Some help with code

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
atsa1
Forum Newbie
Posts: 20
Joined: Wed Dec 09, 2009 9:11 am

Some help with code

Post by atsa1 »

Hy. Iäm new in this forum and already i seek for help. Well i have this user registration and login script. Using MySQL.
I have this problem that it uses e-mail verification but the server i have to use it has disabled the PHP mail() function so i cant use the verifycation system. I looked the code over and over and cant figure out how to bypass this, so after user registeres his account will be activated automaticly.
Heres the code. Realy big thanks to ones who help me with it.

Code: Select all

<?php
# Script 16.6 - register.php
// This is the registration page for the site.
 
require_once ('includes/config.inc.php');
$page_title = 'Register';
include ('includes/header.html');
 
if (isset($_POST['submitted'])) { // Handle the form.
 
    require_once (MYSQL);
    
    // Trim all the incoming data:
    $trimmed = array_map('trim', $_POST);
    
    // Assume invalid values:
    $fn = $ln = $e = $p = FALSE;
    
    // Check for a first name:
    if (preg_match ('/^[A-Z \'.-]{2,20}$/i', $trimmed['first_name'])) {
        $fn = mysqli_real_escape_string ($dbc, $trimmed['first_name']);
    } else {
        echo '<p class="error">Please enter your first name!</p>';
    }
    
    // Check for a last name:
    if (preg_match ('/^[A-Z \'.-]{2,40}$/i', $trimmed['last_name'])) {
        $ln = mysqli_real_escape_string ($dbc, $trimmed['last_name']);
    } else {
        echo '<p class="error">Please enter your last name!</p>';
    }
    
    // Check for an email address:
    if (preg_match ('/^[\w.-]+@[\w.-]+\.[A-Za-z]{2,6}$/', $trimmed['email'])) {
        $e = mysqli_real_escape_string ($dbc, $trimmed['email']);
    } else {
        echo '<p class="error">Please enter a valid email address!</p>';
    }
    
 
    // Check for a password and match against the confirmed password:
    if (preg_match ('/^\w{4,20}$/', $trimmed['password1']) ) {
        if ($trimmed['password1'] == $trimmed['password2']) {
            $p = mysqli_real_escape_string ($dbc, $trimmed['password1']);
        } else {
            echo '<p class="error">Your password did not match the confirmed password!</p>';
        }
    } else {
        echo '<p class="error">Please enter a valid password!</p>';
    }
    
    if ($fn && $ln && $e && $p) { // If everything's OK...
 
        // Make sure the email address is available:
        $q = "SELECT user_id FROM users WHERE email='$e'";
        $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
        
        if (mysqli_num_rows($r) == 0) { // Available.
        
            // Create the activation code:
            $a = md5(uniqid(rand(), true));
        
            // Add the user to the database:
            $q = "INSERT INTO users (email, pass, first_name, last_name, active, registration_date) VALUES ('$e', SHA1('$p'), '$fn', '$ln', '$a', NOW() )";
            $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
 
            if (mysqli_affected_rows($dbc) == 1) { // If it ran OK.
            
                // Send the email:
                $body = "Thank you for registering at <TEST>. To activate your account, please click on this link:\n\n";
                $body .= BASE_URL . 'activate.php?x=' . urlencode($e) . "&y=$a";
                mail($trimmed['email'], 'Registration Confirmation', $body, 'From: atsa1@hot.ee');
                
                // Finish the page:
                echo '<h3>Thank you for registering! A confirmation email has been sent to your address. Please click on the link in that email in order to activate your account.</h3>';
                include ('includes/footer.html'); // Include the HTML footer.
                exit(); // Stop the page.
                
            } else { // If it did not run OK.
                echo '<p class="error">You could not be registered due to a system error. We apologize for any inconvenience.</p>';
            }
            
        } else { // The email address is not available.
            echo '<p class="error">That email address has already been registered. If you have forgotten your password, use the link at right to have your password sent to you.</p>';
        }
        
    } else { // If one of the data tests failed.
        echo '<p class="error">Please re-enter your passwords and try again.</p>';
    }
 
    mysqli_close($dbc);
 
} // End of the main Submit conditional.
?>
    
<h1>Register</h1>
<form action="register.php" method="post">
    <fieldset>
    
    <p><b>First Name:</b> <input type="text" name="first_name" size="20" maxlength="20" value="<?php if (isset($trimmed['first_name'])) echo $trimmed['first_name']; ?>" /></p>
    
    <p><b>Last Name:</b> <input type="text" name="last_name" size="20" maxlength="40" value="<?php if (isset($trimmed['last_name'])) echo $trimmed['last_name']; ?>" /></p>
    
    <p><b>Email Address:</b> 
    <input type="text" name="email" size="30" maxlength="80" value="<?php if (isset($trimmed['email'])) echo $trimmed['email']; ?>" /></p>
    
        
    <p><b>Password:</b> 
      <input type="password" name="password1" size="20" maxlength="20" /> 
      <small>Use only letters, numbers, and the underscore. Must be between 4 and 20 characters long.</small></p>
    <p><b>Confirm Password:</b> <input type="password" name="password2" size="20" maxlength="20" /></p>
    </fieldset>
    
    <div align="center"><input type="submit" name="submit" value="Register" /></div>
    <input type="hidden" name="submitted" value="TRUE" />
 
</form>
 
 
<?php // Include the HTML footer.
include ('includes/footer.html'); ?>
 
note: config.inc.php hold only database information (server adress and username/password)
incubi
Forum Contributor
Posts: 119
Joined: Mon Dec 07, 2009 1:47 pm

Re: Some help with code

Post by incubi »

If your ISP will not enable SMTP in PHP config then you may be able to use this.

http://email.about.com/od/emailprogramm ... cation.htm

http://pear.php.net/package/Mail

However, they will still need to allow the smtp protocol.

incubi
atsa1
Forum Newbie
Posts: 20
Joined: Wed Dec 09, 2009 9:11 am

Re: Some help with code

Post by atsa1 »

Well, looked at the whole list of disabled functins. Cant use mail(), All external smtp connections disabled.. Only thing i get to work was the http://www.emailmeform.com e-mail form. It's like puting Youtube movie on website (it lets you customize the fields and all info is sent through theyr system).

I think it is easyer to get rid of the e-mail verification. Or does anybody have a nice easy registration and login script without mail verification what i could integrate into my website. I just need the registration to show some pages.

Thanks for responce.
nga
Forum Commoner
Posts: 46
Joined: Mon Aug 17, 2009 3:05 am

Re: Some help with code

Post by nga »

create another sql query after it, update the last inserted row, set the confirmation status to yes (depend on the column name in your database which field is confirmation status and which value mean it's activated).

the code below doesnt have any place which specify the user status is not confirmed so i guess it's default value in your database which make the user not confirmed once a new row is created, change that, see if it works. if it works, dont have to create a new sql query

After that run a update query without "where" to make every user is confirmed :D
Post Reply