ghosh Posted August 16, 2007 Share Posted August 16, 2007 Dear friends, I am novice to PHP, I am trying to do a project where in a visitor must register/ sign in in order to post comment. they sign in using email id+user name+password. An email is sent for verification of the email ID. Once verified the member should login using EMAIL ID. when the member post comment his user name will be shown against each comments posted on each page. I am also making a provision for ADMIN panel to ban or delete any user. Please help me to make this. Here is the code which i have made. 1: INSTALL CODE FOR MYSQL: <?php include "connect.php"; ?> <?php $users="CREATE TABLE a_users ( userID bigint(20) NOT NULL auto_increment, username varchar(255) NOT NULL default '', passkey varchar(255) NOT NULL default '', email varchar(255) NOT NULL default '', isbanned varchar(255) NOT NULL default 'no', validated int(11) NOT NULL default '0', activation bigint(20) NOT NULL default '0', PRIMARY KEY (userID) )"; mysql_query($users) or die("Could not install users"); $login="CREATE TABLE admin ( ID bigint(20) NOT NULL auto_increment, name varchar(255) NOT NULL default '', password varchar(255) NOT NULL default '', status int(11) NOT NULL default '0', PRIMARY KEY (ID) )"; mysql_query($login) or die("Could not install login"); print "Tables installed."; ?> new-register.php Code: <?php include "connect.php"; include "admin/var.php"; ?> <?php $username=$_POST['username']; $password=$_POST['password']; $email=$_POST['email']; $getdups="SELECT * from a_users where email='$email'"; $getdups2=mysql_query($getdups) or die("Could not get duplicates"); $getdups3=mysql_fetch_array($getdups2); if(strlen($getdups3)>0) { header.Location("); } if (!$_POST['username']) { header.Location("); } else if(!$_POST['password']) { header.Location("); } else if(!$_POST['email']) { header.Location("); } else { $value=date("U"); $value=$value%1000000; srand($value); $keyed=RAND(1,100000000); $password=md5($password); $createuser="INSERT into a_users (username,passkey,email,activation) values('$username','$password','$email','$keyed')"; mysql_query($createuser) or die("Could not create user"); $headers .= "From: <$adminmail>\r\n"; mail("$email","Activation Key","Please click on this link to activate your myplanet.co.in Account ); hearder.Location:('); } ?> here is the activate.php <?php include "connect.php"; include "admin/var.php"; ?> <?php $username=$_GET['username']; $act=$_GET['act']; $validate="SELECT * from a_users where activation='$act'and username='$username'"; $validate2=mysql_query($validate) or die(mysql_error()); $validate3=mysql_fetch_array($validate2); if(strlen($validate3[username]>0)) { die("There is no such user"); } else { $userID=$validate3['userID']; $validateuser="update a_users set validated='1' where userID='$userID'"; mysql_query($validateuser) or die("Could not validate"); header.Location("http://www.subhodeepghosh.com/home/members/new-members/myplanet.html"; } ?> connect.php <? $db = mysql_connect("localhost", "", "") or die("Could not connect."); if(!$db) die("no db"); if(!mysql_select_db("",$db)) die("No database selected."); if(!get_magic_quotes_gpc()) { $_GET = array_map('mysql_real_escape_string', $_GET); $_POST = array_map('mysql_real_escape_string', $_POST); $_COOKIE = array_map('mysql_real_escape_string', $_COOKIE); } else { $_GET = array_map('stripslashes', $_GET); $_POST = array_map('stripslashes', $_POST); $_COOKIE = array_map('stripslashes', $_COOKIE); $_GET = array_map('mysql_real_escape_string', $_GET); $_POST = array_map('mysql_real_escape_string', $_POST); $_COOKIE = array_map('mysql_real_escape_string', $_COOKIE); } ?> Authenticate.php <?php session_start(); include "connect.php"; ?> <?php if(isset($_POST['submit'])) { $emailid=$_POST['email']; //Email id and password should be checked against the database. $password=$_POST['password']; $password=md5($password); $getuser="SELECT * from a_users where email='$emailid' and passkey='$password' and validated='1'"; $getuser2=mysql_query($getuser) or die("Could not query for user"); $getuser3=mysql_fetch_array($getuser2); if((strlen($getuser3)<1)||$getuser3[validated]==0) { header.Location("http://www.subhodeepghosh.com/home/members/invalid-username-password.php"; } else if($getuser3[isbanned]=="yes") { print "Your account has been banned. <br><br><br> <center>For more information contact webmaster: helpdesk@subhodeepghosh.com<br><br><br><br>copyright myplanet</center>"; } else { $_SESSION['email']=$emailid; //Once the email ID and password has been varified. if(isset($_SESSION['email'])) { $emailid=$_SESSION['email']; //retriving user name against the given email ID. $getusername="SELECT * from a_users where email='$emailid'"; $getusername2=mysql_query($getusername) or die("Could not get user name"); $getusername3=mysql_fetch_array($getusername2); $username=$getusername3['username']; } else { echo "ALERT: USER NAME DOES NOT EXIST"; } $path = '/folder/'; $hostname = 'subhodeepghosh.com'; setcookie('myplanet', $username, $emailid, $path, $hostname); //setting cookie for storing email ID and user name. } } ?> reset.php <?php include "connect.php"; include "admin/var.php"; ?> <?php if(isset($_POST['submit'])) { $email=$_POST['email']; $getaccount="SELECT * from a_users where email='$email'"; $getaccount2=mysql_query($getaccount) or die(mysql_error()); $getaccount3=mysql_fetch_array($getaccount2); $num=strlen($getaccount3[username]); if($num<1) { header.Location("http://www.subhodeepghosh.com/home/members/invalid-email-id.html"); } else { $val=date("U")%10000; srand($val); $newpassword=rand(1, 10000000); $headers .= "From: <$adminmail>\r\n"; mail("$email","Password",$headers); $newpassword=md5($newpassword); $inputnewpassword="Update a_users set passkey='$newpassword' where userID='$getaccount3[userID]'"; mysql_query($inputnewpassword) or die(mysql_error()); header.Location("http://www.subhodeepghosh.com/home/members/password-sent.html"); } } else { header.location("http://www.myplanet.co.in/home/members/reset-password.html"); } ?> logout.php <?php session_start(); include "connect.php"; ?> <?php if(isset($_SESSION['admin'])) { $admin=$_SESSION['admin']; $validateadmin="SELECT * from a_login where name='$admin'"; $validateadmin2=mysql_query($validateadmin) or die("Could not validate admin"); $validateadmin3=mysql_fetch_array($validateadmin2); if($validateadmin3['status']==3) { session_destroy(); header.Location("http://subhodeepghosh.com/home"); } } else { header.Location("http://www.subhodeepghosh.com/home/members/admin"); } ?> Please let me know if I writing correct code. Thank Ghosh Quote Link to comment Share on other sites More sharing options...
trq Posted August 16, 2007 Share Posted August 16, 2007 Do you actually have a specific question? I think your missing the point of this forum. Don't mean to be harsh, but a read of the How to aks questions.... link in my signiture would benifit us all. Quote Link to comment Share on other sites More sharing options...
ghosh Posted August 16, 2007 Author Share Posted August 16, 2007 Ok, I got your views. Here is my question: 1> header.Location("http://www.x.com/a/b/c.html"); is the is correct code to send the page from one page to another? 2> Lets say a visitors is in page five. now he want to login and post comment. He goes to login page and login. Now I wan to send him back to the page from where he came. Can you please tell me how do i do this? 3> in "reset.php" I am getting the user email ID and sending him a new email.What I actually want to do is to get the present pass' and insert the new one after getting from him. how do I do that? Thanks to any one who help me. Ghosh Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.