PHP - If User's Reg/joining Fails, Can I Refill Password Field Or Is This Bad?

Hi,

I want to create a forgotten password page, where the user enters in their email address, the script queries the database for that email address, creates a unique ID, stores that unique ID in the database, then emails the unique ID and the User ID off to the user in an HTML link e.g. http://somesite.com/reset-password.php?userId=2&uniqueId=132832189312978312. The reset page would then match the unique ID to the one in the database and let them enter in a new password into the form.

Ok so I can do most of that so far except from the emailing to the user. I'm running an Ubuntu Server 10 at the moment as my test server which is on my local network. Do I need to set up a mail server on that for php mailing to work, or can I use some external SMTP for sending? I've had a play round with the PHP mail() function but it won't send anything at the moment. I'll also need some code for when the site is running in the hosted live environment as it will likely use their mail servers.

What's the best way to go about doing this?
Many thanks!

I'm working on a new user submission form and I was wondering whether it's safe to send a confirmation letter to the user using their hashed password as their confirmation code?  Since this is a hashed password it can't be decrypted (I believe), the password is useless because it's always hashed before login so it can't be used to login to the system, it's only being emailed to the user who's account is tied to the account, and it would save me the option of having to store a confirmation code field in my DB.  Is this safe? 

Hi!

I'm attempting to do this and feel that I'm fairly close. Would you take a look and throw me any bones?

PHP Code:

Code: [Select]
<?php
if (isset($_POST['ppassword']) && (stristr($string,'') === TRUE)) { 
switch($_POST['ppassword']) {
case "Google":
header("Location: http://www.google.com");
exit();

case "Yahoo":
header("Location: http://www.yahoo.com"); 
exit();

case "Bing":
header("Location: http://www.bing.com");
exit();
}
}
?>
The Form:
Code: [Select]
<form name="portal" id="portal" method="post" action="">
    <input name="ppassword" type="text" id="ppassword" maxlength="25" onfocus="this.select()" onblur="this.value=!this.value?'company name':this.value;" value="company name" onclick="this.value=''" />
    <input name="login" type="submit" id="login" value="Continue" />
</form>

I appreciate any of your help. I feel close and this part Code: [Select]
(stristr($string,'') feels like the missing piece of the puzzle. 

Hi all,

I've got a website for an event, each team have their details on a page which are recalled from a SQl database.

But I'm wanting to create a password input box for each team, so when they enter the correct password they are taken to a page containing forms where they can edit the team details.

Here is the page with the users details on where they anter the password: http://www.wharncliffenetwork.co.uk/wrc/entered/team.php?id=8

I'm not sure how to code it, Can an IF statement be used? Anyone got any pointers? I'f been unsuccessful in finding a tutorial or something similar.

Hope that makes sense :S Cheers.

Hi, after following lots of advice and changing to MySqli I am running into a few probs. This is me just probably missing something stupid, I know what I want, but can't figure out what query I should use and where I should place it. All the queries I have tried have failed.   I just need a query that gets the $current_stored_password from the password field on the database, to confirm the last check

elseif 
	($current_password !== $current_stored_password) {
	include 'includes/overall/header.php';
	echo $current_password . ' AND ' . $_POST['current_password'] . ' Password and password again do not match';
	include 'includes/overall/header.php';

}

Here is the whole script.

<?php
session_start();
error_reporting(0);
//ini_set('display_errors', '1');

require( 'database.php' );

$username = $_SESSION['loggedinuser'];
$current_stored_password = $_SESSION['password'];
$current_password = $_POST['current_password'];
$password = mysqli_real_escape_string($con, md5( $_POST['password']));
$password_again = mysqli_real_escape_string($con, md5( $_POST['password_again']));


// Run checks

if	(isset($_POST['current_password'], $_POST['password'], $_POST['password_again'])) {
	
if( strlen( $_POST['current_password'] ) < 8 )
    {
        include('includes/overall/header.php');
        echo "Password Must Be 8 or More Characters.";
        include('includes/overall/footer.php');
}
elseif( strlen( $_POST['password'] ) < 8 )
    {
        include('includes/overall/header.php');
        echo "Password Must Be 8 or More Characters.";
        include('includes/overall/footer.php');
    }
elseif 
		( strlen( $_POST['password_again'] ) < 8 )
    {
        include('includes/overall/header.php');
        echo "Password Must Be 8 or More Characters.";
        include('includes/overall/footer.php');
    }
elseif 
	($password !== $password_again) {
	include 'includes/overall/header.php';
	echo ' Password and password again do not match';
	include 'includes/overall/header.php';
}
elseif 
	($current_password !== $current_stored_password) {
	include 'includes/overall/header.php';
	echo $current_password . ' AND ' . $_POST['current_password'] . ' Password and password again do not match';
	include 'includes/overall/header.php';

} else {

// Define a query to run 
$query = "UPDATE `user` SET `password` = '$password' WHERE `username` = '$username'"; 

// Query the database 
$result = mysqli_query($con,$query); 

// Check if the query failed 
if( !$result ) 
{ 
   die('There was a problem executing the query ('.$query.'):<br>('.mysqli_errno($con).') '.mysqli_error($con)); 
} 

else {

include 'includes/overall/header.php';
	echo 'Password has been changed';
include 'includes/overall/footer.php';
}    
}
}

// Close the connection 
mysqli_close($con); 
?> 

At the moment the message displayed when the form is submitted is

	echo $current_password . ' AND ' . $_POST['current_password'] . ' Password and password again do not match';
 

How do I retrieve the password from the database to compare against the current password entered by the user? Any help is much appreciated.   PS. Yes I know I have repeated code and that md5 is not secure, but I am just building onto a template I got and will be making changes to shorten the code and secure the password soon    

Hi,

I want to add another form field to determine if a user is human and not spam bots. I looked into CAPTCHA, but I think those are annoying. I was thinking about just having the user enter (5+5) and if the answer is not ten, then displaying a incorrect value message. If correct submit form and info to the Database. Not sure how to do that with what I currently have coded though so need some help with that part. Here is the current code.


<?PHP
require_once "formvalidator.php";
$show_form=true;
if(isset($_POST['Submit']))
{
   $validator = new FormValidator();
    $validator->addValidation("FirstName","req","Please fill in FirstName");
$validator->addValidation("LastName","req","Please fill in LastName");
$validator->addValidation("UserName","req","Please fill in UserName");
$validator->addValidation("Password","req","Please fill in a Password");
$validator->addValidation("Password2","req","Please re-enter your password");
$validator->addValidation("Password2","eqelmnt=Password","Your passwords do not match!");
    $validator->addValidation("email","email","The input for Email should be a valid email value");
    $validator->addValidation("email","req","Please fill in Email");
$validator->addValidation("Zip","req","Please fill in your Zip Code");
$validator->addValidation("Security","req","Please fill in your Security Question");
$validator->addValidation("Security2","req","Please fill in your Security Answer");

    if($validator->ValidateForm())
    {
        $con = mysql_connect("localhost","beatthis","Jim2Drew!") or die('Could not connect: ' . mysql_error());

        mysql_select_db("beatthis_beatthis") or die(mysql_error());





$FirstName=mysql_real_escape_string($_POST['FirstName']); //This value has to be the same as in the HTML form file

$LastName=mysql_real_escape_string($_POST['LastName']); //This value has to be the same as in the HTML form file

$UserName=mysql_real_escape_string($_POST['UserName']); //This value has to be the same as in the HTML form file

$Password= md5($_POST['Password']); //This value has to be the same as in the HTML form file

$Password2= md5($_POST['Password2']); //This value has to be the same as in the HTML form file

$email=mysql_real_escape_string($_POST['email']); //This value has to be the same as in the HTML form file

$Zip=mysql_real_escape_string($_POST['Zip']); //This value has to be the same as in the HTML form file

$Birthday=mysql_real_escape_string($_POST['Birthday']); //This value has to be the same as in the HTML form file

$Security=mysql_real_escape_string($_POST['Security']); //This value has to be the same as in the HTML form file

$Security2=mysql_real_escape_string($_POST['Security2']); //This value has to be the same as in the HTML form file



$sql="INSERT INTO Profile (`FirstName`,`LastName`,`Username`,`Password`,`Password2`,`email`,`Zip`,`Birthday`,`Security`,`Security2`) VALUES ('$FirstName','$LastName','$UserName','$Password','$Password2','$email','$Zip','$Birthday','$Security','$Security2')"; 
//echo $sql;

if (!mysql_query($sql,$con)) {

 die('Error: ' . mysql_error());

}



else{



mail('webguync@gmail.com','A profile has been submitted!',$FirstName.' has submitted their profile',$body);

echo "<h3>Your profile information has been submitted successfully.</h3>";

  



}

mysql_close($con);

        $show_form=false;
    }
    else
    {
        echo "<h3 class='ErrorTitle'>Validation Errors:</h3>";

        $error_hash = $validator->GetErrors();
        foreach($error_hash as $inpname => $inp_err)
        {
            echo "<p class='errors'>$inpname : $inp_err</p>\n";
        }        
    }
}

if(true == $show_form)
{
?>

<form name="test" id="ContactForm" method="POST" accept-charset="UTF-8" action="<?php echo $_SERVER['PHP_SELF'];?>">
<fieldset>

              <div class='normal_field'><label for="LastName">First Name</label></div>
               <div class='element_label'>
                  <input type='text' name='FirstName' size='20'>
               </div>
             
            
           
               <div class='normal_field'><label for="LastName">Last Name</label></div>
               <div class='element_label'>
                  <input type='text' name='LastName' size='20'>
               </div>
           
           </fieldset>
           <fieldset>
               <div class='normal_field'><label for="UserName">User Name</label></div>
               <div class='element_label'>
                  <input type='text' name='UserName' size='20'>
               </div>
           
            
               <div class='normal_field'><label for="Password">Password</label></div>
               <div class='element_label'>
                  <input type='password' name='Password' size='20'>
               </div>
               <div class='normal_field'><label for="Password2">Re-Enter Password</label></div>
               <div class='element_label'>
                  <input type='password' name='Password2' size='20'>
               </div>
            
           
               <div class='normal_field'><label for="Email">Email</label></div>
               <div class='element_label'>
                  <input type='text' name='email' size='20'>
               </div>
            </fieldset>
            <fieldset>
          
               <div class='normal_field'><label for="Zip">Zip Code</label></div>
               <div class='element_label'>
                  <input type='text' name='Zip' size='20'>
               </div>
            
            
               <div class='normal_field'><label for="Birthday">Birthday(mm/dd/yyyy format)</label></div>
               <div class='element_label'>
                  <input type='text' name='Birthday' size='20'>
               </div>
           
           
            
               <div class='normal_field'><label for="Security">Security Question</label></div>
               <div class='element_label'>
                  <input type='text' name='Security' size='20'>
               </div>
               <div class='normal_field'><label for="Security2">Security Answer</label></div>
               <div class='element_label'>
                  <input type='text' name='Security2' size='20'>
               </div>
<div class='normal_field'><label for="math">What is 5 + 5?</label></div>
               <div class='element_label'>
                  <input type='text' name='math' size='20'>
               </div>
             
               </fieldset>
               <div id="agree">
                 <label for="tos">
                 <input type="checkbox" id="tos" name="tos" value="yes" />
                 I have read and agree to the <a href="ajax/serviceterms.html" id="terms">Terms of Service</a>.
                 </label>
                </div>
         <fieldset>

           <div id="service-terms" class="box rounded-all"></div>
                
                <div class="controls">
                    <input id="submit" type="submit" name="Submit" value="CREATE PROFILE"/>
                </div>
                </fieldset>
         

</form>
<?PHP
}//true == $show_form
?>

I'm building a php program that registers users onto a website. With the help of people from this thread http://www.phpfreaks.com/forums/index.php?topic=332260.15
I was able to accomplish the goal and now the signup works with conditions that check for a valid email, and if the password is strong enough.

T he program correctly displays the the problem when a user does NOT enter a valid email, or a strong enough password, but the user has to re-enter the email and password everytime.

I want to make it so that the fields remained populated with what the user entered previously, so he or she does not have to re-enter his or her email/password.

Here is the code (its really ghetto)

Code: [Select]
<?php

function check_email_address($email) {
    // First, we check that there's one @ symbol, and that the lengths are right
    if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {
        // Email invalid because wrong number of characters in one section, or wrong number of @ symbols.
        return false;
    }
    // Split it into sections to make life easier
    $email_array = explode("@", $email);
    $local_array = explode(".", $email_array[0]);
    for ($i = 0; $i < sizeof($local_array); $i++) {
         if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$", $local_array[$i])) {
            return false;
        }
    }    
    if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) { // Check if domain is IP. If not, it should be valid domain name
        $domain_array = explode(".", $email_array[1]);
        if (sizeof($domain_array) < 2) {
                return false; // Not enough parts to domain
        }
        for ($i = 0; $i < sizeof($domain_array); $i++) {
            if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i])) {
                return false;
            }
        }
    }
    return true;
}

define('DB_NAME', 'catch');
define('DB_USER', 'username');
define('DB_PASS', 'password');
define('DB_HOST', 'page.sqlserver.com');

// contact to database
$connect = mysql_connect(DB_HOST, DB_USER, DB_PASS) or die('Error , check your server connection.');
mysql_select_db(DB_NAME);
  
//Get data in local variable
$v_name=$_POST['name'];
$v_email=$_POST['email'];
$v_msg=$_POST['msg'];


 if ( check_email_address($_POST['name'])  == false) 
 
 
 {
   $query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')";
$result = mysql_query( $query );

if( !$result ) {
die( mysql_error() );
}
echo <<<EOD
<head>      
<link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css">
</head>
<h2>Free Registration</h2>
<form action="contact_insert2.php" method="POST" id="insert">
<table>
<tr>
<td>Email</td>
<td ><input type="text" size="40" name="name"></td>
</tr>
    <tr>
<td>Password</td>
<td><input type="password" size="40"  name="msg" ></td>
</tr>
<tr>
<td colspan=2 id="sub">
You must enter a valid email. <br />
<input type="submit" name="submit" value="submit">
</td>
</tr>
</Table>
</form>
EOD;
}

if( $v_name == "" || $v_msg == "" )
// if name is empty or if pass is empty
{
$query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')";
$result = mysql_query( $query );

if( !$result ) {
die( mysql_error() );
}

echo <<<EOD
<head>      
<link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css">
</head>
<h2>Free Registration</h2>
<form action="contact_insert2.php" method="POST" id="insert">
<table>
<tr>
<td>Email</td>
<td ><input type="text" size="40" name="name"></td>
</tr>
    <tr>
<td>Password</td>
<td><input type="password" size="40"  name="msg" ></td>
</tr>
<tr>
<td colspan=2 id="sub">
You must enter an email and password. <br />
<input type="submit" name="submit" value="submit">
</td>
</tr>
</Table>
</form>
EOD;
}

if( strcspn( $_REQUEST['msg'], '0123456789' ) == strlen( $_REQUEST['msg'] ) )
// the above statement says if pass does not contain a number
{
$query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')";
$result = mysql_query( $query );

if( !$result ) {
die( mysql_error() );
}
echo <<<EOD
<head>      
<link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css">
</head>
<h2>Free Registration</h2>
<form action="contact_insert2.php" method="POST" id="insert">
<table>
<tr>
<td>Email</td>
<td ><input type="text" size="40" name="name"></td>
</tr>
    <tr>
<td>Password</td>
<td><input type="password" size="40"  name="msg" ></td>
</tr>
<tr>
<td colspan=2 id="sub">
<div style="color:red;">Your password must contain a number.</div> <br />
<input type="submit" name="submit" value="submit">
</td>
</tr>
</Table>
</form>
EOD;
}


if( strlen($_POST['msg']) < 8 )
// the above statement says if pass is not 8 characters long
{
$query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')";
$result = mysql_query( $query );

if( !$result ) {
die( mysql_error() );
}
echo <<<EOD
<head>      
<link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css">
</head>
<h2>Free Registration</h2>
<form action="contact_insert2.php" method="POST" id="insert">
<table>
<tr>
<td>Email</td>
<td ><input type="text" size="40" name="name"></td>
</tr>
    <tr>
<td>Password</td>
<td><input type="password" size="40"  name="msg" ></td>
</tr>
<tr>
<td colspan=2 id="sub">
<div style="color:red;">Your password must be at least 8 characters long.</div> <br />
<input type="submit" name="submit" value="submit">
</td>
</tr>
</Table>
</form>
EOD;
}


if ( $_POST['msg'] == strtolower($_POST['msg']) )
// the above statement says if pass is all lowercase
{
$query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')";
$result = mysql_query( $query );

if( !$result ) {
die( mysql_error() );
}
echo <<<EOD
<head>      
<link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css">
</head>
<h2>Free Registration</h2>
<form action="contact_insert2.php" method="POST" id="insert">
<table>
<tr>
<td>Email</td>
<td ><input type="text" size="40" name="name"></td>
</tr>
    <tr>
<td>Password</td>
<td><input type="password" size="40"  name="msg" ></td>
</tr>
<tr>
<td colspan=2 id="sub">
<div style="color:red;">Your password must have at least one capital letter.</div> <br />
<input type="submit" name="submit" value="submit">
</td>
</tr>
</Table>
</form>
EOD;
}

if ( preg_replace("/[^a-zA-Z0-9\s]/", "", $_POST['msg']) == $_POST['msg'] )
// the above statement says if pass contains no special characters
{
$query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')";
$result = mysql_query( $query );

if( !$result ) {
die( mysql_error() );
}
echo <<<EOD
<head>      
<link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css">
</head>
<h2>Free Registration</h2>
<form action="contact_insert2.php" method="POST" id="insert">
<table>
<tr>
<td>Email</td>
<td ><input type="text" size="40" name="name"></td>
</tr>
    <tr>
<td>Password</td>
<td><input type="password" size="40"  name="msg" ></td>
</tr>
<tr>
<td colspan=2 id="sub">
<div style="color:red;">Your password must have at least one special character.</div> <br />
<input type="submit" name="submit" value="submit">
</td>
</tr>
</Table>
</form>
EOD;
}
else 
echo <<<EOD
<B>GO FUCK YOURSELF</B>
EOD;
 ?>

I am trying to populate a custom field called "Customer Type" current user role.  The custom field is displayed on my checkout page.   I tried the below in my functions.php of my child theme and thought it would work but it does nothing.  Can anyone tell me what I might be doing wrong?  

$user = wp_get_current_user();
function onboarding_update_fields( $fields = array() ) {

       $fields['customertype'] = $user;

   return $fields;
}

add_filter( 'woocommerce_checkout_fields', 'onboarding_update_fields' );

Edited April 11 by JayX

Hello PhP Freaks forum
In the past weeks ive been trying to make a website, where you can register. Everything seems to work except my cherished Change password feature. Everytime you try to change the password, it just resets it to nothing.

Here is the code below.

<?php
         if(isset($_SESSION['username']))
         {
            $username = $_SESSION['username'];
            $lastname = $_SESSION['lastname'];
            $firstname = $_SESSION['firstname'];
            $email = $_SESSION['email'];
               
            echo "
            
               <h4>Options for:</h4> &nbsp; $username
               <br />
               <br />
               First name: &nbsp; $firstname
            
               <br />Last name: &nbsp; $lastname       
   
   <br /><br /><h3>Want to change your password:</h3><br />
   
      <form action='?do=option' method='post'>
   
      Old password <input type='password' placeholder='Has to be between 5-15 digits' name='password' size='30' value='' /><br />
                  <br />
      New Password<input type='password' placeholder='Has to be between 5-15 digits' name='newpass' size='30' value='' /><br />
                  <br />
      Confirm new password <input type='password' placeholder='Has to be between 5-15 digits' name='passconf' size='30' value='' /><br />
                  
      <center></div><input type='submit' value='Submit'/></center></form>";   
      
            
         }else{
            echo 'Please login to view your options!';
         }
      
      $password = $_REQUEST['password'];
      $pass_conf = $_REQUEST['newpass'];
      $email = $_REQUEST['passconf'];
      
      $connect = mysql_connect("Host", "User", "Password");
      if(!$connect){
      die(mysql_error());
      }
      
      //Selecting database
      $select_db = mysql_select_db("My Database", $connect);
      if(!$select_db){
      die(mysql_error());
      }
      
      //Find if entered data is correct
      
      $result = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");
      $row = mysql_fetch_array($result);
      $id = $row['id'];

            
         mysql_query("UPDATE users SET password='$newpass' WHERE username='$user'")
      
      ?>          

And i do know that i dont have a

if(Empty($newpass)){
Die(Please fill out the new password)                                                 
}

Or any security on the others, but the problem just seems that it resets the password into nothing

Hope i can get this fixed

Best Regards

William Pfaffe

This topic has been moved to Application Design.

http://www.phpfreaks.com/forums/index.php?topic=353345.0

<?php
require_once('upper.php');
require_once('database.php');
echo $error_msg='';
if(isset($_POST['submit']))
{
$LoginId=mysqli_real_escape_string($dbc,trim($_POST['LoginId']));
$Password1=mysqli_real_escape_string($dbc,trim($_POST['Password1']));
$Password2=mysqli_real_escape_string($dbc,trim($_POST['Password2']));
$Name=mysqli_real_escape_string($dbc,trim($_POST['Name']));
$Age=mysqli_real_escape_string($dbc,trim($_POST['Age']));
$BloodGroup=mysqli_real_escape_string($dbc,trim($_POST['BloodGroup']));
if(!isset($_POST['Sex']))
{
echo 'Please enter Sex<br>';
}
else{
$Sex= mysqli_real_escape_string($dbc,trim($_POST['Sex']));
}
$Qualification=mysqli_real_escape_string($dbc,trim($_POST['Qualification']));
$ContactNumber=mysqli_real_escape_string($dbc,trim($_POST['ContactNumber']));
$Email=mysqli_real_escape_string($dbc,trim($_POST['Email']));
$Address=mysqli_real_escape_string($dbc,trim($_POST['Address']));
$AboutYourself=mysqli_real_escape_string($dbc,trim($_POST['AboutYourself']));
//$countCheck=count($_POST['checkbox']);
//echo $countCheck;
//$checkbox=$_POST['checkbox'];
//$countCheck=count($checkbox);
if(empty($LoginId)){echo 'Please enter Login Id';}
elseif(empty($Password1)){echo 'Please enter Password';}
elseif(empty($Password2)){echo 'Please confirm Password';}
elseif($Password1!==$Password2){echo 'Password didn\'t match';}
elseif(empty($Name)){echo 'Please enter Name';}
elseif(empty($Age)){echo 'Please enter Age';}
elseif(!isset($_POST['Sex'])){}
elseif(empty($Qualification)){echo 'Please enter Qualification';}
elseif(empty($ContactNumber)){echo 'Please enter Contact Number';}
elseif(empty($Email)){echo 'Please enter Email';}
elseif(empty($Address)){echo 'Please enter Address';}
elseif(empty($AboutYourself)){echo 'Please enter About Yourself';}
elseif(!isset($_POST['checkbox'])){ echo 'You have to register at least one activity.';}
elseif(!isset($_POST['TermsAndConditions'])){ echo 'You have to agree all Terms and Conditions of Elite Brigade.';}
else
{
require_once('database.php');
$query="select * from registration where LoginId='$LoginId'";
$result=mysqli_query($dbc,$query);
if(mysqli_num_rows($result)==0)
{
$checkbox=$_POST['checkbox'];
$countCheck=count($_POST['checkbox']);
$reg_id=' ';
for($i=0;$i<$countCheck;$i++)
{
$reg_id=$reg_id.$checkbox[$i].',';
$query="insert into activity_participation (LoginId,Title,Date) values ('$LoginId','$checkbox[$i]',CURDATE())";
$result=mysqli_query($dbc,$query) or die("Not Connected");
}
$query="insert into registration (LoginId,Password,Name,Age,BloodGroup,Sex,Qualification,ContactNumber,Email,Address,AboutYourself,Activity)values ('$LoginId'[B],SHA('$Password1'),[/B]'$Name','$Age','$BloodGroup','$Sex','$Qualification','$ContactNumber','$Email','$Address','$AboutYourself',',$reg_id')";
$result=mysqli_query($dbc,$query) or die("Not Connect");

echo ' Dear '.$Name.'.<br>Your request has been mailed to admin.<br>Your account is waiting for approval<br>';
$from= 'Elite Brigade';
$to='ankitp@rsquareonline.com';
$subject='New User Registration';
$message="Dear admin,\n\nA new user request for registration. Please check it out.\n\nRegards\nMicro";
mail($to,$subject,$message,'From:'.$from);
//header('Location: index.php');
// header('Location: Registration.php');
}
else
{
echo 'Dear '.$Name. ', <br> An account already exist with login-id<b> '.$LoginId.'</b> <br>Please try another login-id';
}}
}
?>

<html>
<head>
<script src="jquery-latest.js"></script>
  <script type="text/javascript" src="jquery-validate.js"></script>
<style type="text/css">
* { font-family: Verdana;  }

label.error {  color: white;  padding-left: .5em; }
p { clear: both; }
.submit { margin-left: 12em; }
em { font-weight: bold; padding-right: 1em; vertical-align: top; }
</style>
  <script>
  $(document).ready(function(){
    $("#commentForm").validate();
  });
  </script>
  
</head>

<body>

<?php
echo $error_msg; ?>

<form action='<?php echo $_SERVER['PHP_SELF'];?>' id="commentForm" method='post'>
<div class="registration_and_activity">

<table border="0" width="380">
<tr><td colspan="2">
<h3>New User?</h3></td></tr>
<tr><td width="120">

<em>*</em>Enter Login id</td><td width="150"><input type='text' name='LoginId'  minlength="4" value='<?php if(!empty($LoginId))echo $LoginId;?>' /></td></tr>
<tr><td>
<em>*</em>Enter Password</td> <td><head>
   <div id="divMayus" style="visibility:hidden">Caps Lock is on.</div>
   <SCRIPT language=Javascript>

function capLock(e){
 kc = e.keyCode?e.keyCode:e.which;
 sk = e.shiftKey?e.shiftKey:((kc == 16)?true:false);
 if(((kc >= 65 && kc <= 90) && !sk)||((kc >= 97 && kc <= 122) && sk))
  document.getElementById('divMayus').style.visibility = 'visible';
 else
  document.getElementById('divMayus').style.visibility = 'hidden';
}

</SCRIPT>
   </HEAD>
<input onkeypress='return capLock(event)' type='password' name='Password1' value='<?php if(!empty($Password1))echo $Password1;?>' /></td></tr>

<tr><td>
<em>*</em>Confirm Password</td><td><input type='password' name='Password2' value='<?php if(!empty($Password2))echo $Password2;?>' /></td></tr>
<tr><td width="120">
<em>*</em>Enter Name</td> <td><input type='text'  name='Name' value='<?php if(!empty($Name))echo $Name;?>' /></td></tr>
<tr><td>
<em>*</em>Enter Age</td><HEAD>
   <SCRIPT language=Javascript>
      
      function isNumberKey(evt)
      {
         var charCode = (evt.which) ? evt.which : event.keyCode
         if (charCode > 31 && (charCode < 48 || charCode > 57))
            return false;

         return true;
      }
  
  
     
   </SCRIPT>
   </HEAD>
<td><INPUT onkeypress='return isNumberKey(event)'  type='text' name='Age' value='<?php if(!empty($Age))echo $Age;?>'/></td></tr>

<tr><td>
<em>*</em>Enter Blood</td><td><input type='text' name='BloodGroup' value='<?php if(!empty($BloodGroup))echo $BloodGroup;?>' /></td></tr>

<tr><td>
<em>*</em>Enter Sex</td><td><input type='radio' name='Sex'  style='width:16px; border:0;' 'value='Male' />Male   <input type='radio' name='Sex' style='width:16px; border:0;' 'value='Female' />Female</td></tr>

<tr><td>
<em>*</em>Enter Qualification</td><td><input type='text' name='Qualification'  value='<?php if(!empty($Qualification))echo $Qualification;?>' /></td></tr>

<tr><td>
<em>*</em>Contact Number </td><td><input onkeypress='return isNumberKey(event)'type='text'  name='ContactNumber' value='<?php if(!empty($ContactNumber))echo $ContactNumber;?>' /></td></tr>

<tr><td>
<em>*</em>Enter Email</td><td><input type='text' name='Email'class="email" value='<?php if(!empty($Email))echo $Email;?>' /></td></tr>

<tr><td>
<em>*</em>Enter Address</td><td><input type='text'   name='Address' value='<?php if(!empty($Address))echo $Address;?>' /></td></tr>


<tr ><td >
<em>*</em>About Yourself </td></tr>
<tr><td colspan="2"><textarea rows='10' cols='40'  name='AboutYourself'  /><?php if(!empty($Address))echo $Address;?></textarea></td></tr>
<tr><td>

<?php echo"
<tr><td colspan='2'><em>*</em><b>Select fields for which you want to register</b></td></tr>";

require_once('database.php');
$query="select * from activity";
$result=mysqli_query($dbc,$query);
while($row=mysqli_fetch_array($result)){
$Title=$row['Title'];
$ActivityId=$row['ActivityId'];
echo "<tr><td>$Title</td>";
echo "<td><input type='checkbox' name='checkbox[]' value='$Title' style='width:14px; text-align:right;'/></td></tr>";//value=$ActivityId tells ActivityId variable extracts with name="checkbox"
echo "<br/>";
}
echo "<td><em>*</em><input type='checkbox' name='TermsAndConditions'  style='width:14px; text-align:right;'/></td><td> I agree all <a href='TermsAndConditions.php'>Terms and conditions </a>of Elite Brigade</td></tr>";
echo "<tr><td colspan='2' align='center'><input type='submit' value='Register' name='submit' style='background:url(./images/button_img2.png) no-repeat 10px 0px; width:100px; padding:3px 0 10px 0; color:#FEFBC4; border:0;'/></td></tr><br>";

echo " </td></tr></table>

</div>

</form>
</body>
</html>";
require_once('lower.php');

?>


Hi Friends ....
I encrypt user password by SHA('$Password') method but now i want to add "Forget Password Module" for which I need to decrypt it first before tell my user but I don't Know how to decrypt it.
Please help me........

I hope this is not confusing. 
Lets say I want to join 2 tables.

When I put it through a while loop, how do I write the code so that all id's in table2 are on the SAME line for each referring id in table 1, before dropping to the next line and going to the next record in table 1?

I THINK that actually makes sense if you read it carefully :-)

Hello there,

decided to try to have a joined table query, running into a couple of problems.
Here is the query:

$sql=mysql_query("SELECT * FROM `buds`, `unlocked_buds` WHERE `id`.buds = `bud_id`.unlocked_buds ORDER BY `id`.buds ASC") or die("A MySQL error has occurred.<br />Your Query: " . $sql . "<br /> Error: (" . mysql_errno() . ") " . mysql_error());



Which gives the error:
Quote

A MySQL error has occurred.
Your Query:
Error: (1054) Unknown column 'id.buds' in 'where clause'



The two tables are 'buds' and 'unlocked_buds'


Not really sure what to change, I have been following this tutorial http://www.sqltraining.org/selecting+data+from+multiple+tables/, but really is not helping that much.


What exactly does that mean? What really is happening?

Hi, I have a table for the users detail in the database which stores their avatar and stuff. There is another called part, this is where the users unique ID from the users table is posted, so I can join these both tables and retrieve the data accordingly. The user table has a few rows for avatars for example avatar_1 , avatar_2 and avatar_3 these rows have paths to different avatars. The problem I am facing is the user table is looking really ugly  thanks to these extra avatar rows. What I want to achieve is create a different table for avatars to store these 3 rows but I was wondering how will I join 3 of these tables the user table, the part table and finally the avatar table or should I do something else?

Thanks any help is appreciated!

i have 2 tables.

table 1
- Id
-Name
-ShortId

table 2
-lots of data....
-Category (same value with table1 Id)

im trying to join this 2 tables...

Code: [Select]
$query = "SELECT * FROM tblnews_categories WHERE ShortId != 0 ORDER BY `ShortId`";
$result = mysql_query($query);
$query2 = "SELECT * FROM tblnews_categories, tblnews WHERE tblnews_categories.Id = tblnews.Category ";
$result2 = mysql_query($query2);
while($row = mysql_fetch_assoc($result))
{

?>
<div class="quartetin2">
<div id="HomeMoreNewsIMG2"><div id="HomeMoreNewsTitle2"><a href="summary?catid=19167"><?php echo strtoupper($row['Name']);?></a></div></div>
<div id="HomeMoreNewsText">
<?php 
while($row2 = mysql_fetch_assoc($result2))
{
?>
<tr>
<td id="HomeLatestNewsDate"><li><?php echo strtoupper($row2['Title']);?></li></td>

</tr>


<?php } ?>

What i want to do is when Id = Category echo all data under the specific category