']) print '<div class="valid">' . $success['register'] . '</div>'; ?> 
	    <?php if($errors['register']) print '<div class="invalid">' . $errors['register'] . '</div>'; ?> 
			 <div class="registerinputarea">




   <div class="registerinputcelltop">
 <div class="registerinputleft">
	    <label for="email">Firstname</label>
 </div>
  <div class="registerinputright"> 
	    <input type="text" name="firstname" value="<?php echo htmlspecialchars($firstname); ?>" /> 
	    <?php if($errors['firstname']) print '<div class="invalid">' . $errors['firstname'] . '</div>'; ?> 
		  </div>	

	    <div class="registerinputcelltop">
 <div class="registerinputleft">
	    <label for="email">Surname</label>
 </div>
  <div class="registerinputright"> 
	    <input type="text" name="surname" value="<?php echo htmlspecialchars($surname); ?>" /> 
	    <?php if($errors['surname']) print '<div class="invalid">' . $errors['surname'] . '</div>'; ?> 
		  </div>







   <div class="registerinputcelltop">
 <div class="registerinputleft">
	    <label for="email">Email Address</label>
 </div>
  <div class="registerinputright"> 
	    <input type="text" name="email" value="<?php echo htmlspecialchars($registerEmail); ?>" /> 
	    <?php if($errors['registerEmail']) print '<div class="invalid">' . $errors['registerEmail'] . '</div>'; ?> 
		  </div>

   <div class="registerinputcelltop">
 <div class="registerinputleft">
	    <label for="password">Password</label> 
  </div>
 <div class="registerinputright">
	    <input type="password" name="password" value="" /> 
	    <?php if($errors['registerPassword']) print '<div class="invalid">' . $errors['registerPassword'] . '</div>'; ?> 
		    </div>


	  <div class="registerinputcelltop">
 <div class="registerinputleft">
	    <label for="confirmPassword">Confirm Password</label> 
	 </div>
	 <div class="registerinputright">
	    <input type="password" name="confirmPassword" value="" /> 
	    <?php if($errors['registerConfirmPassword']) print '<div class="invalid">' . $errors['registerConfirmPassword'] . '</div>'; ?> 
			   </div>
	   </div>
	   </div>

    <div class="registerinputcelltop">
	    <label for="registerSubmit"> </label> 
	    <input type="hidden" name="registerSubmit" id="registerSubmit" value="true" /> 
   <div class="user-area">
		 <input type="submit" value="Register" class="submit-button" />
 </div>
    </form>

   </div>
 <div class="registerinputcelltop">
<a href="logout.php">Logout</a>
<a href="index.php">Index</a>
</div>

Link to comment
https://forums.phpfreaks.com/topic/268905-struggling-with-email-code/
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.