runnerjp Posted May 17, 2007 Share Posted May 17, 2007 ok this is how it goes when a user signes up the status is set to 0 then they are sent an email containing <?php function sendWelcome($user, $email, $pass){ $from = "From: ".EMAIL_FROM_NAME." <".EMAIL_FROM_ADDR.">"; $subject = "runnerselite - Welcome!"; $body = $user.",\n\n" ."Welcome! You've just registered at runnerselite" ."with the following information:\n\n" ."Username: ".$user."\n" ."Password: ".$pass."\n\n" ."$url = 'http://www.runnerselite.com/website/activate.php?hash='.md5".$password.".'&stamp='.base64_encode".$time."; return mail($email,$subject,$body,$from); ?> only 'http://www.runnerselite.com/website/activate.php?hash= is highlighted and '.md5".$password.".'&stamp='.base64_encode".$time."; does not even work also when sent to activate.php it shows the text :S <?php UPDATE users SET status = 1 WHERE (password = "'.md5($_GET['hash']).'") AND (timestamp = '.base64_decode($_GET['stamp'].') ?> any 1 able to help? Quote Link to comment Share on other sites More sharing options...
Lumio Posted May 17, 2007 Share Posted May 17, 2007 You have an error in you code: ."$url = 'http://www.runnerselite.com/website/activate.php?hash='.md5".$password.".'&stamp='.base64_encode".$time."; You see the highlighting? This is right: ."$url = 'http://www.runnerselite.com/website/activate.php?hash=".md5($password)."&stamp=".base64_encode($time); Ahm... why are you sending the password of an user? Thats a security risc! Quote Link to comment Share on other sites More sharing options...
runnerjp Posted May 17, 2007 Author Share Posted May 17, 2007 ok iv taken out ."Password: ".$pass."\n\n" so no password sent...cheers for heads up on that 1 ok im now getting Parse error: syntax error, unexpected T_STRING in /home/runnerse/public_html/website/activate.php on line 2 when i access <?php UPDATE users SET status = 1 WHERE (password = "'.md5($_GET['password']).'") AND (timestamp = '.base64_decode($_GET['time'].') ?> Quote Link to comment Share on other sites More sharing options...
taith Posted May 17, 2007 Share Posted May 17, 2007 agreed... passwords should only be kept in the database... only ever! instead... use something like this... <?php function randomkeys($length){ $pattern="1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; for($i=0; $i<$length; $i++) $key.=$pattern{rand(0,61)}; return $key; } $key=randomkeys(rand(20,40)); ?> which creates a random key between 20-40 characters long, store that into the database, and send via email with a link, containing a link with that key & userid... which inturn forwards onto the database activating by that key & userid... Quote Link to comment Share on other sites More sharing options...
runnerjp Posted May 17, 2007 Author Share Posted May 17, 2007 ahh thats a good idea... would it look somethign like this function addNewUser($username, $password, $email, $activation){ $time = time(); /* If admin sign up, give admin user level */ if(strcasecmp($username, ADMIN_NAME) == 0){ $ulevel = ADMIN_LEVEL; }else{ $ulevel = USER_LEVEL; } function randomkeys($length){ $pattern="1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; for($i=0; $i<$length; $i++) $key.=$pattern{rand(0,61)}; return $key; } $key=randomkeys(rand(20,40)); $q = "INSERT INTO ".TBL_USERS." VALUES ('$username', '$password', '0', $ulevel, '$email', $time, $activation)"; return mysql_query($q, $this->connection); } Quote Link to comment Share on other sites More sharing options...
taith Posted May 17, 2007 Share Posted May 17, 2007 function randomkeys($length){ $pattern="1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; for($i=0; $i<$length; $i++) $key.=$pattern{rand(0,61)}; return $key; } function addNewUser($username, $password, $email, $activation){ $time = time(); if(strcasecmp($username, ADMIN_NAME) == 0){ $ulevel = ADMIN_LEVEL; }else{ $ulevel = USER_LEVEL; } $key=randomkeys(rand(20,40)); $q = "INSERT INTO ".TBL_USERS." VALUES ('$username', '$password', '0', $ulevel, '$email', $time, $activation)"; return mysql_query($q, $this->connection); } Quote Link to comment Share on other sites More sharing options...
runnerjp Posted May 17, 2007 Author Share Posted May 17, 2007 i get the error Fatal error: Call to undefined function: randomkeys() in /home/runnerse/public_html/website/login/include/database.php on line 156 which is $key=randomkeys(rand(20,40)); Quote Link to comment Share on other sites More sharing options...
taith Posted May 17, 2007 Share Posted May 17, 2007 as long as both the functions exist in connection to that file, that error will go away Quote Link to comment Share on other sites More sharing options...
runnerjp Posted May 17, 2007 Author Share Posted May 17, 2007 but i used this function randomkeys($length){ $pattern="1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; for($i=0; $i<$length; $i++) $key.=$pattern{rand(0,61)}; return $key; } function addNewUser($username, $password, $email, $activation){ $time = time(); if(strcasecmp($username, ADMIN_NAME) == 0){ $ulevel = ADMIN_LEVEL; }else{ $ulevel = USER_LEVEL; } $key=randomkeys(rand(20,40)); $q = "INSERT INTO ".TBL_USERS." VALUES ('$username', '$password', '0', $ulevel, '$email', $time, $activation)"; return mysql_query($q, $this->connection); } so both functions do exist :s Quote Link to comment Share on other sites More sharing options...
runnerjp Posted May 17, 2007 Author Share Posted May 17, 2007 chnaged it to <?php /** * addNewUser - Inserts the given (username, password, email) * info into the database. Appropriate user level is set. * Returns true on success, false otherwise. */ function randomkeys($length){ $pattern="1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; for($i=0; $i<$length; $i++) $key.=$pattern{rand(0,61)}; return $key; } function addNewUser($username, $password, $email){ $time = time(); if(strcasecmp($username, ADMIN_NAME) == 0){ $ulevel = ADMIN_LEVEL; }else{ $ulevel = USER_LEVEL; } $key=randomkeys(rand(20,40)); $q = "INSERT INTO ".TBL_USERS." VALUES ('$username', '$password', '0', $ulevel, '$email', $time, $activation)"; return mysql_query($q, $this->connection); } ?> as the users is not entering the activation...the code it and i still get the error Quote Link to comment Share on other sites More sharing options...
runnerjp Posted May 17, 2007 Author Share Posted May 17, 2007 i do not understand why im getting the error tho :S i have got this in my sql table `key` VARCHAR( 40 ) CHARACTER SET latin1 COLLATE latin1_swedish_ci NOT NULL is that right?? Quote Link to comment Share on other sites More sharing options...
runnerjp Posted May 17, 2007 Author Share Posted May 17, 2007 *bump* Quote Link to comment Share on other sites More sharing options...
runnerjp Posted May 17, 2007 Author Share Posted May 17, 2007 bump Quote Link to comment Share on other sites More sharing options...
Lumio Posted May 17, 2007 Share Posted May 17, 2007 i do not understand why im getting the error tho :S Wich error? Quote Link to comment Share on other sites More sharing options...
runnerjp Posted May 18, 2007 Author Share Posted May 18, 2007 the error im getting is Fatal error: Call to undefined function: randomkeys() <?php function randomkeys($length){ $pattern="1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; for($i=0; $i<$length; $i++) $key.=$pattern{rand(0,61)}; return $key; } function addNewUser($username, $password, $email){ $time = time(); if(strcasecmp($username, ADMIN_NAME) == 0){ $ulevel = ADMIN_LEVEL; }else{ $ulevel = USER_LEVEL; } $key=randomkeys(rand(20,40)); $q = "INSERT INTO ".TBL_USERS." VALUES ('$username', '$password', '0', $ulevel, '$email', $time, $key)"; return mysql_query($q, $this->connection); }?> Quote Link to comment Share on other sites More sharing options...
runnerjp Posted May 18, 2007 Author Share Posted May 18, 2007 some one muct be able to help Quote Link to comment Share on other sites More sharing options...
runnerjp Posted May 18, 2007 Author Share Posted May 18, 2007 *bump* Quote Link to comment Share on other sites More sharing options...
Lumio Posted May 19, 2007 Share Posted May 19, 2007 try to make linebreaks after <?php: <?php function randomkeys($length){ $pattern="1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; for($i=0; $i<$length; $i++) $key.=$pattern{rand(0,61)}; return $key; } function addNewUser($username, $password, $email){ $time = time(); if(strcasecmp($username, ADMIN_NAME) == 0){ $ulevel = ADMIN_LEVEL; }else{ $ulevel = USER_LEVEL; } $key=randomkeys(rand(20,40)); $q = "INSERT INTO ".TBL_USERS." VALUES ('$username', '$password', '0', $ulevel, '$email', $time, $key)"; return mysql_query($q, $this->connection); } ?> Is that really the only error you get? Give us the whole code and the whole error message please. Quote Link to comment Share on other sites More sharing options...
runnerjp Posted May 19, 2007 Author Share Posted May 19, 2007 dude sorry i clicked as "solved" cos want gonna use it then later on in day i got told to use it so had to open new thread :$ so if any 1 is wunderin why there are to threads open 4 this im sorry Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.