[SOLVED] If validated

[steviez]

Hi,

 

I require my members to validated their emails before they can signup, the only problem is that i can figure the code out to put in my login page.

 

I need something like if($row['activation] == 'activated'){

 

Here is my login page:

 

<?
include("login_database.php");
/**
* Checks whether or not the given username is in the
* database, if so it checks if the given password is
* the same password in the database for that user.
* If the user doesn't exist or if the passwords don't
* match up, it returns an error code (1 or 2). 
* On success it returns 0.
*/
function confirmUser($username, $password){
   global $conn;
   /* Add slashes if necessary (for query) */
   if(!get_magic_quotes_gpc()) {
$username = addslashes($username);
   }

   /* Verify that user is in database */
   $q = "select password from xl_members where username = '$username'";
   $result = mysql_query($q,$conn);
   if(!$result || (mysql_numrows($result) < 1)){
      return 1; //Indicates username failure
   }

   /* Retrieve password from result, strip slashes */
   $dbarray = mysql_fetch_array($result);
   $dbarray['password']  = stripslashes($dbarray['password']);
   $password = stripslashes($password);

   /* Validate that password is correct */
   if($password == $dbarray['password']){
      return 0; //Success! Username and password confirmed
   }
   else{
      return 2; //Indicates password failure
   }
}

/**
* checkLogin - Checks if the user has already previously
* logged in, and a session with the user has already been
* established. Also checks to see if user has been remembered.
* If so, the database is queried to make sure of the user's 
* authenticity. Returns true if the user has logged in.
*/
function checkLogin(){
   /* Check if user has been remembered */
   if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
      $_SESSION['username'] = $_COOKIE['cookname'];
      $_SESSION['password'] = $_COOKIE['cookpass'];
   }

   /* Username and password have been set */
   if(isset($_SESSION['username']) && isset($_SESSION['password'])){
      /* Confirm that username and password are valid */
      if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
         /* Variables are incorrect, user not logged in */
         unset($_SESSION['username']);
         unset($_SESSION['password']);
         return false;
      }
      return true;
   }
   /* User not logged in */
   else{
      return false;
   }
}

/**
* Determines whether or not to display the login
* form or to show the user that he is logged in
* based on if the session variables are set.
*/
function displayLogin(){
   global $logged_in;
   if($logged_in){
      echo "<div class='welcome'><h1>Welcome " . $_SESSION['username'] . "!</h1>Click <a href='members/'>here</a> to go to your members area</div><br />";
   }
   else{
?>

<form action="" method="post">
      <table id="login_table" border="0" cellpadding="0" cellspacing="0" width="98%">
        <tbody>
          <tr>
            <td width="41%"><img src="http://www.ukfilehost.com/images/arrow_input.jpg" alt=">>" height="10" hspace="10" width="10">Username: </td>
            <td width="59%"><input name="user" class="input" size="17" type="text">
            </td>
          </tr>
          <tr>
            <td><img src="http://www.ukfilehost.com/images/arrow_input.jpg" alt=">&gt" height="10" hspace="10" width="10">Password: </td>
            <td><input name="pass" class="input" size="17" type="password">
            </td>
          </tr>
          <tr> </tr>
	  <tr>
            <td><img src="http://www.ukfilehost.com/images/arrow_input.jpg" alt=">&gt" height="10" hspace="10" width="10">Remember:</td>
            <td><input type="checkbox" name="remember" class="input"></td>
          </tr>
          <tr>
            <td> </td>
            <td><input type="submit" name="sublogin" value="Login" class="input"></td>
          </tr>
        </tbody>
      </table>
    </form>

<?
   }
}


/**
* Checks to see if the user has submitted his
* username and password through the login form,
* if so, checks authenticity in database and
* creates session.
*/
if(isset($_POST['sublogin'])){
   /* Check that all fields were typed in */
   if(!$_POST['user'] || !$_POST['pass']){
      die('You didn\'t fill in a required field.');
   }
   /* Spruce up username, check length */
   $_POST['user'] = trim($_POST['user']);
   if(strlen($_POST['user']) > 30){
      die("Sorry, the username is longer than 30 characters, please shorten it.");
   }

   /* Checks that username is in database and password is correct */
   $md5pass = md5($_POST['pass']);
   $result = confirmUser($_POST['user'], $md5pass);

   /* Check error codes */
   if($result == 1){
      die('That username doesn\'t exist in our database.');
   }
   else if($result == 2){
      die('Incorrect password, please try again.');
   }

   /* Username and password correct, register session variables */
   $_POST['user'] = stripslashes($_POST['user']);
   $_SESSION['username'] = $_POST['user'];
   $_SESSION['password'] = $md5pass;

   /**
    * This is the cool part: the user has requested that we remember that
    * he's logged in, so we set two cookies. One to hold his username,
    * and one to hold his md5 encrypted password. We set them both to
    * expire in 100 days. Now, next time he comes to our site, we will
    * log him in automatically.
    */
   if(isset($_POST['remember'])){
      setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
      setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
   }

   /* Quick self-redirect to avoid resending data on refresh */
   echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[php_SELF]\">";
   return;
}

/* Sets the value of the logged_in variable, which can be used in your code */
$logged_in = checkLogin();

?>

 

Please can anyone help

[jakebur01]

This is one way, it checks for expressions.

 

<?php 
        $email="[email protected]"; 
     
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9- 
]+)*(\.[a-z]{2,3})$", $email) { 

            echo "The e-mail was not valid"; 
         
} else { 
         
    echo "The e-mail was valid"; 
         
} 
     
?>

[steviez]

Sorry i have typed wrong, i meen i need users to validate their email before login, and email is sent to them with a validation code in

[steviez]

anything on this guys?

[Silverado_NL]

when a person signs up you will have to generate a random number.

store it in your website's database, and also put it in the link you mail the new members(2gether with the loginname).

it would be a link like

http://www.yourwebsite.com/index.php?action=validate&member=membername&validationkey=randomnumber

then when somebody clicks the link in the email, your website will receive the number and try to find it in the database.

you just tell the database to change the account that belongs to the validation-number into a validated account.

hope this help

 

[steviez]

Hi,

 

Thanks for your reply. I have done all that now i am wanting to stop people from logging in unless they click the validation link in their email. My login script is above |||

[Glyde]

Here's what I would do...

1) Data type the column 'activated' in your DB to ENUM('0','1')

2) Set the default value to 0

3) When the user registers, the 'activated' column would be set to 0 (without you having to...since it's the default)

4) Your script sends and email to the user

5) When the user clicks the link in the email, it updates 'activated' to 1

6) Add this statement within the password check.  Basically, if the password is valid, move on to this checkpoint:

 

if ($dbarray['activation']) return 0; // Successful login
else return 3; // Not validated

[steviez]

Hi,

 

Thanks for your reply.

 

I have done the database bit but im having problems with the PHP bit. Im new to PHP so its all a bit alien

 

Could anyone possably help me integrate this code in to the login script above??

 

Thanks

[steviez]

Please guys this is important, anyone help?

[steviez]

Thanks guys for all your help once again, This has been solved.