Register user problem

[barney0o0]

Ive got a form that sends info to the db with the field 'active' populated by

 

$a = md5(uniqid(rand(), true));

 

....then a link is sent to the registra

 

http://www.webadress/account.php?x=" . mysql_insert_id() . "&y=$a";

 

..all works fine, apart from changing the 'active' to null using

 

<?php
if (isset($_GET['x'])) {
$x = (int) $_GET['x'];
} else {
$x = 0;
}
if (isset($_GET['y'])) {
$y = $_GET['y'];
} else {
$y = 0;
}
if ( ($x> 0) && (strlen($y) == 32)) {
require_once ('connection1.php');
$query = "UPDATE regusers SET active=NULL WHERE (id=$x AND active='" . $y . "') LIMIT 1";
$result = mysql_query($query);
if (mysql_affected_rows() == 1) {
	echo "<h3>Your account is now active. You may now log in.</h3>";
} else {
	echo '<p><font color="red" size="+1">activatio failed. r.</font></p>';
}
mysql_close();
} else {
echo '<b>Activation link not valid!</b>';
}
?>

 

The link is populated with the correct id however the 'active' doesnt change. There are no mysql errors, just the 'activation failed'

 

 

...any ideas

 

Thanks in advance

[peranha]

$query = "UPDATE regusers SET active=NULL WHERE id='$x' AND active='$y' LIMIT 1";

 

I believe that should be your query.  What were the . for in the query?

[PFMaBiSmAd]

Echo $query to see what it actually contains.

 

Check the actual data in the database to make sure it is what you expect and matches the query.

 

Add error checking to your mysql_query() statement to test if it works or fails before blindly making use of the results of the query.