|
PHP - Create Account Problem
Hello, I am having a problem with this code. I know it's messy, but it works.
The Problem is that you can register a username more then once, It detects there is already a username of that in the database, but it still inserts it, and then there would be two of the same username. My Code: <?php if($_SERVER['REQUEST_METHOD'] == 'POST') { if($_POST['username'] == "" || $_POST['password1'] == "" || $_POST['password2'] == "" || $_POST['email'] == "" || $_POST['rights'] == "" || $_POST['ipaddress'] == "") { echo '<p class="info" id="warning"><span class="info_inner">You left one or more fields blank.</span></p>'; } else { $rr = mysql_query('SELECT * FROM users WHERE username=\'' . realEscape($_POST['username']) . '\'') ; if(mysql_num_rows($rr) > 0) { echo '<p class="info" id="error"><span class="info_inner">ERROR: The username is already in use!</span></p>'; } $rrr = mysql_query('SELECT * FROM users WHERE email=\'' . realEscape($_POST['email1']) . '\'') ; if(mysql_num_rows($rrr) > 0) { echo '<p class="info" id="error"><span class="info_inner">ERROR: The email is already in use!</span></p>'; } else { if($_POST['password1'] == $_POST['password2']) { if(preg_match('/[A-Za-z0-9-\s]{3,13}/i', $_POST['username'], $matches) && strlen($matches[0]) === strlen($_POST['username'])) { if(preg_match('/[a-z0-9]{3,13}/i', $_POST['password1'], $matches) && strlen($matches[0]) === strlen($_POST['password1'])) { if(is_numeric($_POST['rights'])) { mysql_query("INSERT INTO users (username, password, rights, ipaddress, email, date) VALUES ('". realEscape($_POST['username']) ."', '". encrypt($_POST['password1']) ."', '". realEscape($_POST['rights']) ."', '". realEscape($_POST['ipaddress']) ."', '". realEscape($_POST['email']) ."', NOW())"); echo ' <p class="info" id="info"><span class="info_inner">The account has been created.</p>'; } else { echo '<p class="info" id="error"><span class="info_inner">ERROR: Undefined</span>'; } } else { echo '<p class="info" id="error"><span class="info_inner">ERROR: Invalid password. Your password can only contain Numbers and Letters, and be 3-12 characters in length.</span></p>'; } } else { echo '<p class="info" id="error"><span class="info_inner">ERROR: Invalid username. Your password can only contain Numbers and Letters, and be 3-12 characters in length.</span></p>'; } } else { echo '<p class="info" id="error"><span class="info_inner">ERROR: Passwords do not match.</span></p>'; } } } } ?> Similar TutorialsHi all, Here i have a serious problem. I want to sought it out using PHP and MySQL only. I have a form includes fields of customer id and Account type( stored in a jump menu and includes 6 different types of accounts) <style type="text/css"> <!-- body,td,th { font-size: 18px; font-weight: bold; } --> </style> <p><img src="../images/mahapitiya 1.jpg" width="1024" height="139" /></p> <form id="form1" name="form1" method="post" action=""> <label> <input type="submit" name="button" id="button" value="Logout" /> </label> </form> <p> </p> <form action="" method="post" name="form2" id="form2" onsubmit="return Validate();"> <fieldset> <legend class="cap">Create an Account</legend> <table width="75%" border="0" cellspacing="0" cellpadding="5" align="center"> <tr> <td> </td> <td class="title02"> </td> <td> </td> <td> </td> </tr> <tr height="30"> <td width="10%"> </td> <td width="25%" class="title02" align="left">Customer ID</td> <td width="55%" class="attribute1" align="left"><input type="text" name="customer_id" class="attribute1" /></td> <td width="10%"> </td> </tr> <tr height="30"> <td> </td> <td width="25%" class="title02" align="left">Account Type</td> <td width="55%" align="left" bgcolor="#FFFFFF" class="attribute1"><select name="account_type" id="jumpMenu" > <option selected="selected"></option> <option>Savings Investment</option> <option>Shakthi</option> <option>Surathal</option> <option>Abhimani Plus</option> <option>Yasasa Certificates</option> <option>Fixed Deposits</option> </select> </td> <td width="10%"> </td> </tr> </table> <p align="center"> </p> <p align="center"> <input type="submit" onclick="return Validate();" name="submit" value="Submit" class="attribute1" /> <input type="reset" name="reset" value="Reset" class="attribute1" /> <label> <input type="submit" name="button2" id="button2" value="Help" /> </label> </p> </fieldset> </td> <td width="5%"> </td> </tr> <tr> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> </td> <td align="center"> </td> <td> </td> </tr> <tr> <td> </td> <td><font color="red" size="1" ></font></td> <td> </td> </tr> </table> </form> <p> </p> <script language = "Javascript"> function Validate() { if (document.form2.customer_id.value == '') { alert('Please enter the valid customer id!'); return false; } else if ( document.form2.account_type.selectedIndex == '' ) { alert ( "Please select an account type!." ); return false; } return true; } </script> There are 6 different types of tables exist in my database representing 6 different types of accounts.Each and every table there is a field called "account number" which is auto incremented.When user clicks on submit button i want account number to be opened based on selected account type. How this could be done? Thanks, Heshan. How would I go about creating a new user email account that can be accessed via my cpanel mail scripts (RoundCube, SquirrelMail, etc.), in PHP. Hi, I don't know why it outputs" You are now registered BUT the user name and password don't show up in the database! I want to encrypt the passwords so maybe that is problem, I don't know, please read scripts below. here is register.php: ============== Code: [Select] <html> <head></head> <body> <form method="post" action="" > <p>Create a username <input type="text" name="newUsername"/> </p> <p>Create a password <input type="password" name= "newPassword" /> </p> <p> <input type="submit" value="Make account now" name="makeAccountSubmit" /> </p> </form> <?php if(array_key_exists("makeAccountSubmit",$_POST) && !empty($_POST["newUsername"]) && !empty($_POST["newPassword"]) ) { //IF username doesn't exist, then store new user login info to db dummydpevx mysql_connect("localhost","root"); mysql_select_db("someDB"); $newUserName=$_POST["newUsername"]; $newPassword=crypt($_POST["newPassword"]); $usernameQuery=mysql_query("SELECT userName FROM users WHERE userName='$newUserName'"); if(mysql_num_rows($usernameQuery)==0) { $makeNewAccountQuery=mysql_query("INSERT INTO users userName,userPassword VALUES('$newUserName','$newPassword')"); print "You are now registered, <a href='login.php'>proceed to login</a>"; } if(mysql_num_rows($usernameQuery)==1) print "Username taken. Please make another one. <br />"; } here is login.php: ============ Code: [Select] <html> <head></head> <body> <form method="post" action=""> <label>Username:</label> <input type="text" name="username" /> <br /> <label>Password:</label> <input type="password" name="password" /> <p> <input type="submit" value="Login" name="Login" /> <input type="reset" value="Reset" name="Reset" /> </p> </form> <?php if(array_key_exists("Login",$_POST) && !empty($_POST["username"]) && !empty($_POST["password"])) { $attemptedUsername=$_POST["username"]; $attemptedPassword=$_POST["password"]; mysql_connect("localhost","root"); mysql_select_db("someDB"); $getLoginInfoQuery=mysql_query("SELECT userName,userPassword FROM users WHERE userName=$attemptedUsername AND userPassword=$attemptedPassword"); $getLoginInfo=mysql_fetch_assoc($getLoginInfoQuery); $getUsername=$getLoginInfo["userName"]; $getPassword=crypt($getLoginInfo["userPassword"]); if(crypt($attemptedPassword,$getPassword)==$getPassword) { session_start();//NB: Start session BEFORE doing any session stuff! $_SESSION["isAuthenticated"]="userAuthenticated"; header("Location: xmlShredderIndex.php"); exit; } else print "Please register!"; } Also, if any has time, please see my other post, it is straightforward instructions to see if you get same error as me, thanks. http://www.phpfreaks.com/forums/index.php?topic=347639.msg1640652#msg1640652 Any help much appreciated! Hi, i have tried everything i can think of to get this to work correctly. What is below here, is what i have last tried to work with..: basically the script allows the use to register an email account on a cpanel domain. Everything works perfectly but then i added a option for banned words now i cant get the script to work.. basically what happens is: the user creates an email account, if the account is not a banned word and does not exist, then the message echoes success, and the $_Post values are also entered into the database under the users name. and the email is also created with the $f fopen if success the email form also does not show.. so only one email per user.. i just cant get it to work with the banned words included.. what to note:: this is a function in a function.. $bannedemailwords='customerinformation,custinfo,customerinfo,custtext,custsupport,customersupport,admin,accounts'; $bannedmail=explode(',', $bannedemailwords); $bannedmail = array_unique($bannedmail); sort($bannedmail); foreach($bannedmail as $noemail) //the selected username if ($Config['enablemyemailapp_enable'] == '0' && $_POST['cfg_enablemyemailappaddress_enable'] !== $noemaill && $_POST['cfg_enablemyemailappaddressdomain_enable'] !== 'Select a domain'){ $cpuser = 'ausername'; $cppass = 'apassword'; $cpdomain = 'adomain'; $cpskin = 'askin'; $epass = 'somepassword'; $equota = 'somequota'; $euser = $_POST['cfg_enablemyemailappaddress_enable']; $epass = $_POST['emailspassword_enable']; $edomain = $_POST['cfg_enablemyemailappaddressdomain_enable']; if (!empty($euser) && $euser !=='nomail') while(true) { $f = fopen ("http://$cpuser:$cppass@$cpdomain:2082/frontend/$cpskin/mail/doaddpop.html?email=$euser&domain=$edomain&password=$epass"a=$equota", "r"); if (!$f) { $enablemyemailapp_enable = '0'; $enablemyemailappaddress_enable = 'Replace with a Name'; $enablemyemailappaddressdomain_enable = 'Select a domain'; $msgemail = 'The email '.$euser.'@'.$edomain.' is a restricted email account.'; break; } $enablemyemailapp_enable = '1'; $enablemyemailappaddress_enable = $_POST['cfg_enablemyemailappaddress_enable']; $enablemyemailappaddressdomain_enable = $_POST['cfg_enablemyemailappaddressdomain_enable']; $msgemail ='<center><font color="#ff0033">Your Email '.$euser.'@'.$edomain.' has been created.</font></center>'; while (!feof ($f)) { $line = fgets ($f, 1024); if (ereg ("already exists", $line, $out)) { $enablemyemailapp_enable = '0'; $enablemyemailappaddress_enable = 'Replace with a Name'; $enablemyemailappaddressdomain_enable = 'Select a domain'; $msgemail ='<center><font color="#ff0033">The email account '.$euser.'@'.$edomain.' already exists.</font></center><br><center>Please try again!</center>'; break; } } echo $msgemail; $_POST['cfg_enablemyemailapp_enable']= $enablemyemailapp_enable; $_POST['cfg_enablemyemailappaddress_enable']=$enablemyemailappaddress_enable; $_POST['cfg_enablemyemailappaddressdomain_enable']=$enablemyemailappaddressdomain_enable; @fclose($f); break; } } This topic has been moved to MySQL Help. http://www.phpfreaks.com/forums/index.php?topic=308807.0 hi everyone i was wondering if anyone has any idea how i can make my php links look like this "wwwDOTmysiteDOTcom/xxx.php?s=account" right now they look like this "wwwDOTmysiteDOTcom/account.php" thanks... i m tryin to create table from mysql coding and when i run the script its runs without any errors and just show that its created table but whn i chk into phpmyadmin i cnt find my table there and also when i use some copy paste from some website its just do the same thing but this time table is created but i cant find any difference between my table and the website table but still my script wont work please help me where is the mistake $connection=mysql_connect("127.0.0.1","root",""); $db=mysql_select_db("addressbook",$connection); if($db){ $SQL="CREATE TABLE address_data_new { ID int(7) NOT NULL auto_increment, First_name varchar(50) NOT NULL, ################## MY SCRIPT################ Last_name varchar(50) NOT NULL, email varchar(50) NOT NULL, PRIMARY KEY (ID), UNIQUE Id (ID) }"; /* $SQL="create table address_data { ID int(7) NOT NULL auto_increment, ############# working script############ First_Name varchar(50) NOT NULL, Surname varchar(50) NOT NULL, email varchar(50), PRIMARY KEY (ID), UNIQUE id (ID) )"; */ mysql_query($SQL); mysql_close($connection); echo "table added successfully"; } else { echo "database not found"; } ?> Hi there, its possible to something like this. <?php $i=0; $MW_Services ="aaaa.php"; $fh_MW_Services = fopen($MW_Services, 'w') or die("can't open file"); $string_MW_Services = "<html><head> </script><span style='padding-left:5px'> MW Services </head> <body> <table> <tr> <td>Teste</td> <td BACKGROUND='images/da.JPG'></td> <td></td> <td><?php for($i;$i>2;$i++){print $i;} ?> </td> </tr> </table> </body>"; fwrite($fh_MW_Services, $string_MW_Services); fclose($fh_MW_Services); ?> my problem is that the code doesnt do the cicle for it only. Tanks I am trying to create a registration form where users put their name, email and password only.
but i want to write an auto generated account number into database table for each user e.g; XY1234567 where XY should not change 1234567 auto generated random number and no duplicates (in numbers only).
example...
XY1234567
XY2345678
XY2233455
i found code
$num_of_ids = 10000; //Number of "ids" to generate.
$i = 0; //Loop counter.
$n = 0; //"id" number piece.
$l = "AAA"; //"id" letter piece.
while ($i <= $num_of_ids) {
$id = $l . sprintf("%04d", $n); //Create "id". Sprintf pads the number to make it 4 digits.
echo $id . "<br>"; //Print out the id.
if ($n == 9999) { //Once the number reaches 9999, increase the letter by one and reset number to 0.
$n = 0;
$l++;
}
$i++; $n++; //Letters can be incremented the same as numbers. Adding 1 to "AAA" prints out "AAB".
}
but its not working as i want. Any help please?
Edited by 684425, 27 December 2014 - 12:58 PM. I have the following code which works (thanks to PHP Freaks members)
foreach ($swap["sims"] as $swap)
{
echo $swap['voice'] . "</br>";
}
But I can't figure out why the following doesn't work
<select name="sim_for_swap[]">
<?php
foreach ($swap["sims"] as $swap)
{
?>
<option value="<?php echo $swap['voice'];?>"><?php echo $swap['voice'];?></option>
<?php
}
?>
Hi guys,
<form id='contact-form".$KitchConfigID."' name='contact-form".$KitchConfigID."' action='_pages/_kitchenconfig/adm_saveKitchConfig.php?Nav=".$NavHash."&kcid=".$KitchConfigID."' method='POST'>
<div class='row'>
<div class='col-sm-12'>
<div class='md-form mb-0 form-sm'>
<input value='".$KitchConfig."' type='text' id='configname".$KitchConfigID."' name='configname".$KitchConfigID ."' class='form-control'>
<label for='configname".$KitchConfigID ."' class=''>Config Name:</label>
</div>
</div>
</div>
<div class='row'>
<div class='col-sm-12'>
<div class='md-form mb-0 form-sm'>
<select id='designer_".$KitchConfigID."' name='designer_".$KitchConfigID."' class='mdb-select md-form' searchable='Search here..' onchange='changeInput(this.value, ".$SelField.");'>");
$designersql = "SELECT * FROM `tbl_contacts` ORDER BY `FirstName`";
$resultdesigner = $conn->query($designersql);
if ($resultdesigner->num_rows > 0) {
$resultdesigner->MoveFirst;
echo("<option value='designer_".$KitchConfigID."'></option>");
while($rowdesigner = $resultdesigner->fetch_assoc()) {
$DesignerName = $rowdesigner["FirstName"]." ".$rowdesigner["LastName"];
$DesignerID = $rowdesigner["ContactID"];
if($rowdesigner["ContactID"]==$rowkitch["Designer"]){
echo("<option value='".$DesignerID."' selected='selected'>".$DesignerName."</option>");
}
else {
echo("<option value='".$DesignerID."'>".$DesignerName."</option>");
}
}
}
echo("</select>
<input type='text' name='".$SelField."' value='' />
<label for='designer_".$KitchConfigID."' class=''>Designer:</label>
</div>
</div>
</div>
<div class='md-form mb-0 float-right'>
<button type='submit' class='btn btn-outline-danger waves-effect btn-sm float-right'>Save <i class='fas fa-magic ml-1'></i></button>
</div>
$upd_KitchConfigID = $_GET["kcid"];
if(isset($_POST["configname$upd_KitchConfigID"]))
{
$upd_KitchConfig = $_POST["configname$upd_KitchConfigID"];
}
else
{
$upd_KitchConfig = 'NotSet';
$ErrMsg = $ErrMsg . 'No KitchConfig, ';
}
if(isset($_POST["designer$upd_KitchConfigID"]))
{
$upd_KitchConfigDesigner = $_POST["designer_$upd_KitchConfigID"];
}
else
{
$upd_KitchConfigDesigner = 1;
$ErrMsg = $ErrMsg . 'No Designer, ';
}
echo("designer_$upd_KitchConfigID: ".$_POST["designer_$upd_KitchConfigID"]."<br><br>");
Hi friends, I am creating a site where users can add credit to their account via Liberty Reserve, and after that their account will automatically be updated with the amount they added so that they can use it to purchase products.. And after any purchase, the amount will be subtracted from their account.. I cant really find a php code to do that... i have done a search on here but still cant find anything close to it.. Can someone kindly help? Thank you Does anyone know of a json or php method of authenticating a youtube user without using zend? Code: [Select] <?php $id = NULL; $username = 'myYouTubeAccount'; $url = 'http://gdata.youtube.com/feeds/api/users/%s/uploads?orderby=updated&max-results=8'; $xml = simplexml_load_file(sprintf($url, $username)); foreach ($xml->entry as $entry) : $kids = $entry->children('http://search.yahoo.com/mrss/'); $attributes = $kids->group->content[0]->attributes(); $flv = $attributes['url']; $attributes = $kids->group->player->attributes(); $link = $attributes['url']; $querystring = parse_url($link,PHP_URL_QUERY); parse_str($querystring, $id_temp); $id = $id_temp['v']; ?> <a href="<?=$link?>"> <img src="http://i4.ytimg.com/vi/<?=$id?>/default.jpg" /> </a> <?php endforeach; ?> This code logs the user in with the correct user_email, user_pwd, and active=1. A '0' is inserted into the active column of the users table during registration. I need help checking if active=0 then flash_warning('User account not activated'). login_user.php Code: [Select] <?php include(MODEL_PATH.'user.php'); switch ($route['view']){ case "login_user": if(login($params['user']['user_email'], $params['user']['user_pwd'])) { flash_notice('You are logged in!'); redirect_to(''); } else { flash_warning('Username or password is invalid!'); $route['view'] = 'login'; } break; }user.php Code: [Select] <?php session_start(); function login($username, $password) { db_connect_posts(); $query = sprintf("SELECT * FROM users WHERE user_email = '%s' AND user_pwd = '%s' AND active = '1'" , mysql_real_escape_string($username), md5($password) ); $result = mysql_query($query); $number_of_posts = mysql_num_rows($result); if($number_of_posts == 0) { return false; } $row = mysql_fetch_array($result); $_SESSION['user'] = $row; return true; } ?>Login form Code: [Select] <form action="<?php echo '/'.APP_ROOT.'/'; ?>sessions/login_user" method="post"> <fieldset> <legend>Login</legend> <div> <label>E-mail</label> <input name="user[user_email]" size="40" type="text" /> </div> <div> <label>Password</label> <input name="user[user_pwd]" size="40" type="password" /> </div> <input type="submit" value="Login" /> </fieldset> </form> The below script WILL list one account successfully, but how come this script doesn't list more than one account when <b>listAccounts()</b> is called? EXAMPLE OF accounts.txt FILE: Code: [Select] username:blah user526:pass justinlh:justin function listAccounts() { //load all the accounts $accounts = loadAccounts(); //display each account in the drop-down box foreach($accounts as $account) { $account_split = explode(':', $account); echo '<option value="'. $account .'">'.$account_split[0].'</option>'; } } function loadAccounts() { /* EXAMPLE OF ACCOUNTS.TXT * http://pastebin.com/zAPH0a4J */ $handle = fopen('accounts.txt', 'r'); $accounts = fread($handle, filesize('accounts.txt')); fclose($handle); return explode('\n', $accounts); } I really swear that the host I use is like screwing with me hard. Like literally will have something working one night, wake up the next day to my error log full and nothing working anymore. Or, like in this case, have the code working fine, perfectly in fact, to all of the sudden bring up all these errors and shit without changing anything I just can't figure it out. Point being, I am working on this portal, and on the account page, you can update your info. Which for one field...
$result = queryMysql("SELECT * FROM accounts WHERE user='$user'");
$row = $result->fetch_assoc();
$set_comp = $row['company'];
// Check if 'Company' value is set
if (isset($_POST['company']))
{
$company = sanitizeString($_POST['company']);
if ($_POST['company'] != $set_comp)
{
queryMysql("UPDATE accounts SET company='$company' WHERE user='$user'");
}
elseif ($set_company == "")
{
queryMysql("INSERT INTO accounts (company) VALUES('$company') WHERE user='$user'");
}
elseif (empty($_POST['company']))
{
$company = "";
}
else
{
$company = stripslashes($row['company']);
}
}
And the form... Quote<form method='post' action='account.php' enctype='multipart/form-data'> Company:</th><td><input type='company' size='50' maxlength='40' name='company' value='$company'> <input type='submit' value='Save Info'> </form>
Now before it inexplicably stopped working, what it was doing and meant to do was display a form, that either had the information that was set, or displayed nothing because nothing was entered, and you could either put something there or change what was already there. Now it keeps telling me: [22-Oct-2018 06:29:37 UTC] PHP Notice: Undefined variable: company in /home/iqy0804tq6fq/public_html/portal/account.php on line 262 Also, sanitizeString and queryMysql are my own created functions, they work fine. I tried removing the elseif (empty($_POST['company'])), and just left the last else in, didn't work. It just displays empty columns now. Now also, when I try to update, it feeds me all these errors now my SQL syntax is wrong its LIKE HOW DID THIS CHANGE IN 10 SECONDS!!? I didn't DO anything for my syntax to be any different than when it worked perfectly! It's insanity. Hi! Trying to have it send a link to a user's email upon registration, and set it so they can't login until they click the link from their email. Here's the register script: <?php include('config.php'); include('dateindex.php'); if($loggedin == '1') die("You can't register another account while you're logged in."); if(isset($_POST['submit'])) { $callname = mysql_real_escape_string($_POST['callname']); $uname = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $email = mysql_real_escape_string($_POST['email']); if((!isset($_POST['username'])) || (!isset($_POST['callname'])) || (!isset($_POST['email'])) || (!isset($_POST['pass'])) || ($uname == '') || ($_POST['pass'] == '')) die("Please fill out the form completely. <br><br> <a href=register.php>Continue</a>"); $check = @mysql_query("SELECT id FROM users WHERE username = '$uname'"); $check = @mysql_num_rows($check); if($check > 0) die("Sorry, that username has already been taken. Please try again. <br><br> <a href=register.php>Continue</a>"); function validateEmailAddress($email) { return filter_var($email, FILTER_VALIDATE_EMAIL) && preg_match('/@.+\./', $email); } if(validateEmailAddress($email) !=1) { echo "That email address does not exist.<br /><br /><a href=register.php>Continue</a>"; exit(); } $pass = md5($_POST['pass']); $date = date("m/d/y"); $a =md5(uniqid(rand(), true)); $newPlayer = @mysql_query("INSERT INTO users (username, password, callname, email, registered, active) VALUES ('$uname', '$pass', '$callname', '$email', '$date', '$a')") or die("Error: ".mysql_error()); if (mysql_affected_rows() == 1) { $body = "Thank you for registering. To activate account click this link"; $body .= "http://localhost/testing/mbactivate.php?x=" . mysql_insert_id() . "$y=$a"; mail($_POST['email'], 'Registration Confirmed', $body, 'From:mirrorcat@airpost.net'); echo '<br />You have been registered! A confirmation email has been sent.'; exit(); } } else { echo '<form action=register.php method=post> Callname: <input type=text name=callname><br> Username: <input type=text name=username><br> Email: <input type=text name=email><br> Password: <input type=password name=pass><br> <input type=submit name=submit value=Submit> </form>'; } ?> login/index: <?php include('config.php'); echo '<center><a href=index.php>Main</a> | <a href=myprofile.php>Profile</a> | <a href=inbox.php>Inbox</a> | <a href=page1.php>To-Do List</a> | <a href=logout.php>Logout</a></center>'; print date('g:i a - l, F jS'); echo '<br /><br />'; ?> <?php if($loggedin == '0') { if(isset($_POST['submit'])) { // Make sure all forms were filled out. if((!isset($_POST['username'])) || (!isset($_POST['pass'])) || ($_POST['username'] == '') || ($_POST['pass'] == '')) die("Please fill out the form completely. <br><br> <a href=index.php>Continue</a>"); // Get user's record from database $player = @mysql_query("SELECT id, username, password, callname, email, registered, lastlogin FROM users WHERE username = '".$_POST['username']."'"); $player = @mysql_fetch_assoc($player); mysql_real_escape_string($username); mysql_real_escape_string($password); if($player['id'] == false) die("Sorry, that user is not in our database.<br><br> <a href=index.php>Back</a>"); else if($player['password'] != md5($_POST['pass'])) die("Wrong password!<br><br> <a href=index.php>Back</a>"); $_SESSION['id'] = $player['id']; $_SESSION['username'] = $player['username']; $_SESSION['password'] = $player['password']; $_SESSION['callname'] = $player['callname']; $_SESSION['email'] = $player['email']; $date = date("m/d/y"); $update = @mysql_query("UPDATE users SET lastlogin = '$date' WHERE id = '".$_SESSION['id']."'"); echo 'You are now logged in!'; } else { echo 'You are not logged in. <br><br> <form action=index.php method=post> Username: <input type=text name=username><br> Password: <input type=password name=pass><br> <input type=submit name=submit value=Submit> </form> Would you like to <a href=register.php>register?</a>'; } } else { echo 'You are logged in! Welcome, '.$_SESSION['callname'].'!'; } ?> <br /><br /> <b>Activate Account</b><br /> <?php // Validate $_GET['x'] and $_GET['y']. if (isset($_GET['x'])) { $x = (int) $_GET['x']; } else { $x = 0; } if (isset($_GET['y'])) { $y = $_GET['y']; } else { $y = 0; } // If $x and $y aren't correct, redirect the user. if ( ($x > 0) && (strlen($y) == 32)) { $query = "UPDATE users SET active=NULL WHERE (id=$x AND active='" . $y . "') LIMIT 1"; $result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error()); // Print a customized message. if (mysql_affected_rows() == 1) { echo "<br><br><h3>Your account is now active. You may now log in.</h3>"; } else { echo '<br><br><p><font color="red" size="+1">Your account could not be activated. Please re-check the link or contact the system administrator.</font></p>'; } // mysql_close(); } else { // Redirect. // Start defining the URL. $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); // Check for a trailing slash. if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) { $url = substr ($url, 0, -1); // Chop off the slash. } // Add the page. $url .= '/index.php'; ob_end_clean(); // Delete the buffer. exit(); } // End of main IF-ELSE. ?> My problem is it isn't sending the code to the email specified, even though the random letters that should be sent to the email are stored in the database. And when I test the url anyway, (x=1&y=activationcode) it returns it as false, that the code doesn't exist even though I can clearly see it in my database! Can anyone spot any errors? Hello everyone, here is my problem. I am working for someone that would like users to be able to create a Trial Account on their website. This trial account is to be used for 24 hours, once the 24 hours is completed they can no longer login/use that account. Everything about the Trial Account is completed, other then the account timer. I am at a loss on how to get this part done. I was thinking that I would use the MySQL commands, GETDATE() and DATEADD(), to get the date and time that the account was created and using the DATEADD() command I would add 24 hours to the GETDATE() value. Then if the user logs into at a date past the DATEADD() value the Users Account type is switched to 3(This means that the account has been disabled) and then is directed to the Logout page, which then redirects him back to the homepage. After this point, the user can no longer login due to the code preventing any user with an account type of 3 to login. The problem is that I am unaware how to incorporate the GETDATE() and DATEADD() functions into my PHP code. Would anyone be able to explain how I can get this done, or suggest a better method of inputting a starting time and ending time for the account? Thank You for any/all help. Hi guys,
It's been a while that I have actively contributed to phpfreaks. I had some time consuming matters unfortunately.
If it would be possible I would like to have my old account restored or reactivated. The name probably sounds familiar
The restore password form doesn't seem to work (as in I receive no mails).
My emailaddress hasn't changed. Thanks in advanced!
Cssfreakie <--- the old one
Edited by cssfreakie2, 13 January 2015 - 01:35 PM. I am using a standard form to mail script and have a few fields that I need to be required to be filled in. This is working fine until someone enters a space character in a required field, which is being let thorugh. How can I stop this? here the code for required fields - I thought the trim function in the below would have taken care of this??? // This is because I originally had it require but too many people // were used to Matt's Formmail.pl which used required instead. if ($required) $require = $required; // handle the required fields if ($require) { // seperate at the commas $require = ereg_replace( " +", "", $require); $required = split(",",$require); for ($i=0;$i<count($required);$i++) { $string = trim($required[$i]); // check if they exsist if((!(${$string})) || (!(${$string}))) { // if the missing_fields_redirect option is on: redirect them if ($missing_fields_redirect) { header ("Location: $missing_fields_redirect"); exit; } $require; $missing_field_list .= "<b><font color=\"#990000\">Missing: $required[$i]</font></b><br>\n"; } } // send error to our mighty error function if ($missing_field_list) print_error($missing_field_list,"missing"); } |
|||||||