MrKaraokeSteve Posted July 24, 2007 Share Posted July 24, 2007 I am working on a karaoke website, that is based on review system and a rating system. currently I am stuck on the registration section of the website. What I am doing is allowing people to register, what they will do is fill out the form, and then it will email them an email with the username/password along with a link to click . The link will apear like this: http://www.website.com/user_activate.php?ConfirmNumber=12345678901234567890 (a 20 diget random number). Then they will click on that link and it will take it that page, and they will be prompted to enter thier username/password that they registered with. and then the script will do the following.. 1. Check to make sure they entered a username/pass. 2. Check to make sure username/password are correct 3. Check to make sure the ConfirmNumber is correct for the username that they entered... (ie I dont want any username and password to work). 4. Check to make sure they have not already been activated. the part that is not working is: the confirm number part. I am not sure what I need to do to fix it.. could you please help me? below is the code: <?php include ('top.php'); if(isset($_POST['submit'])) { $user = $_POST['user']; $ConfirmNumber = $_GET['$ConfirmNumber']; $pass = base64_encode($_POST['pass']); if((!$_POST['user']) || (!$_POST['pass'])) { echo "Sorry you didnt enter an username or password, please got back and try again"; } else { $jap_data = mysql_query("SELECT pass, active, ConfirmNumber FROM users WHERE addicted_id='$user'") or die(mysql_error()); $jap_output = mysql_fetch_array($jap_data); if($pass != $jap_output['pass']) { echo "The password you entered was incorrect, please go back and try again"; } else { if($jap_output['active'] != 0) { echo "It appears that you have already confirmed your account!"; } else { if((!$_POST['ConfirmNumber']) || (!$_POST['ConfirmNumber'])) { echo "The confirmation number does not match the username you are trying to use!!!"; } else { $ConfirmNumber = $_GET['ConfirmNumber']; mysql_query("UPDATE users SET Active='1' WHERE ConfirmNumber='$ConfirmNumber'") or die(mysql_error()); echo 'Your Account has been confirmed!'; } } } } } else { ?> <p><center>Please enter your username and password that you just signed up for to confirm your account </center></p> <form action="user_activate.php?ConfirmNumber=<?php echo $_GET['ConfirmNumber']; ?>" method="POST"> <table cellpadding="2" cellspacing="2" width="69%" style="font-size: 12px; "> <tr> <td colspan="3" class="h"><div align="center"><strong>Username and Password </strong></div></td> </tr> <tr> <td class="h"><a href="" onMouseOver="return escape(' This is the hint ')"><img width="15" alt="" src="images/small_help.gif" hspace="3" height="15" border="0"></a></td> <td class="h"><div align="left">UserName</div></td> <td><input name="user" type="text" /></td> </tr> <tr> <td class="h"><a href="" onMouseOver="return escape(' This is the hint ')"><img width="15" alt="" src="images/small_help.gif" hspace="3" height="15" border="0"></a></td> <td class="h"><div align="left">Password</div></td> <td><input name="pass" type="password" /></td> </tr> <tr> <td> </td> <td><center><input type="submit" name="submit" value="Confirm"> </center></td> <td> </td> </tr> </table> </form> <?php } include("bottom.php"); ?> Quote Link to comment Share on other sites More sharing options...
trq Posted July 24, 2007 Share Posted July 24, 2007 Could be as simple as this line... $ConfirmNumber = $_GET['$ConfirmNumber']; Needs to be.... $ConfirmNumber = $_GET['ConfirmNumber']; Otherwise, you'll need to define what not working actually means. Quote Link to comment Share on other sites More sharing options...
redarrow Posted July 24, 2007 Share Posted July 24, 2007 you dont need all that hard codded stuff let the user prees the link update the database then redirect them to the login page then see if the activation is a 1 let them in eles dont. that it. Quote Link to comment Share on other sites More sharing options...
MrKaraokeSteve Posted July 24, 2007 Author Share Posted July 24, 2007 okay I made that correction that you suggested.. This is the error I am getting on the website: The confirmation number does not match the username you are trying to use!!! Quote Link to comment Share on other sites More sharing options...
redarrow Posted July 24, 2007 Share Posted July 24, 2007 is the emailed number the same as the database number check? Quote Link to comment Share on other sites More sharing options...
MrKaraokeSteve Posted July 24, 2007 Author Share Posted July 24, 2007 yes.. everything is correct. but I dont think its checking the database to make sure the confirmnumber is the same as in the db, but I am not sure! Quote Link to comment Share on other sites More sharing options...
redarrow Posted July 24, 2007 Share Posted July 24, 2007 this wont work unless you get the random number in a session becouse your posting at the same time. i think. Quote Link to comment Share on other sites More sharing options...
MrKaraokeSteve Posted July 24, 2007 Author Share Posted July 24, 2007 hmm what would you suggust??? Quote Link to comment Share on other sites More sharing options...
redarrow Posted July 24, 2007 Share Posted July 24, 2007 1 min does the confirm number in the form show the same as the emailed number check ok Quote Link to comment Share on other sites More sharing options...
MrKaraokeSteve Posted July 24, 2007 Author Share Posted July 24, 2007 the link has the correct confirmnumber thats in the table. if that is what you are asking Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.