Calgaryalberta Posted January 26, 2008 Share Posted January 26, 2008 Yesterday I put together a script that a user registers > they get emailed an activation link, with their new username and password, they they click the activation link > It takes them to the site and says, "Account Activated". Then say you're the user - you click "Login" you enter your new userid, and password - and click "login" it says, "Account Not Activated" I think its a problem with the login script (which Ive posted) What its supposed to do is upon the user clicking the activation link there is a field in the database that changes from 0 to 1. 0 =not activated and 1=activated. Also upon clicking their activation link they're automatically assigned access to the members area, but there are multiple areas (ie: members, admins, managers, directors) So there is a field in the database called accesslevel that also changes when they click their activation link from 0 to 1 So, when logging in the database should see they have level 1 access and direct them to the members page... Right now the error Im getting is: "Your Account is Not Activated" (when the account is activated) :-\ I dont know why its doing this, anyone see any errors: <?php $con = mysql_connect("*****","****","****") or die('Could not connect: ' . mysql_error()); mysql_select_db("login", $con); session_start(); if(!$_POST['submit']){ echo "<table border=\"0\" cellspacing=\"3\" cellpadding=\"3\">\n"; echo "<form method=\"post\" action=\"login.php\">\n"; echo "<tr><td>Username</td><td><input type=\"text\" name=\"username\"></td></tr>\n"; echo "<tr><td>Password</td><td><input type=\"password\" name=\"password\"></td></tr>\n"; echo "<tr><td colspan=\"2\" align=\"right\"><input type=\"submit\" value=\"Login\" name=\"submit\"></td></tr>\n"; echo "</form></table>\n"; }else { $user = mysql_real_escape_string(trim($_POST['username'])); $pass = mysql_real_escape_string(trim($_POST['password'])); $errors = array(); if(!$user){ $errors[] = "You did not supply a username!"; }else { if(!$pass){ $errors[] = "You did not supply a password!"; }else { $sql = "SELECT count(*) FROM `users` WHERE `uid`='".$uid."'"; $res = mysql_query($sql) or die(mysql_error()); if(mysql_num_rows($res) == 0){ $errors[] = "Username does not exist!"; }else { $sql2 = "SELECT uid,activated,accesslevel FROM `users` WHERE `uid`='".$user."' AND `pass`='".md5($pass)."'"; $res2 = mysql_query($sql2) or die(mysql_error()); if(mysql_num_rows($res) == 0){ $errors[] = "Incorrect username and password combination!"; }else { $row = mysql_fetch_assoc($res2); if($row['activated'] == 0){ $errors[] = "Your account is not activated!"; } } } } } if(count($errors) > 0){ foreach($errors AS $error){ echo $error . "<br>\n"; } }else { $_SESSION['uid'] = $row['id']; switch($row['accesslevel']){ case 1: header("Location: /members/index.php"); break; case 2: header("Location: /admin/index.php"); break; case 3: header("Location: /manager/index.php"); break; default: header("Location: /directors/index.php"); } } } ?> Link to comment https://forums.phpfreaks.com/topic/87913-account-not-activated/ Share on other sites More sharing options...
revraz Posted January 26, 2008 Share Posted January 26, 2008 Is the field `activated` in your MySQL DB set as INTEGER? Also, why are you checking if they exist twice? Seems redundant to do a Count then check again if they exist. Link to comment https://forums.phpfreaks.com/topic/87913-account-not-activated/#findComment-449813 Share on other sites More sharing options...
revraz Posted January 26, 2008 Share Posted January 26, 2008 Also, why not merge activated and accesslevel into one? 0 Could mean non member and not activated can't it? Since you set them both to 1 after they activate. Link to comment https://forums.phpfreaks.com/topic/87913-account-not-activated/#findComment-449815 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.