Jump to content

Archived

This topic is now archived and is closed to further replies.

justlukeyou

Which Page To Insert From? (Account Validation)

Recommended Posts

Hi,

 

I have a piece of code for a registration script which appears to be working fine. It inserts the name, email address and password into the database. It also forwards an email to the submitted email. However I now need to insert a character into the database from the email address to authorise the email. (quite standard)

 

But I'm struggling to understand the best approach to take. Should have a second insert code on this page or should I (somehow) insert the character using the Activation page?

 

 

 

<?php
   $_SESSION['userLoggedIn'] = 0;
   $_SESSION['userEmail'] = '';
   $_SESSION['userID'] = '';

   // Reset errors and success messages
   $errors = array();
   $success = array();


   // Register attempt 
   if(isset($_POST['registerSubmit']) && $_POST['registerSubmit'] == 'true'){
   $firstname = mysql_real_escape_string(trim($_POST['firstname']));
   $surname = mysql_real_escape_string(trim($_POST['surname']));
    $registerEmail = trim($_POST['email']); 
    $registerPassword = trim($_POST['password']); 
    $registerConfirmPassword    = trim($_POST['confirmPassword']); 

   if(!isset($firstname) || empty($firstname)) {
    $errors['firstname'] = "Please enter your First Name.";
   }

if(!isset($surname) || empty($surname)) {
    $errors['surname'] = "Please enter your Surname.";
   }
$email = "$registerEmail";
if(!filter_var($email, FILTER_VALIDATE_EMAIL))
 {
    $errors['falseEmail'] = "Please enter your email address in a valid format.  Example: bobsmith@companyname.com";
 }


    if(strlen($registerPassword) < 6 || strlen($registerPassword) > 12)	
	    $errors['registerPassword'] = 'Your password must be between 6-12 characters.'; 

    if($password != $confirmPassword && !$error) {
    $error = "The passwords you entered did not match.";
   }


    if($registerPassword != $registerConfirmPassword) 
	    $errors['registerConfirmPassword'] = 'Your passwords did not match.'; 

    if(strlen($registerConfirmPassword) < 6 || strlen($registerConfirmPassword) > 12)	
	    $errors['registerConfirmPassword'] = 'Please confirm your password.';	



if(!$errors){
$registerPassword = md5($registerPassword);
$query = "INSERT INTO users (firstname, surname, email, password, date_registered) VALUES ('" . $firstname . "', '" . $surname . "', '" . mysql_real_escape_string($registerEmail) . "', '". $registerPassword ."', NOW())";


 $result = mysql_query($query); // remove the or die(mysql_error()) code after you resolve the error
 if($result){
	  $success['register'] = '


   Thank you for registering with Website.com.</p>
   You will soon receive a confirmation email.  Please click the confirmation link.';



$query = mysql_query("SELECT * FROM users WHERE email = '". $registerEmail ."' OR email = '". $email ."'");
$emailduplicate = null;
if (mysql_num_rows($query) > 0)
{
$emailduplicate = 'Email Address is Already in Use.  Please <a href="http://www.website.com/test/activation.php?userid=Y">Retrieve Your Password</a>.';
}	  


	  $message = '
<html>
<body>
<p>Welcome to Website.com</p>
<a href="http://www.website.com/test/activation.php?activation=Y">Click Here</a> to activate your account.

</body>
</html>
';


	  mail(mysql_real_escape_string($registerEmail), 'Website.com Confirmation', $message, 'From: info@website.com' . "\r\n".'MIME-Version: 1.0' . "\r\n".'Content-type: text/html; charset=iso-8859-1' . "\r\n");

  }
  }
  }


   ?>   

Share this post


Link to post
Share on other sites

Any suggestions please?

 

Ive done the profile creating, profile edit and image upload. Now I just need to authorise the account. Its getting there!

Share this post


Link to post
Share on other sites

Thanks, but I know the process for inserting it into the database.

 

Lets say the id is "321456" how is that matched with the database. Do I insert into the database from the activation page or from the link that is emailed to the user?

Share this post


Link to post
Share on other sites

When registering the user, insert the uniqid string into a table filled with verification links. Email the link to the user activate.php?link=link

 

Using $_GET extract the link the user put, if any. Select from the table to see if it matches any, if it does, delete it and activate the user.

Share this post


Link to post
Share on other sites

So on the activation.php pahe should I getting the uniqid from the email using GET and then inserting it into the database using INSERT. All on the activation page?

Share this post


Link to post
Share on other sites

You should generate the activation code using uniqid() and insert that string into the database. Nothing to do with $_GET until they are on the page you want to verify the links.

Share this post


Link to post
Share on other sites

Hi,

 

How do I use uniqid(). I have tried to echo it into the link and insert into the database but nothing seems to work.

 

When I echo a uniqid it does appear on the page but when I try to echo it into the link it just shows the code. Or would apply the uniqid to a string and then echo the string into the email so that I dont have two seperate uniqid code?

 

As per normal I dont understand a word of the PHP site: http://php.net/manual/en/function.uniqid.php

Share this post


Link to post
Share on other sites

This is where I am at the moment, what ever I try and cant apply the uniqid to anything.

 

 

<?php
$uniquecode = (uniqid());
?>
<?php
   $_SESSION['userLoggedIn'] = 0;
   $_SESSION['userEmail'] = '';
   $_SESSION['userID'] = '';

   // Reset errors and success messages
   $success = array();


   // Register attempt 
   if(isset($_POST['registerSubmit']) && $_POST['registerSubmit'] == 'true'){
$usertype = ('organiser');  
$activationcode = ('"%uniquecode"');

Share this post


Link to post
Share on other sites

When I try this it does echo a uniqid so its just a matter of adding it to the $activationcode

 

<?php
$uniquecode = (uniqid());
?>

<?php
printf($uniquecode);
?>

Share this post


Link to post
Share on other sites

Start echoing things until you find out where a value changes to something other than what you'd expect it to be.

Share this post


Link to post
Share on other sites

Not sure what you mean to be honest.

 

Its kist the technique of applying $uniquecode to $activationcode. This currently inserts $uniquecode instead of the uniqid which it previously echoes.

 

 $activationcode = ('$uniquecode'); 

Share this post


Link to post
Share on other sites

Why do you have an obsession with wrapping things in parenthesis?

 

Do you really not know by now the difference between these three lines of code?

$a = $b;
$a = '$b';
$a = "$b";

Because your code consistently shows that you don't, even after being told dozens of times.

 

 

Share this post


Link to post
Share on other sites

Why do you have an obsession with wrapping things in parenthesis?

 

Do you really not know by now the difference between these three lines of code?

$a = $b;
$a = '$b';
$a = "$b";

Because your code consistently shows that you don't, even after being told dozens of times.

 

No, I dont understand this and I dont understand the PHP site either.

 

What is the difference between these:

 

$a = $b;
$a = '$b';
$a = "$b";

 

In terms of this I have tried around 5 variations of this and cant get it to work. This just happens to be lastest attempt I have shown here.

 

$activationcode = ('"%uniquecode"');

Share this post


Link to post
Share on other sites

Go read the manual again. If you don't understand it, there are plenty of examples in it you can try on your own.

Share this post


Link to post
Share on other sites

@justlukeyou: make a test script:

 

$b = 5;

$a = $b;

echo '$a = $b: ' . $a . '<br />';

$a = '$b';

echo '$a = \'$b\': ' . $a . '<br />';

$a = "$b";

echo '$a = "$b": ' . $a;

 

Whenever you don't understand something, make a small test script to try out the concept. And work in small increments (think of something -> test it -> integrate it if it works -> repeat). It's far better to do it that way than with your usual "Throw shit at the wall and hope it sticks" method.

Share this post


Link to post
Share on other sites

Thanks, I ran this test script but I still dont understand what it represents.

 

I wish I did understand it lol How does it impact on the issue that I have applying the the uniqid to the activationcode?

 

$activationcode = ('$uniquecode');

Share this post


Link to post
Share on other sites

What of it DO you understand? 

Share this post


Link to post
Share on other sites

:facepalm:

 

Okay:

 

1. Don't use quotes unless you're trying to output text.

2. There's a difference between single-quoted text and double-quoted text:

a. Single-quoted text is literal. Meaning, whatever is in that text will be printed as-is. If you have '$a', it will print $a.

b. Double-quoted text interpolates variables. Meaning, if you have "$a" it will print the value of $a.

 

Regarding $activationcode, don't use quotes at all in that context. If you're not printing to screen, don't use quotes around a variable.

 

---

 

From a fundamental level, you need to improve on your reading ability. The official PHP docs are written at a middle-to-early-high-school level. They are some of the easiest documentation to read (seriously, try reading the MSDN). Now, I don't know if you have a learning disability or something, so I'm trying to tread carefully, but being able to read and understand documentation is a foundational ability for any programmer trying to do it for real. It's only going to get tougher from here on out.

Share this post


Link to post
Share on other sites

Now Ive look at again I can see the pattern.

 

But I still cant see how this reflects against the issue I have. If I can see how it affects this I can see what affect it has.

Share this post


Link to post
Share on other sites

Its kist the technique of applying $uniquecode to $activationcode. This currently inserts $uniquecode instead of the uniqid which it previously echoes.

 

 $activationcode = ('$uniquecode'); 

 

You really don't see the link between what we are telling you and your code?

 

Do you actually have a learning disability? I think Kevin hit the nail on the head there. If not, then I go back to my previous conclusion that you are a troll. A weak one at best, but either you are a troll or you have a learning disability. 

Share this post


Link to post
Share on other sites

Bootiful.

 

The activation code is that last stage I have to do. Thanks to you guys I can now insert the uniqid into the database. Now I need to insert it into the email for the link so I can match it on the activation page.

 

The problem now is I cant get PHP to work in the email.

 

	  $message = '
<html>
<body>
Welcome to website.com <br><br>
<a href="http://www.website.com/test/activation.php?activation=<?php
echo "$activationcode";
?>Click Here</a> to activate your account.

</body>
</html>
';

 

BTW I've followed peoples advice of using one database. The PHP will be easier but the design will be harder. See how it goes.

Share this post


Link to post
Share on other sites

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.