|
PHP - How To Integrate Captcha Code To Webmail Signup Script?
Hi guys, i found simple php script which allow all visitors of my web site to create free email address thru my webmail service (like yahoo,hotmail,gmail,etc) and it works great, but in last month stupid bots created lots of funny user accounts and sending SPAM emails
Signup script is one file (signup.php) doing all the stuff i need (registration form,lost passwords form,etc). Now i want to put captcha code into signup.php to have captcha image cheking to prevent bots from creating more user accounts ... i`m not a php programer but i know how to change some things, but not all Signup scripts is free, so i will post it here that you can help me with this (it does not have my mysql and other information,because of security issue) - i will be happy if some of you guys put all the code i need for captcha to work with signup.php script Here is the signup.php script: Code: [Select] <?php // HMailServer New user signup Script Configuration $dbhost = "localhost"; // host of the MySQL database $dbuser = "root"; // Database username $dbpassword = ""; // Your database password $dbname = "hmail"; // the name of the database that has the hmailserver tables $webmailurl = "http://www.yurdomainname.com/webmail/login.php"; // The url to login in the webbased mail system $quota = "50"; // The mailbox free space if (strlen($_POST["pas1"]) <= 4 && IsSet($_POST["pas1"])) { $error .= "<centeR>Error: Your password must be longer than 4 characters</center>"; } else if ($_POST["pas1"] == "12345" && IsSet($_POST["pas1"])) { $error .= "<centeR>Error: Too simple password</center>"; } // Get the action if (IsSet($_POST["action"])) { $action = $_POST["action"]; } else { $action = $_GET["action"]; } // A function to check addresses, probably i will have to use it later. function normalmail($visitormail) { if(!$visitormail == "" && (!strstr($visitormail,"@") || !strstr($visitormail,"."))) { return FALSE; } else { return TRUE; } } // If there is no action, open the page for a new registration if (!IsSet($action)) { // Load the domain names and their ids into a variable $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_domains WHERE domainactive = '1' ", $db); $domains = "<select name=\"domain\">"; while ($row = mysql_fetch_array($result)) { $domainid = $row['domainid']; $domainname = $row['domainname']; $domains .= "\n<option value=\"$domainid\">$domainname</option>"; } $domains .= "\n</select>"; mysql_close(); echo " <center><b>Open a new E-Mail Account</b> <p> (*) fields are reguired.<br> <form action=\"\" name=\"registration\" method=\"post\"> <table border=\"0\"> <tr> <td>* Username: <td><input type=\"text\" name=\"username\">@<td>$domains<tr> <td>* First name: <td><input type=\"text\" name=\"firstname\"><td><tr> <td>* Last name: <td><input type=\"text\" name=\"lastname\"><td><tr> <td>* Password: <td><input type=\"password\" name=\"pas1\"><Td><tr> <td>* Password again: <td><input type=\"password\" name=\"pas2\"><Td><tr> <td>Old email Address: <td><input type=\"text\" name=\"oldmail\"><td>(in case you forgot your password)<tr> <td>* Secret question: <td><input type=\"text\" name=\"squestion\"><td><tr> <td>* Secret answe <td><input type=\"text\" name=\"sanswere\"><td><tr> <td><td> <input type=\"hidden\" name=\"action\" value=\"register\"> <input type=\"Submit\" value=\"Signup\"><td><tr></td></tr></table></table> "; } else if ($action == "register") { // Load the variables from the posting $domainid = $_POST["domain"]; $username = $_POST["username"]; $pas1 = $_POST["pas1"]; $pas2 = $_POST["pas2"]; $firstname = $_POST["firstname"]; $lastname = $_POST["lastname"]; $squestion = $_POST["squestion"]; $sanswere = $_POST["sanswere"]; $oldmail = $_POST["oldmail"]; // Do all the checks if ($oldmail != NULL && normalmail($oldmail) == FALSE) { $error .= "Error: Please enter a valid email address\n<br>"; } if ($squestion == NULL) { $error .= "Error: You have to enter your secret question\n<br>"; } if ($sanswere == NULL) { $error .= "Error: You have to enter your secret aswere\n<br>"; } if ($username == NULL) { $error .= "Error: You have to enter your desired username\n<br>"; } if ($domainid == NULL) { $error .= "Error: You have to choose a domain\n<Br>"; } if ($pas1 == NULL) { $error .= "Error: You have to enter your password\n<Br>"; } if ($pas1 != $pas2) { $error .= "Error: Your passwords does not match\n<Br>"; } if ($firstname == NULL) { $error .= "Error: You have to enter your first name\n<Br>"; } if ($lastname == NULL) { $error .= "Error: You have to enter your last name\n<Br>"; } //Check if the user exists for that domain $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_domains WHERE domainid = '$domainid' ", $db); $result = @mysql_fetch_array($result); $address = $username . "@" . $result['domainname']; $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$address' ", $db); $result = @mysql_fetch_array($result); if ($result['accountid'] != "") { $error .= "Error: The E-Mail address $address is already registered, please coose another username or domain\n<Br>"; mysql_close(); } if (IsSet($error)) { echo "<Center>Oops, There was some errors, please submit the form again<br>"; echo $error; } else { // Insert the new user infos into the database $passwd = md5($pas1); $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $query = "INSERT INTO hm_accounts (accountaddress, accountdomainid, accountadminlevel, accountpassword, accountactive, accountisad, accountmaxsize, accountpwencryption, accountvacationmessageon, accountoldaddress, accountfirstname, accountlastname, accountsecretque, accountsecretans) VALUES ('$address','$domainid','0','$passwd','1','0','$quota','2','0','$oldmail','$firstname','$lastname','$squestion','$sanswere')"; mysql_query($query) or die("Error: Can not query to the database"); mysql_close(); echo "<center><B>Completed!</b> <br><br> You have created an email account with us! you can use the E-Mail services eather by pop3/imap or by using the webmail system. <p>Please <A href=\"$webmailurl\">Login</a> to read or to send emails <p>Thank you $firstname $lastname for joining us"; } } else if ($action == "install") { $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); mysql_query("ALTER TABLE `hm_accounts` ADD `accountoldaddress` VARCHAR(50) NOT NULL"); mysql_query("ALTER TABLE `hm_accounts` ADD `accountfirstname` VARCHAR(50) NOT NULL"); mysql_query("ALTER TABLE `hm_accounts` ADD `accountlastname` VARCHAR(50) NOT NULL"); mysql_query("ALTER TABLE `hm_accounts` ADD `accountsecretque` VARCHAR(120) NOT NULL"); mysql_query("ALTER TABLE `hm_accounts` ADD `accountsecretans` VARCHAR(120) NOT NULL"); mysql_query("ALTER TABLE `hm_accounts` ADD `accounttmpverify` VARCHAR(120) NOT NULL"); mysql_close(); Echo "The script is istalled successfuly"; } // If the user forgot his password, this is the page to recover it. else if ($action == "forgotpass") { echo "<Center><b>Welcome to the password recovery page</b> <br><br> This page will help you to recover your lost password, if you had filled the oldmail at the registration time You will be able to recover it by using the oldmail method, else you will have to use the secret question method"; echo "<br><br><center> <table border=1 cellspacing=0 cellpadding=0> <tr><td><center>Old Email Method<tr><td> <form name=\"forgot\" action=\"\" method=\"post\"> <table border=0><tr><td> Old email<td><input type=\"text\" name=\"oldemail\"><tr> <td>Your email with us in form of (username@domain.tld) <td><input type=\"text\" name=\"current\"><tr> <input type=\"hidden\" name=\"action\" value=\"fpassoldemail\"> <td><td><input type=\"submit\" value=\"Send me Recovery code\"></tr></td> </form></td></tr></table></table> <center><p> <table border=1 cellspacing=0 cellpadding=0> <tr><td><center>Secret Question Method<tr><td> <form name=\"forgot\" action=\"\" method=\"post\"> <table border=0> <tr><td>Frist name<td><input type=\"text\" name=\"firstname\"><tr> <tr><td>Last name<td><input type=\"text\" name=\"lastname\"><tr> <td>Your email with us in form of (username@domain.tld) <td><input type=\"text\" name=\"current\"><tr> <input type=\"hidden\" name=\"action\" value=\"fpassgetquestion\"> <td><td><input type=\"submit\" value=\"Submit\"></tr></td> </form></td></tr></table></table></center>"; } // if the user submited data for the secret question method, // load the variables, and do the checks else if ($action == "fpassgetquestion") { $username = $_POST["current"]; $firstname = $_POST["firstname"]; $lastname = $_POST["lastname"]; if (normalmail($username) == FALSE) { $error .= "Error: Please enter a valid ID in form of email address\n<br>"; } if ($username == NULL) { $error .= "Error: You have to enter your current ID (in form of username@domain.ltd)\n<br>"; } if ($firstname == NULL) { $error .= "Error: You have to enter your first name\n<Br>"; } if ($lastname == NULL) { $error .= "Error: You have to enter your last name\n<Br>"; } if (IsSet($error)) { echo "<Center>Oops, There was some errors, please submit the form again<br>"; echo $error; //else do the rest of the checks } else { $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username' ", $db); $result = @mysql_fetch_array($result); $questi = $result['accountsecretque']; echo "<center><b>Please answere your secret question: $questi </b>"; echo "<p><form name=\"forgot\" action=\"\" method=\"post\"> <table border=0> <input type=\"hidden\" value=\"$firstname\" name=\"firstname\"> <input type=\"hidden\" value=\"$lastname\" name=\"lastname\"> <input type=\"hidden\" value=\"$questi\" name=\"squestion\"> <input type=\"hidden\" value=\"$username\" name=\"current\"> <td>Answe <td><input type=\"text\" name=\"sanswere\"><tr> <input type=\"hidden\" name=\"action\" value=\"fpassquestion\"> <td><td><input type=\"submit\" value=\"Submit\"></tr></td> </form></td></tr></table></table></center>"; } } else if ($action == "fpassquestion") { $username = $_POST["current"]; $firstname = $_POST["firstname"]; $lastname = $_POST["lastname"]; $squestion = $_POST["squestion"]; $sanswere = $_POST["sanswere"]; // Do all the checks if (normalmail($username) == FALSE) { $error .= "Error: Please enter a valid ID in form of email address\n<br>"; } if ($squestion == NULL) { $error .= "Error: You have to enter your secret question\n<br>"; } if ($sanswere == NULL) { $error .= "Error: You have to enter your secret aswere\n<br>"; } if ($username == NULL) { $error .= "Error: You have to enter your current ID (in form of username@domain.ltd)\n<br>"; } if ($firstname == NULL) { $error .= "Error: You have to enter your first name\n<Br>"; } if ($lastname == NULL) { $error .= "Error: You have to enter your last name\n<Br>"; } // If there was error, stop if (IsSet($error)) { echo "<Center>Oops, There was some errors, please submit the form again<br>"; echo $error; //else do the rest of the checks } else { $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username' ", $db); $result = @mysql_fetch_array($result); // check if the information does match with the stored data if ( $result['accountlastname'] == NULL || $result['accountfirstname'] == NULL || $result['accountsecretque'] == NULL || $result['accountsecretans'] == NULL) { die("Error: Cant find infos in database for $username"); mysql_close(); } if (strtolower($result['accountlastname']) == strtolower($lastname) && strtolower($result['accountfirstname']) == strtolower($firstname) && strtolower($result['accountsecretque']) == strtolower($squestion) && strtolower($result['accountsecretans']) == strtolower($sanswere)) { echo "<b><center>Your info does match, please enter a new password for $username bellow</b>"; echo "<p><br><center> <table><tr><td> <center>Change password for $username<tr><Td> <center><table> <form name=\"forgot\" action=\"\" method=\"post\"> <tr><Td>Enter new password<td><input type=\"password\" name=\"pas1\"><Tr> <Td>Verify password<td><input type=\"password\" name=\"pas2\"><Tr> <input type=\"hidden\" value=\"$firstname\" name=\"firstname\"> <input type=\"hidden\" value=\"$lastname\" name=\"lastname\"> <input type=\"hidden\" value=\"$squestion\" name=\"squestion\"> <input type=\"hidden\" value=\"$sanswere\" name=\"sanswere\"> <input type=\"hidden\" value=\"$username\" name=\"current\"> <input type=\"hidden\" value=\"forgpassquepro\" name=\"action\"> <Td><td><input type=\"submit\" value=\"Change it\"></Tr></table></table></form></center>"; } else { echo "<b><center>Your info does NOT match</b><p> Your data does not match with the stored informations of $username, please enter the exact info"; } } } else if ($action == "forgpassquepro") { $username = $_POST["current"]; $firstname = $_POST["firstname"]; $lastname = $_POST["lastname"]; $squestion = $_POST["squestion"]; $sanswere = $_POST["sanswere"]; $newpassword = $_POST["pas1"]; $newpassword = md5($newpassword); if (normalmail($username) == FALSE) { die("Error"); } $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username' ", $db); $result = @mysql_fetch_array($result); // check if the information does match with the stored data if ( $result['accountlastname'] == NULL || $result['accountfirstname'] == NULL || $result['accountsecretque'] == NULL || $result['accountsecretans'] == NULL) { die("Error: Cant find infos in database for $username"); mysql_close(); } if ($_POST["pas1"] != $_POST["pas2"]) { $error = "<center><B>Your passwords does not match, please submit the form again</b></centeR>"; } if ($error != NULL) { echo $error; } else { if (strtolower($result['accountlastname']) == strtolower($lastname) && strtolower($result['accountfirstname']) == strtolower($firstname) && strtolower($result['accountsecretque']) == strtolower($squestion) && strtolower($result['accountsecretans']) == strtolower($sanswere)) { $accountid = $result['accountid']; //ok change the password $query = "UPDATE hm_accounts SET accountpassword = '$newpassword' WHERE accountid = '$accountid'"; mysql_query($query); echo "<center><b>Ok Your password has changed, sign in now with your new password, and your ID $username</b></center>"; mysql_close(); } } } // forgot password, old email method. else if ($action == "fpassoldemail") { $username = $_POST["current"]; $oldmail = $_POST["oldemail"]; // Do all the checks if (normalmail($username) == FALSE) { $error .= "Error: Please enter a valid ID in form of email address\n<br>"; } if (normalmail($oldmail) == FALSE) { $error .= "Error: Please enter a valid email address\n<br>"; } $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username'", $db); $result = @mysql_fetch_array($result); $accountid = $result['accountid']; if ($result['accountoldaddress'] == NULL) { $error .= "Error: Missing infos in the database for $username <Br>"; } if ($result['accountoldaddress'] != $oldmail) { $error .= "Error: The address $oldmail does not match with the old address of $username <Br>"; } if ($error != NULL) { echo "<Center>Oops, There was some errors, please submit the form again<br>"; echo $error; mysql_close(); } else { // in that case somehow we have to generate a random code for($x=0;$x<10;$x++) { $y = rand(0,61); $z .= $y + (($y<10) ? 48 : (($y<20) ? 21 : 10)); } $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $query = "UPDATE hm_accounts SET accounttmpverify = '$z' WHERE accountid = '$accountid'"; mysql_query($query); mysql_close(); $body = " The user account $username has this email associated with it. A Web user from " . $_SERVER['REMOTE_ADDR'] . " has just requested a Confirmation Code to change the password. Your Confirmation Code is: $z With this code you can now assign a new password at http://" . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME'] . "?action=fpassconfirm&addr=$username&code=$z If you cant click in the link, copy paste the URL into your browser. If you didn't asked for this, don't worry. Just delete this Email."; $body = wordwrap($body, 70); $subject = "Lost password: confirmation code"; $headers=""; $headers = 'From: ' . $username; if (mail($oldmail, $subject, $body, $headers)) { echo "<b>Message successfully sent!</b> <p>Please read the email in your old address $oldmail to get the verification code and reset your password <p>Your IP address is loged for security reasons."; } else { echo "<b>Message delivery failed!</b>"; } } } else if ($action == "fpassconfirm") { $code = $_POST["code"]; $username = $_POST["addr"]; if (!IsSet($code)) { $code = $_GET["code"]; } if (!IsSet($username)) { $username = $_GET["addr"]; } $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username' ", $db); $result = @mysql_fetch_array($result); if ($username == NULL || normalmail($username) == FALSE) { $error .= "Error: Please enter your E-mail address in the correct form<Br>"; } if ($code == NULL) { $error .= "Error: Please enter the confirmation code<br>"; } if ($result['accounttmpverify'] != $code) { $error .= "Error: You entered an invalid confirmation code. <Br>"; } if ($error != NULL) { echo "<Center>Oops, There was some errors, please submit the form again<br>"; echo $error; echo "<br><br> <form name=\"forgot\" action=\"\" method=\"post\"> <center> <table><tr> <Td>E-Mail address<td><input name=\"addr\" type=\"text\"> <tr><td>Code<td><input name=\"code\" type=\"text\"><tr> <input type=\"hidden\" value=\"fpassconfirm\" name=\"action\"> <td><td><input type=\"submit\" value=\"Submit\"></tr> </td></table></table></form></centeR> "; mysql_close(); } else { echo "<b><center>Confirmation code is valid, Please enter your new password bellow</b>"; echo "<p><br> <center><table><tr><Td> Change password for $username<tr><Td> <table><tr> <form name=\"forgot\" action=\"\" method=\"post\"> <Td>Enter new password<td><input type=\"password\" name=\"pas1\"> <Tr><Td>Verify password<td><input type=\"password\" name=\"pas2\"><Tr> <input type=\"hidden\" value=\"$code\" name=\"code\"> <input type=\"hidden\" value=\"$username\" name=\"addr\"> <input type=\"hidden\" value=\"forgpasscodepro\" name=\"action\"> <Td><td><input type=\"submit\" value=\"Change it\"></Tr></table></table></form>"; mysql_close(); } } // ok lets check the code again, and change the password. else if ($action = "forgpasscodepro") { $code = $_POST["code"]; $username = $_POST["addr"]; $newpassword = $_POST["pas1"]; $newpassword = md5($newpassword); $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username' ", $db); $result = @mysql_fetch_array($result); $accountid = $result['accountid']; if ($username == NULL || normalmail($username) == FALSE) { $error .= "Error: Please enter your E-mail address in the correct form<Br>"; } if ($code == NULL) { $error .= "Error: Please enter the confirmation code<br>"; } if ($result['accounttmpverify'] != $code) { $error .= "Error: You entered an invalid confirmation code. <Br>"; } if ($_POST["pas1"] != $_POST["pas2"]) { $error .= "Error: Passwords does not match. <Br>"; } if ($error != NULL) { echo $error; } else { $query = "UPDATE hm_accounts SET accountpassword = '$newpassword' WHERE accountid = '$accountid'"; mysql_query($query); echo "<b>Your password has changed!</B><br><br> now you can sign in with your new password and your ID $username"; mysql_close(); } } echo "<center><p><em><font size=\"2\">Powered by <a target=\"hmail\" href=\"http://www.hmailserver.com\">HMailServer</a> @ All rights reserved</em></font></centeR>"; ?> Tnx Similar TutorialsHi Guys, I can't figure this one out, in my registration code i set it to email when a user successfully registers: code: <?php if (isset($_POST['submitSignUp'])) { // Errors array() $errors = array(); // POST vars $fName = mysql_real_escape_string($_POST['fname']); $lName = mysql_real_escape_string($_POST['lname']); $email = mysql_real_escape_string($_POST['email']); $pass1 = mysql_real_escape_string($_POST['pass1']); $pass2 = mysql_real_escape_string($_POST['pass2']); $cntry = mysql_real_escape_string($_POST['cntry']); // Does passwords match if ($pass1 != $pass2) { $errors[] = "Your passwords don't match."; } // Potential errors // Empty fields if (empty($fName) || empty($lName) || empty($email) || empty($pass1) || empty($pass2)) { $errors[] = "You never filled in all the fields."; } else { // Does user exist? $result = mysql_query("SELECT * FROM `dig_customers` WHERE `email`='$email' LIMIT 1"); if (mysql_num_rows($result) > 0) { $errors[] = "The e-mail address <b>$email</b> has already been registered."; } else { // Empty for now... } } // display errors if any exist if (count($errors) > 0) { print "<div id=\"errorMsg\"><h3>Ooops! There was error(s)</h3><ol>"; foreach($errors as $error) { print "<li>$error</li>"; } print "</ol></div>"; } else { print "<div id=\"okMsg\"><p>All done :) you can now sign in.</p></div>"; // Encrypt the password before insertion $encPass = md5($pass1); // Insert into the database $q = mysql_query("INSERT INTO `dig_customers` (`id`, `password`, `password_unencrypted`, `gender`, `title`, `first_name`, `last_name`, `address`, `city`, `state_county`, `post_zip_code`, `country`, `email`, `home_number`, `mobile_number`, `news_letter`, `special_offers`, `admin_level`, `registered`) VALUES ('', '$encPass', '$pass1', 'NULL', 'NULL', '$fName', '$lName', 'NULL', 'NULL', 'NULL', 'NULL', '$cntry', '$email', 'NULL', 'NULL', 'NULL', 'NULL', 'N', NOW())"); if ($q) { // Alert on signup send_graham_email("User Has Signed Up!"); } } } ?> i moved this part: print "<div id=\"okMsg\"><p>All done you can now sign in.</p></div>"; and the INSERT query to where it is now thinking this has solved it, but i just got an email saying "user has signed up!" but when i check the stats they haven't LOL can anyone see where i have went wrong? cheers guys Graham Can you help me integrate this code :
<form method="post" action="submit.php"> <input type="checkbox" class="required" /> Click to check <br /> <input disabled="disabled" type='submit' id="submitBtn" value="Submit"> </form>In to this Contact Form code, please? <form action="../page.php?page=1" method="post" name="contact_us" onSubmit="return capCheck(this);"> <table cellpadding="5" width="100%"> <tr> <td width="10" class="required_field">*</td> <td width="80">Your Name</td> <td><input type="text" name="name" maxlength="40" style="width:400px;/></td> </tr> <tr> <td class="required_field">*</td> <td>Email Address</td> <td><input type="text" name="email" maxlength="40" style="width:400px;/></td> </tr> <tr> <td></td> <td>Comments:</td> <td><textarea name="comments" style="width: 400px; height: 250px;"></textarea></td> </tr> </table> </form Hi Im using a php theme script and I want to use jcart with this script. The thing is my theme scrip dosen't use echo. When I need to display something I have to use something like this $_PAGE = "<div id='jcart'>..." and if i use echo i recieve header error. i changed couple of thing and now i cant see cart but when i click add to cart button it says Item added but all cart is disappearing. you can see here could you help me please thanks. Code: [Select] <THEME Name={ShopNavDivEnd}> </ul> </div> <br /><br /><br /><br /> <VAR>_JCART</VAR> </div> </THEME> this is shop.php Code: [Select] $_JCART .= "<div id='jcart'>".$jcart->display_cart()."</div>"; i changed the jcart.php class to like this. I mean all echo to $_PAGE .= "..." Code: [Select] // Return specified number of tabs to improve readability of HTML output function tab($n) { $tabs = null; while ($n > 0) { $tabs .= "\t"; --$n; } return $tabs; } // If there's an error message wrap it in some HTML if ($errorMessage) { $errorMessage = "<p id='jcart-error'>$errorMessage</p>"; } // Display the cart header $_JCART .= tab(1) . "$errorMessage\n"; $_JCART .= tab(1) . "<form method='post' action='$checkout'>\n"; $_JCART .= tab(2) . "<fieldset>\n"; $_JCART .= tab(3) . "<input type='hidden' name='jcartToken' value='{$_SESSION['jcartToken']}' />\n"; $_JCART .= tab(3) . "<table border='1'>\n"; $_JCART .= tab(4) . "<thead>\n"; $_JCART .= tab(5) . "<tr>\n"; $_JCART .= tab(6) . "<th colspan='3'>\n"; $_JCART .= tab(7) . "<strong id='jcart-title'>{$config['text']['cartTitle']}</strong> ($this->itemCount $itemsText)\n"; $_JCART .= tab(6) . "</th>\n"; $_JCART .= tab(5) . "</tr>". "\n"; $_JCART .= tab(4) . "</thead>\n"; // Display the cart footer $_JCART .= tab(4) . "<tfoot>\n"; $_JCART .= tab(5) . "<tr>\n"; $_JCART .= tab(6) . "<th colspan='3'>\n"; // If this is the checkout hide the cart checkout button if ($isCheckout !== true) { if ($config['button']['checkout']) { $inputType = "image"; $src = " src='{$config['button']['checkout']}' alt='{$config['text']['checkout']}' title='' "; } $_JCART .= tab(7) . "<input type='$inputType' $src id='jcart-checkout' name='jcartCheckout' class='jcart-button' value='{$config['text']['checkout']}' />\n"; } $_JCART .= tab(7) . "<span id='jcart-subtotal'>{$config['text']['subtotal']}: <strong>$currencySymbol" . number_format($this->subtotal, $priceFormat['decimals'], $priceFormat['dec_point'], $priceFormat['thousands_sep']) . "</strong></span>\n"; $_JCART .= tab(6) . "</th>\n"; $_JCART .= tab(5) . "</tr>\n"; $_JCART .= tab(4) . "</tfoot>\n"; $_JCART .= tab(4) . "<tbody>\n"; // If any items in the cart if($this->itemCount > 0) { // Display line items foreach($this->get_contents() as $item) { $_JCART .= tab(5) . "<tr>\n"; $_JCART .= tab(6) . "<td class='jcart-item-qty'>\n"; $_JCART .= tab(7) . "<input name='jcartItemId[]' type='hidden' value='{$item['id']}' />\n"; $_JCART .= tab(7) . "<input id='jcartItemQty-{$item['id']}' name='jcartItemQty[]' size='2' type='text' value='{$item['qty']}' />\n"; $_JCART .= tab(6) . "</td>\n"; $_JCART .= tab(6) . "<td class='jcart-item-name'>\n"; if ($item['url']) { $_PAGE .= tab(7) . "<a href='{$item['url']}'>{$item['name']}</a>\n"; } else { $_PAGE .= tab(7) . $item['name'] . "\n"; } $_JCART .= tab(7) . "<input name='jcartItemName[]' type='hidden' value='{$item['name']}' />\n"; $_JCART .= tab(6) . "</td>\n"; $_JCART .= tab(6) . "<td class='jcart-item-price'>\n"; $_JCART .= tab(7) . "<span>$currencySymbol" . number_format($item['subtotal'], $priceFormat['decimals'], $priceFormat['dec_point'], $priceFormat['thousands_sep']) . "</span><input name='jcartItemPrice[]' type='hidden' value='{$item['price']}' />\n"; $_JCART .= tab(7) . "<a class='jcart-remove' href='?jcartRemove={$item['id']}'>{$config['text']['removeLink']}</a>\n"; $_JCART .= tab(6) . "</td>\n"; $_JCART .= tab(5) . "</tr>\n"; } } // The cart is empty else { $_PAGE = tab(5) . "<tr><td id='jcart-empty' colspan='3'>{$config['text']['emptyMessage']}</td></tr>\n"; } $_JCART .= tab(4) . "</tbody>\n"; $_JCART .= tab(3) . "</table>\n\n"; $_JCART .= tab(3) . "<div id='jcart-buttons'>\n"; if ($config['button']['update']) { $inputType = "image"; $src = " src='{$config['button']['update']}' alt='{$config['text']['update']}' title='' "; } $_JCART .= tab(4) . "<input type='$inputType' $src name='jcartUpdateCart' value='{$config['text']['update']}' class='jcart-button' />\n"; if ($config['button']['empty']) { $inputType = "image"; $src = " src='{$config['button']['empty']}' alt='{$config['text']['emptyButton']}' title='' "; } $_JCART .= tab(4) . "<input type='$inputType' $src name='jcartEmpty' value='{$config['text']['emptyButton']}' class='jcart-button' />\n"; $_JCART .= tab(3) . "</div>\n"; // If this is the checkout display the PayPal checkout button if ($isCheckout === true) { // Hidden input allows us to determine if we're on the checkout page // We normally check against request uri but ajax update sets value to relay.php $_JCART .= tab(3) . "<input type='hidden' id='jcart-is-checkout' name='jcartIsCheckout' value='true' />\n"; // PayPal checkout button if ($config['button']['checkout']) { $inputType = "image"; $src = " src='{$config['button']['checkout']}' alt='{$config['text']['checkoutPaypal']}' title='' "; } if($this->itemCount <= 0) { $disablePaypalCheckout = " disabled='disabled'"; } $_JCART .= tab(3) . "<input type='$inputType' $src id='jcart-paypal-checkout' name='jcartPaypalCheckout' value='{$config['text']['checkoutPaypal']}' $disablePaypalCheckout />\n"; } $_JCART .= tab(2) . "</fieldset>\n"; $_JCART .= tab(1) . "</form>\n\n"; $_JCART .= tab(1) . "<div id='jcart-tooltip'></div>\n"; return $_JCART; } } and this is my theme script Code: [Select] <?php class Theme { var $META = array(); var $JS = array(); var $BodyOn = array(); var $CSS = array(); var $TITLE = ""; var $Charset = "UTF-8"; var $Headers = ''; var $Body = array(); var $Vars = array(); var $ThemeList = array(); var $ThemeDir = ''; var $CacheDir = ''; var $ThemeName = ''; var $FirstTAG = ''; var $FirstPosition = 999999; var $ClassUpdated = 0; var $CompressOutput = true; var $MatchTAG = array( // Find And Replace 'FE' => array( 'Find' => '<FE Array={([^}]+)}>', 'Replace' => "if ( count( \$\\1 ) )\r\n<!TabCount!>{\r\n<!TabCount!>\tforeach ( \$\\1 as \$_KEY => \$_VALUE )\r\n<!TabCount!>\t{\r\n" ), '/FE' => array( 'Find' => '<\/FE>', 'Replace' => "\t}\r\n<!TabCount!>}\r\n" ), 'FF' => array( 'Find' => '<FF Array={([^}]+)}>', 'Replace' => "if ( count( \$\\1 ) )\r\n<!TabCount!>{\r\n<!TabCount!>\tforeach ( \$\\1 as \$_KFY => \$_VALUF )\r\n<!TabCount!>\t{\r\n" ), '/FF' => array( 'Find' => '<\/FF>', 'Replace' => "\t}\r\n<!TabCount!>}\r\n" ), 'IF' => array( 'Find' => '<IF State={([^}]+)}>', 'Replace' => "if ( \\1 )\r\n<!TabCount!>{\r\n" ), '/IF' => array( 'Find' => '<\/IF>', 'Replace' => "}\r\n" ), 'ELIF' => array( 'Find' => '<ELIF State={([^}]+)}>', 'Replace' => "else if ( \\1 )\r\n<!TabCount!>{\r\n" ), '/ELIF' => array( 'Find' => '<\/ELIF>', 'Replace' => "}\r\n" ), 'ELSE' => array( 'Find' => '<ELSE>', 'Replace' => "else\r\n<!TabCount!>{\r\n" ), '/ELSE' => array( 'Find' => '<\/ELSE>', 'Replace' => "}\r\n" ), 'VAR' => array( 'Find' => '<VAR>([^<]+)<\/VAR>', 'Replace' => "\$\\1" ), 'BIT' => array( 'Find' => '<BIT>([a-z0-9_]+)(\(([^<]*)\)|)<\/BIT>', 'Replace' => "t_\\1(\\3)" ), 'DEF' => array( 'Find' => '<DEF>([^<]+)<\/DEF>', 'Replace' => "\\1" ), 'PHP' => array( 'Find' => '<PHP>([^<]+);?<\/PHP>', 'Replace' => "\\1" ), 'THEME' => array( 'Find' => '<THEME Name={([^}]+)}\s*?(Vars?={([^}]+)})?>(.+)<\/THEME>' ), ); var $PredefinedGlobals = array( '_HTML', '_KEY', '_KFY', '_VALUE', '_VALUF', '_GET', '_POST', '_SESSION', '_COOKIE' ); /* * Base Functions * * <FE Array={Dizi}> ... </FE> * <IF State={$a == '4'}> ... </IF> * <ELIF State={$a == '4'}> ... </ELIF> * <ELSE> ... </ELSE> * <VAR> ... </VAR> * <BIT> ... </BIT> * * @param String $ThemeName * @return void */ function Theme() { global $CFG; $this->Charset = $CFG['Theme']['Charset']; $this->META = $CFG['Theme']['Meta']; $this->TITLE = $CFG['Title']; $this->ClassUpdated = filemtime( CLS_DIR . "theme.class.php" ); } /** * * @access public * @return void */ function setTHEME( $ThemeName ) { if ( !is_dir( THM_DIR . $ThemeName ) ) return false; $this->ThemeName = $ThemeName; $this->ThemeDir = THM_DIR . $ThemeName . '/Html/'; $this->CacheDir = CCH_DIR . 'Themes/' . $ThemeName . '/'; $this->initTHEME(); } /** * * @access public * @return void */ function initTHEME() { define( 'IMG_DIR', "http://" . SITE . "/Themes/" . $this->ThemeName . "/Image/" ); $this->loadTheme( "index" ); } function loadTheme( $FileName ) { $FileName = ucfirst( strtolower( $FileName ) ); // Theme HTML Exists ? if ( !file_exists( $this->ThemeDir . $FileName . ".tpl" ) ) { global $CFG; if ( $this->ThemeName != $CFG['Theme']['DefaultTheme'] ) { $_SESSION['ThemeName'] = $CFG['Theme']['DefaultTheme']; header( "Location: ?" ); die( 'falan filan' ); } else die( "Theme File Not Found: " . $FileName . ".tpl" ); } $this->ThemeList = array(); // Theme Cache Exists ? And Newer than the Theme HTML ? if ( file_exists( $this->CacheDir . $FileName . ".tpl.php" ) AND ( filemtime( $this->CacheDir . $FileName . ".tpl.php" ) > max( $this->ClassUpdated, filemtime( $this->ThemeDir . $FileName . ".tpl" ) ) ) ) $this->createFunctions( $FileName ); else $this->cacheTheme( $FileName ); } /** * * @access public * @return void */ function loadCSS( $CssFile ) { if ( eregi( 'http', $CssFile ) ) $this->CSS[] = $CssFile; else { global $_RWBASE; $FileName = THM_DIR . $this->ThemeName . '/Style/' . $CssFile; if ( file_exists( $FileName ) AND is_readable( $FileName ) ) $this->CSS[$CssFile] = $_RWBASE . $FileName; } } /** * * @access public * @return void */ function loadJS( $JsFile, $Code = false ) { if ( !$Code ) { if ( eregi( 'http', $JsFile ) ) $this->JS[] = '<script type="text/javascript" src="' . $JsFile . '"></script>'; else { global $_RWBASE; $FileName = BASE_DIR . 'Sources/JavaScript/' . $JsFile; if ( file_exists( $FileName ) AND is_readable( $FileName ) ) $this->JS[$JsFile] = '<script type="text/javascript" src="' . $_RWBASE . $FileName . '"></script>'; } } else $this->JS[$Code] = '<script type="text/javascript">' . $JsFile . '</script>'; } function addJS( $JsFile, $Code = false ) { $this->loadJS( $JsFile, $Code ); } /** * * @access public * @return void */ function bodyOn( $Type, $Code ) { $this->BodyOn[strtolower( $Type )][] = $Code; } /** * * @access public * @return void */ function writePage( $FinalFunction = "t_Page" ) { foreach ( $this->BodyOn as $key => $value ) { $this->loadJS( 'function bodyOn' . $key . '() {' . implode( $value ) . '}; onAttacher("' . $key . '",bodyOn' . $key . ');', 'on' . $key ); } $header = array( "<title>" . $this->TITLE . "</title>" ); foreach ( $this->META as $value ) $header[] = $value; foreach ( $this->JS as $value ) $header[] = $value; foreach ( $this->CSS as $value ) $header[] = '<style type="text/css" media="all">@import url(' . $value . ');</style>'; $this->Headers = implode( $header ); header( 'Content-Type: text/html; charset=' . $this->Charset ); echo $FinalFunction(); } function createFunctions( $FileName = '' ) { include_once( $this->CacheDir . $FileName . ".tpl.php" ); } function cacheTheme( $FileName ) { $FileContent = rFile( $this->ThemeDir . $FileName . ".tpl" ); if ( $this->CompressOutput ) $FileContent = $this->compressHTML( $FileContent ); $this->parseThemes( $FileContent ); wFile( $this->CacheDir . $FileName . ".tpl.php", "<" . "? \r\n" . $this->createThemeFunctions() . "\r\n?" . ">", 0777 ); $this->createFunctions( $FileName ); } function compressHTML( $Content ) { $Content = preg_replace( "/[\s]{2,}/", " ", $Content ); $Content = preg_replace( "/> </", "><", $Content ); return $Content; } function parseThemes( $Content ) { $Results = $this->findExactTAGs( $Content, "THEME" ); foreach ( $Results as $Value ) { preg_match( "/^" . $this->MatchTAG['THEME']['Find'] . "$/is", trim( $Value ), $Match ); $Vars = array(); if ( trim( $Match[3] ) != '' ) { $tVars = explode( ',', $Match[3] ); foreach ( $tVars as $vValue ) { if ( preg_match( '/^\$?([a-z0-9_]+)=?(.*)$/i', trim( $vValue ), $vMatch ) ) $Vars[$vMatch[1]] = "$" . $vMatch[1] . ( trim( $vMatch[2] ) != "" ? "=" . $vMatch[2] : "" ); } } $this->ThemeList[$Match[1]] = array( 'Code' => $Match[4], 'Vars' => $Vars ); } return true; } function findExactTAGs( $Content, $TAGName ) { $Results = array(); $CurrPos = 0; $Found = false; $Level = 0; // --------------------- $StartTAG = "<" . $TAGName; $EndTAG = "</" . $TAGName . ">"; $Repeat = substr_count( $Content, $StartTAG ); if ( substr_count( $Content, $EndTAG ) != $Repeat ) die( "Template ERROR: <$TAGName> sayısı ile </$TAGName> sayısı eşit değil!" ); // ----------------------------------- for( $i = 0; $i < $Repeat; $i++ ) { $Found = false; $Level = 0; $ContentStart = strpos( $Content, $StartTAG, $CurrPos ); $CurrPos = $ContentStart + strlen( $StartTAG ); while ( $Found == false ) { if ( $Level == 0 ) { $PosS = strpos( $Content, $StartTAG, $CurrPos ); $PosE = strpos( $Content, $EndTAG, $CurrPos ); if ( $PosS < $PosE AND $PosS !== false ) $Level++; else $Found = true; if ( $Found ) $ContentEnd = $PosE; $CurrPos = min( ( $PosS === false ? 999999 : $PosS ), ( $PosE === false ? 999999 : $PosE ) ) + 1; } else if ( $Level > 0 ) { $PosS = strpos( $Content, $StartTAG, $CurrPos ); $PosE = strpos( $Content, $EndTAG, $CurrPos ); if ( $PosS < $PosE AND $PosS !== false ) $Level++; else $Level--; $CurrPos = min( ( $PosS === false ? 999999 : $PosS ), ( $PosE === false ? 999999 : $PosE ) ) + 1; } } $Results[] = trim( substr( $Content, $ContentStart, $ContentEnd - $ContentStart + strlen( $EndTAG ) ) ); } // for return $Results; } function createThemeFunctions() { $FunctionList = array(); foreach ( $this->ThemeList as $Name => $ThemeData ) { $FunctionVars = $ThemeData['Vars']; $Content = $ThemeData['Code']; $FunctionCode = ''; $FunctionGlobals = array(); $this->TabCount = 1; $HtmlOpen = true; while ( ( $StartPoint = $this->getFirstTAG( $Content ) ) !== false ) { if ( $StartPoint == 0 ) { if ( !preg_match( '/^' . $this->MatchTAG[$this->FirstTAG]['Find'] . '/i', $Content, $Match ) ) die( 'Template Tag Error: ' . $this->FirstTAG ); if ( $this->FirstTAG == "THEME" ) { $SubThemes = $this->findExactTAGs( $Match[0], "THEME" ); foreach ( $SubThemes as $SubValue ) { preg_match( "/^" . $this->MatchTAG['THEME']['Find'] . "$/i", $SubValue, $SubMatch ); $SubVars = array(); if ( trim( $SubMatch[3] ) != '' ) { $tVars = explode( ',', $SubMatch[3] ); foreach ( $tVars as $vValue ) { if ( preg_match( '/^\$?([a-z0-9_]+)=?(.*)$/i', trim( $vValue ), $vMatch ) ) $SubVars[$vMatch[1]] = "$" . $vMatch[1] . ( trim( $vMatch[2] ) != "" ? "=" . $vMatch[2] : "" ); } } $this->ThemeList[$SubMatch[1]] = array( 'Code' => $SubMatch[4], 'Vars' => $SubVars ); $Content = str_replace( $SubMatch[0], '<BIT>' . $SubMatch[1] . ( count( $SubVars ) ? "(" . implode( ',', $SubVars ) . ")" : "" ) . '</BIT>', $Content ); } } else { if ( in_array( $this->FirstTAG, array( '/FE', '/FF', '/IF', '/ELIF', '/ELSE' ) ) ) $this->TabCount--; if ( in_array( $this->FirstTAG, array( '/FE', '/FF' ) ) ) $this->TabCount--; $Content = substr( $Content, strlen( $Match[0] ), strlen( $Content ) - strlen( $Match[0] ) ); if ( in_array( $this->FirstTAG, array( 'VAR', 'BIT', 'DEF', 'PHP' ) ) ) { if ( $HtmlOpen ) $FunctionCode .= " . "; else $FunctionCode .= $this->addTab() . "\$_HTML .= "; $HtmlOpen = true; } else { if ( $HtmlOpen ) $FunctionCode .= ";\r\n"; $FunctionCode .= $this->addTab(); $HtmlOpen = false; } $FunctionCode .= preg_replace( '/^' . $this->MatchTAG[$this->FirstTAG]['Find'] . '$/i', str_replace( '<!TabCount!>', $this->addTab(), $this->MatchTAG[$this->FirstTAG]['Replace'] ), $Match[0] ); if ( in_array( $this->FirstTAG, array( 'FE', 'FF', 'IF', 'ELIF', 'ELSE' ) ) ) $this->TabCount++; if ( in_array( $this->FirstTAG, array( 'FE', 'FF' ) ) ) $this->TabCount++; if ( in_array( $this->FirstTAG, array( 'IF', 'ELIF', 'PHP' ) ) ) $FunctionGlobals[] = $Match[1]; if ( in_array( $this->FirstTAG, array( 'FE', 'FF', 'VAR' ) ) ) $FunctionGlobals[] = "$" . $Match[1]; } } else { if ( trim( $HtmlCode = substr( $Content, 0, $StartPoint ) ) != "" ) { if ( $HtmlOpen ) $FunctionCode .= " . "; else $FunctionCode .= $this->addTab() . "\$_HTML .= "; $HtmlOpen = true; $FunctionCode .= "'" . str_replace( "'", "\'", $HtmlCode ) . "'"; $Content = substr( $Content, strlen( $HtmlCode ), strlen( $Content ) - strlen( $HtmlCode ) ); } else $Content = ltrim( $Content ); } } if ( trim( $Content ) != '' ) { if ( $HtmlOpen ) $FunctionCode .= " . "; else $FunctionCode .= $this->addTab() . "\$_HTML .= "; $HtmlOpen = true; $FunctionCode .= "'" . str_replace( "'", "\'", $Content ) . "'"; } if ( $HtmlOpen ) $FunctionCode .= ";\r\n"; $Function = "function t_" . $Name . "(" . implode( ',', $FunctionVars ) . ")\r\n{\r\n"; $Function .= $this->setGlobals( $FunctionGlobals, $FunctionVars ); if ( substr( $FunctionCode, 0, 3 ) == " . " ) { $Function .= "\t\$_HTML = "; $Function .= substr( $FunctionCode, 3, strlen( $FunctionCode )-3 ) ; } else { $Function .= "\t\$_HTML = ''"; $Function .= $FunctionCode ; } $Function .= "\treturn \$_HTML;\r\n"; $Function .= "}\r\n"; $FunctionList[] = $Function; } return implode( "\r\n", $FunctionList ); } function getFirstTAG( $Content, $Offset = 0 ) { $FirstPosition = 999999; foreach ( $this->MatchTAG as $TagName => $TagArray ) { if ( ( $Position = strpos( $Content, "<" . $TagName, $Offset ) ) !== false ) { if ( $Position < $FirstPosition ) { $FirstPosition = $Position; $this->FirstTAG = $TagName; } } } if ( $FirstPosition < 999999 ) return $FirstPosition; else return false; } function addTab() { return str_repeat( "\t", $this->TabCount ); } function setGlobals( $GlobalArray, $VarsArray = array() ) { $Globals = array(); foreach ( $GlobalArray as $Global ) { preg_match( '/\$([a-z0-9_]+)/i', $Global, $Match ); if ( !isset( $Globals[$Match[1]] ) AND !in_array( $Match[1], $this->PredefinedGlobals ) AND !isset( $VarsArray[$Match[1]] ) ) $Globals[$Match[1]] = '$' . $Match[1]; } if ( count( $Globals ) ) return "\tglobal " . implode( ', ', $Globals ) . ";\r\n"; else return ""; } } ?> Happy New Year, folks! I am having an issue that's been dragging my life for quite some time. I am creating a website for my church maranatha.tv The site's Menu and Content are pulled from a MySQL database I created. As far as this goes, everything is fine; content is pulled from my database with no issues. My problem is as follow: I am including an online bible, which is a third party script I downloaded. This scripts comes with its own database, which I have installed for use in my web server. I used Include() to include the index.php file of the online bible script, from its folder. I just don't know if this the right way to do it. Of course, this script has its own folder and a set of files which makes up the entire bible script. I use an if condition so that when the user clicks on the menu button BIBLE, the script's index.php file is included instead of text from my database. This way of adding the third party script is rendering some unwanted results such as layout distortion (which I don't care at this point), broken links (main issue), and links (although broken) are sent to new pages, instead of staying within my site's CONTENT page template. I need to find a way to make my script more modular so everything renders as intended. Here's my content function: Code: [Select] function content(){ // DETERMINE which page ID to USE in our query below ******************** if (!isset($_GET['jesusid'])) { $pageid = '1'; } else { $pageid = preg_replace('#[^0-9]#i', '', $_GET['jesusid']);} // filter everything but numbers for security) //preg_replace($pattern, $replacement, $string);//preg_replace() Function structure // Query the body section for the proper page $query = mysql_query ("SELECT body_text,title,linklabel, author FROM content WHERE id = '$pageid' LIMIT 1 ") or die (mysql_error()); while ($row = mysql_fetch_array($query)) { echo ucwords($row['title']).' por '; echo '<b>'.$row['author']. '</b><br>'; echo ucwords($row['body_text']); //Add Bible Script if (ucwords($row['title'])=='Biblia') //use row title -- UPPERCASED word { include ('bible/__WINDOWS/search.php'); } } } ?> Just click on the BIBLE button, and then on any link within that page and you will see what I mean. I am still learning PHP and I don't have any background integrating third party scripts to an existing PHP website. I hope someone can help me. Thanks in advance for your assistance. This is my first captcha script...it has 2 files, check.php and insert.php It works fine but I would like to hear your opinion what can I do to make it better? Is there any way that I can add random images ? Here is insert.php Code: [Select] <html> <body> <form action="check.php" method="post"> <img src="captcha.jpg"/> Insert captcha: <input type="text" name="cap"/> <input type="submit" value="submit"/> </form> </body> </html> here is check.php Code: [Select] <html> <body> <?php $cap= "flirc"; if ($_POST["cap"]==$cap) echo "Captcha is right!"; else echo " Captcha is wrong! "; ?> </body> </html>It is pretty basic, I know You can see it in action here Hi I have a script below which I have put together from a couple of other scripts which simply adds an email address to a database for a newsletter and sends an email to the owner and to the user it then shows a success page. The script checks that the email is valid and there is also a captcha. The script works in that it only send out the emails if the captcha etc is entered correctly but the email is being added to the database regardless of whether the capture is correct or not. I was proud of myself for getting this far but would love some instruction on what I have missed and how to stop the email adding to the database unless it has passed the captcha. Below you will see the script. The commented out sections are parts of the old script I don't use. <?php require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_TESTING); $error = false; if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) { //$name = tep_db_prepare_input($HTTP_POST_VARS['name']); $email_address = tep_db_prepare_input($HTTP_POST_VARS['email']); //$enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']); if (tep_validate_email($email_address) == false) { $error = true; $messageStack->add('testing', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } //CAPTHCA CODE start require(DIR_WS_FUNCTIONS . 'capcha_code.php'); $code_query = tep_db_query("select code from capcha_code where oscsid = '" . tep_session_id($HTTP_GET_VARS[tep_session_name()]) . "'"); $code_array = tep_db_fetch_array($code_query); $code = $code_array['code']; tep_db_query("DELETE FROM " . TABLE_CAPCTHA_CODE . " WHERE oscsid='" . $vvcode_oscsid . "'"); //remove the visual verify code associated with this session to clean database and ensure new results $user_entered_code = $HTTP_POST_VARS['capcha_code']; if (!(strcasecmp($user_entered_code, $code) == 0)) { //make the check case insensitive $error = true; $messageStack->add('testing', CAPCTHA_CODE_ENTRY_ERROR); } //CAPTHCA CODE stop /* testing sign up start */ if (isset($HTTP_POST_VARS['testing_sign_up'])) { $testing_query = tep_db_query("select testing_id_number from " . TABLE_TESTING_SIGN_UP . " where testing_email_address = '" . tep_db_input($email_address) . "'"); if(tep_db_num_rows($testing_query) == 0) { $sql_data_array = array('testing_email_address' => $email_address, 'testing_firstname' => "", 'testing_lastname' => ""); tep_db_perform(TABLE_TESTING_SIGN_UP, $sql_data_array); } } /* testing sign up end */ if ($error == false) { tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $email_address,STORE_OWNER_EMAIL_ADDRESS); tep_mail(MESSAGE_TEXT, $email_address, CUSTOMER_SUBJECT, NUMBER_ONE, STORE_OWNER_EMAIL_ADDRESS); tep_redirect(tep_href_link(FILENAME_TESTING, 'action=success')); } } $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_TESTING)); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> <link rel="stylesheet" type="text/css" href="stylesheet.css"> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table border="0" width="100%" cellspacing="3" cellpadding="3"> <tr> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"> <!-- left_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_left.php'); ?> <!-- left_navigation_eof //--> </table></td><!-- body_text //--> <td width="100%" valign="top"><?php echo tep_draw_form('testing', tep_href_link(FILENAME_TESTING, 'action=send')); ?><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading"><?php echo HEADING_TITLE; ?></td><td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_contact_us.gif', HEADING_TITLE, HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td></tr> </table> </td></tr><td class="main"><?php echo INFORMATION_TEXT; ?></td> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td></tr> <?php if ($messageStack->size('testing') > 0) { ?> <tr> <td><?php echo $messageStack->output('testing'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) { ?> <tr> <td class="main" align="left"><?php echo tep_image(DIR_WS_IMAGES . 'clever.gif', HEADING_TITLE, '0', '0', 'align="left"') . TEXT_COMPLETE; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <?php } else { ?> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2" > <!--<tr> <td class="main"><?php echo ENTRY_NAME; ?></td> </tr> <tr> <td class="main"><?php echo tep_draw_input_field('name'); ?></td> </tr>//--> <tr><td class="main"><?php echo INSTRUCTIONS_TEXT; ?></td></tr> <tr> <td class="main"><?php echo ENTRY_EMAIL; ?> <?php echo tep_draw_input_field('email'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <!--<tr> <td class="main"><?php echo ENTRY_ENQUIRY; ?></td> </tr> <tr> <td><?php echo tep_draw_textarea_field('enquiry', 'soft', 50, 15, $infotext); ?></td> </tr>//--> <!-- CAPTHCA CODE-- START--> <tr> <td class="main"><?php echo CAPCTHA_CODE_CATEGORY; ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" cellspacing="2" cellpadding="2"> <tr> <td class="main"><?php echo CAPCTHA_CODE_TEXT_INSTRUCTIONS; ?></td> <td class="main"> <?php // ----- begin garbage collection -------- tep_db_query("DELETE FROM " . TABLE_CAPCTHA_CODE . " WHERE dt < DATE_SUB(NOW(), INTERVAL 5 HOUR)"); // ----- end garbage collection -------- //can replace the following loop with $capcha_code = substr(str_shuffle (CAPCTHA_CODE_CHARACTER_POOL), 0, rand(3,4)); if you have PHP 4.3 $capcha_code = ""; for ($i = 1; $i <= rand(3,4); $i++){ $capcha_code = $capcha_code . substr(CAPCTHA_CODE_CHARACTER_POOL, rand(0, strlen(CAPCTHA_CODE_CHARACTER_POOL)-1), 1); } $vvcode_oscsid = tep_session_id($HTTP_GET_VARS[tep_session_name()]); tep_db_query("DELETE FROM " . TABLE_CAPCTHA_CODE . " WHERE oscsid='" . $vvcode_oscsid . "'"); $sql_data_array = array('oscsid' => $vvcode_oscsid, 'code' => $capcha_code); tep_db_perform(TABLE_CAPCTHA_CODE, $sql_data_array); $capcha_code = ""; echo('<img src="' . FILENAME_CAPCTHA_CODE_DISPLAY . '?vvc=' . $vvcode_oscsid . '"'); ?> </td> <td class="main"><?php echo CAPCTHA_CODE_BOX_IDENTIFIER; ?></td> <td class="main"><?php echo tep_draw_input_field('capcha_code'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <!-- testing sign up start//--> <TD WIDTH="100%"> <tr> <td class="main" align="right"><?php echo ENTRY_TESTING_SIGN_UP; ?> <?php echo tep_draw_checkbox_field('testing_sign_up', '1', true); ?> </td></tr> <!--testing sign up end //--> <!-- CAPTHCA CODE-- STOP --> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </table></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <?php } ?> </table></form></td> <!-- body_text_eof //--> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"> <!-- right_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_right.php'); ?> <!-- right_navigation_eof //--> </table></td> </tr> </table> <!-- body_eof //--> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> My website is being overrun with spam and I am trying to install a php captcha script. I have installed php 5 on my website askthephysicist.com which is hosted on a 1&1 Windows server, but I think the problem is that I do not know where to point my script to find the lib. I have very little fluency with any scripting languages. Anyhow, the beginning of the script reads: <?php require 'CaptchasDotNet.php'; // Required Parameters // Replace the values you receive upon registration at http://captchas.net. // // client: 'demo' // // secret: 'secret' // and when I run it I get the message: Fatal error: require(): Failed opening required 'CaptchasDotNet.php' (include_path='.:/usr/lib/php5.5') in /homepages/29/d191906528/htdocs/askthephysicist/query.php on line 4 The whole code may be found at http://captchas.net/sample/php/ if that is helpful, but the error occurs with the first statement require 'CaptchasDotNet.php'; Can anyone please take a quick glance at this form the captcha messages are not appearing correctly. The message keeps getting sent. Thank You Code: [Select] <?php if(($_SESSION['security_code'] != $_POST['security_code']) || (empty($_SESSION['security_code'])) ){ $to = "info@*******.com"; // change to your email address $name = htmlentities ($_POST['name']); $email = htmlentities ($_POST['email']); $phone = htmlentities ($_POST['phone']); $msg = htmlentities ($_POST['msg']); $d = date('l dS \of F Y h:i:s A'); $sub = "form to mail"; $headers = "From: $name <$email>\n"; $headers .= "Content-Type: text/plain; charset=iso-8859-1\n"; $mes = "phone: ".$phone."\n"; $mes .= "Message: ".$msg."\n"; $mes .= "Name: ".$name."\n"; $mes .= 'Email: '.$email."\n"; $mes .= 'Date & Time: '.$d; { mail($to, $sub, $mes, $headers); } echo "<p> </p><p> </p><p> </p><br />CAPTCHA CODE does not match! <p> </p><p> </p><a href='javascript:javascript:history.go(-1)'>Click here to go back to previous page</a>"; } else echo "THANK YOU"; ?> hi i am new on php+mysql i am trying to create signup form that will: users to enter email address and the script check via ajax from MYSQL database if the email is not registered send the signup link to their email if already registered than show error you are a member. In my post.php file i have the following code // checks if the username is in use if (!get_magic_quotes_gpc()) { $_POST['username'] = addslashes($_POST['username']); } $usercheck = $_POST['username']; mysql_real_escape_string($usercheck); $check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'") or die(mysql_error()); $check2 = mysql_num_rows($check); //if the name exists it gives an error if ($check2 != 0) { $error="<span style="; $error .="color:red"; $error .=">"; $error .= "Sorry, the username is already in use."; $error .="</span>"; setcookie(Errors, $error, time()+20); header('Location ./?p=UPC'); die(); } The problem is it always 500s if the username is already in use. Hi everybody, I want to build a script that lets someone register with a simple form that logs all activity into a MySQL db. The thing is, I want to log all attempts to signup into the system even if they do not satisfy password strength, or the required fields criteria. In the following code, the string "email" isn't being used. The field named 'name' is what I'm using to collect the email, and the field named 'msg' is what I'm using to collect the password. I've gotten to the point where if they don't provide anything for either email or password, then it directs them to the same page and it asks them to re enter their information. but I can't seem to capture the attempt (so if they enter an email but not a pass, i still want to know what email they entered). I'm getting this error Parse error: syntax error, unexpected T_ELSE in /hermes/bosweb25c/b1454/ipg.domainname/nameofsite/contact_insert2.php on line 41 Line 41 corresponds to the line with the first "else{" I'm really not sure what to do, it seems straight forward when I think it through in my head. If pass or email field is empty, enter it into the db, and then send them back to the beginning, if pass or email field not empty, continue in script. Code: [Select] <?php define('DB_NAME', 'dbname'); define('DB_USER', 'phpchick'); define('DB_PASS', 'password'); define('DB_HOST', 'localhost'); // contact to database $connect = mysql_connect(DB_HOST, DB_USER, DB_PASS) or die('Error , check your server connection.'); mysql_select_db(DB_NAME); //Get data in local variable $v_name=$_POST['name']; $v_email=$_POST['email']; $v_msg=$_POST['msg']; // check for null values if ($v_name=="" or $v_msg=="") $query="insert into contact(name,email,msg) values('$v_name','$v_email','$v_msg')"; mysql_query($query) or die(mysql_error()); echo " <head> <link rel=\"stylesheet\" type=\"text/css\" href=\"http://site.com/signup.css\"></head> <h2>Free Registration</h2> <form action=\"contact_insert2.php\" method=\"POST\" id=\"insert\"> <table> <tr> <td >Email</td> <td ><input type=\"text\" size=40 name=\"name\"></td> </tr> <tr> <td >Password</td> <td ><input type=\"password\" size=40 name=\"msg\" ></td> </tr> You must enter an email and password. <tr> <td colspan=2 id=\"sub\"><input type=\"submit\" name=\"submit\" value=\"submit\" ></td> </tr> </Table> </form>"; else{ if (strcspn($_REQUEST['msg'], '0123456789') == strlen($_REQUEST['msg'])) echo "true"; else{ $query="insert into contact(name,email,msg) values('$v_name','$v_email','$v_msg')"; mysql_query($query) or die(mysql_error()); echo "Your message has been received"; } } ?> heres the code for the login page ...i changed the server and username info for privacy <?php include "include/session.php"; $dbservertype='mysql'; $servername='supremeserver.com'; // username and password to log onto db server $dbusername='newlogin'; $dbpassword='new18'; // name of database $dbname='newlogin'; connecttodb($servername,$dbname,$dbusername,$dbpassword); function connecttodb($servername,$dbname,$dbusername,$dbpassword) { global $link; $link=mysql_connect ("$servername","$dbusername","$dbpassword"); if(!$link){die("Could not connect to MySQL");} mysql_select_db("$dbname",$link) or die ("could not open db".mysql_error()); } ?> <!doctype html public "-//w3c//dtd html 3.2//en"> <html> <head> <title>LOGIN</title> <meta name="GENERATOR" content="Arachnophilia 4.0"> <meta name="FORMATTER" content="Arachnophilia 4.0"> </head> <body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#800080" alink="#ff0000"> <?php $userid=mysql_real_escape_string($userid); $password=mysql_real_escape_string($password); if($rec=mysql_fetch_array(mysql_query("SELECT * FROM plus_signup WHERE userid='$userid' AND password = '$password'"))){ if(($rec['userid']==$userid)&&($rec['password']==$password)){ include "include/newsession.php"; echo "<p class=data> <center>Successfully,Logged in<br><br><a href='logout.php'> Log OUT </a><br><br><a href=welcome.php>Click here if your browser is not redirecting automatically or you don't want to wait.</a><br></center>"; print "<script>"; print " self.location='welcome.php';"; // Comment this line if you don't want to redirect print "</script>"; } } else { session_unset(); echo "<font face='Verdana' size='2' color=red>Wrong Login. Use your correct Userid and Password and Try <br><center><input type='button' value='Retry' onClick='history.go(-1)'></center>"; } ?> </body> </html> _________________________________________________ _________________________________________________ __ your help is much appreciated Please help me in php coding I need to open php file when i click on link <Click here> in that php file i need to collect three email id's in the form and post the form to another php file, for those emails id's i need to send email containing activation key, with the help of that link in their email inbox that user need to signup with username and password and more details ..then user can able to login to account in my client website for more actions This part is where i am kinda struck while generating activation key, i googled but no help..if any one help me appreciated thanks Danny danny_boy9988@yahoo.com Hi, I have wondered if just one user should be used (e.g. root) for connecting to the database is the right way of doing things? (which is what I have always done). Would it be better to have a new user created in the privileges section in MySQL and have all operation/table access assigned appropriately for every single user that signs up? I would think that this would give a lot more security but would need a bit more work. What are your thoughts? Hello PHP mates! I am having some doubts and I am going to share them with you so maybe someone can help. Okay, I know how to make signup and login page. And here is the problem. How to make signup page for multiple types of users? For example, type A user has its own signup form, user type B also has its own and same goes for C type of user. How can I make that? Thanks in advance PHP freaks! Hi, Can any help me out how to integrate skype with php? or poeple leave a message on my skype through php? Hi there, This forum has been helpful to me so far. I'd like to thank you for your help. Now the question is, we will be using xe.com services for our shopping cart and prices. Based to the customer's location the currency must change. For example, if the customer is sitting in Europe, the currency for the product and the shopping cart will be displayed in Euros, similarly for the US customers it will be in USD. I would like to know how we can do this using xe.com and what steps are required. Any comments/feedbacks are always welcome! Thank you! Is there a PHP "API" that can connect to GoDaddy, list domains, change the dns and whois? Possibly add new domains? I highly doubt it, and if not, I'll start writing one. However, GoDaddy uses what must be the worst HTML code EVER. WHO THE @$%^ uses javascript FOR EVERY LINK. That is just plain unnecessary. And I have a feeling GoDaddy wouldn't like such an API, and would make any attempt to break it Thanks Hi there I have a problem here, I think I may know what it is but just wanted some guidance on this issue. I took the logic from a previous help from the people on this forum and here is my landing page: <?php // ini_set("display_errors", 1); // randomly starts a session! session_name("jeremyBasicLogin"); session_start(); if(isset($_SESSION['username'])) { // display whatever when the user is logged in: echo <<<ADDENTRY <html> <head> <title>User is now signed in:<title> </head> <body> <h1>You are now signed in!</h1> <p>You can do now what you want to do!</p> </body> </html> ADDENTRY; } else { // If anything else dont allow access and send back to original page! header("location: signin.php"); } ?> This is where the user goes to when they go to this system (not a functional system, ie it doesnt actually do anything its more for my own theory. As you wont have a session on the first turn to this page it goes to: signin.php which contains: <?php // ini_set("display_errors", 1); require_once('func.db.connect.php'); if(array_key_exists('submit',$_POST)) { dbConnect(); // connect to database anyways! // Do a procedure to log the user in: // Santize User Inputs $username = trim(stripslashes(mysql_real_escape_string($_POST['username']))); // cleans up with PHP first! $password = trim(stripslashes(mysql_real_escape_string(md5($_POST['password'])))); // cleans up with PHP first! $sql = "SELECT * FROM users WHERE username='$username' AND password='$password'"; $result = mysql_query($sql); if(mysql_num_rows($result) == 1) { session_name("jeremyBasicLogin"); session_start(); $_SESSION['is_logged_in'] = true; $_SESSION['username'] = $username; //print_r($_SESSION); // debug purposes only! $_SESSION['time_loggedin'] = time(); // this is adding to the array (have seen the output in the SESSION vars! // call function to update the time stamp in MySQL? header("location: index.php"); } else if(mysql_num_rows($result) != 1) { $message = "You typed the wrong password or Username Please retry!"; } } else { $message = ""; } // displays the login page: echo <<<LOGIN <html> <body> <h1>Example Login</h1> <form id="login" name="login" action="{$_SERVER['PHP_SELF']}" method="post"> <label for="username">Username: </label><input type="text" id="username" name="username" value="" /><br> <label for="password">Password: </label><input type="text" id="password" name="password" value="" /><br> <input type="submit" id="submit" name="submit" value="Login" /> </form> LOGIN; echo "<p>" . $message . "</p>"; echo <<<LOGIN <p>Please Login to View and Edit Your Entries</p> <p><a href="register.php">Click Here To Signup</a><p> </body> </html> LOGIN; ?> This checks through user inputs and hopefully logs them in, when Ive inserted the data into the database itself it works, if I try and login but if a user fills in this form: signup.php: <?php //ini_set("display_errors", 1); $message =''; require_once('func.db.connect.php'); if(array_key_exists('submit',$_POST)) { dbConnect(); // connect to database anyways! // do some safe protecting of the users variables, apply it to all details! $username = trim(stripslashes(mysql_real_escape_string($_POST['username']))); // cleans up with PHP first! $email = trim(stripslashes(mysql_real_escape_string($_POST['email']))); // cleans up with PHP first! $password = trim(stripslashes(mysql_real_escape_string(md5($_POST['password'])))); // does as above but also encrypts it using the md5 function! $password2 = trim(stripslashes(mysql_real_escape_string(md5($_POST['password2'])))); // does as above but also encrypts it using the md5 function! if($username != '' && $email != '' && $password != '' && $password2 != '') { // do whatever when not = to nothing/empty fields! if($password === $password2) { // do database stuff to enter users details $sql = "INSERT INTO `test`.`users` (`id` ,`username` ,`password`) VALUES ('' , '$username', MD5( '$password' ));"; $result = mysql_query($sql); if($result) { $message = 'You may now login by clicking <a href="index.php">here</a>'; } } else { // echo out a user message says they got their 2 passwords incorrectly typed: $message = 'Pleae re enter your password'; } } else { // they where obviously where empty $message = 'You missed out some required fields, please try again'; } } echo <<<REGISTER <html> <body> <h1>Register Form</h1> <p>Please fill in this form to register</p> <form id="register" name="register" action="{$_SERVER['PHP_SELF']}" method="post"> <table> <tr> <td><label for="username">Username: </label></td> <td><input type="text" id="username" name="username" value="" /></td> </tr> <tr> <td><label for="email">Email: </label></td> <td><input type="text" id="email" name="email" value="" /></td> </tr> <tr> <td><label for="password">Password: </label></td> <td><input type="text" id="password" name="password" value="" /></td> </tr> <tr> <td><label for="password">Confirm Password: </label></td> <td><input type="text" id="password2" name="password2" value="" /></td> </tr> <tr> <td><input type="submit" id="submit" name="submit" value="Register" /></td> </tr> <table> REGISTER; echo "<p>" . $message . "</p>"; echo <<<REGISTER </form> </body> </html> REGISTER; ?> As I said when the user signs up when submitting the above form, it doesnt work, keeps coming up with a different value for the password, so I am about 99% certain its the password, but I have been maticulous about copying in the sanitize function for SQL injections and it just doesnt still work, really puzzled now. Any helps appreciated, Jeremy. |
|||||||