I am sure the error is somewhere with my if statements. I dont know if I need an if else or else if. Please take a look at my code for me and let me know where I am going wrong. Thanks!
Code: Select all
<?php
if (!$_POST[email]){
echo "You forgot to enter an email address, hit the back button and try again</br>";
exit();
}
if (!$_POST[password]){
echo "You forgot to enter a password, hit the back button and try again</br>";
exit();
}
if (!$_POST[repassword]){
echo "Please enter a password confirmation, hit the back button and try again</br>";
exit();
}
if ($_POST[password] != $_POST[repassword]){
echo "Passwords do not match, hit the back button and try again</br>";
exit();
}
$sql2=mysql_query("Select * from users WHERE email='$email'");
$verifynotregistered = mysql_num_rows($sql2) or die(mysql_error());
if ($verifynotregistered > 0)
{
header('Location: suspectedregistered.php');
exit();
}
if ($_POST['form_submitted'] == '1') {
##User is registering, insert data until we can activate it
$activationKey = mt_rand() . mt_rand() . mt_rand() . mt_rand() . mt_rand();
$firstname = mysql_real_escape_string($_POST[firstname]);
$lastname = mysql_real_escape_string($_POST[lastname]);
$username = mysql_real_escape_string($_POST[username]);
$password = mysql_real_escape_string($_POST['password']);
$email = mysql_real_escape_string($_POST[email]);
$sql="INSERT INTO users (firstname,lastname,username, password, email, activationkey, status) VALUES ('$firstname', '$lastname', '$username', '$password', '$email', '$activationKey', 'verify')";
else if (!mysql_query($sql))
{
die('Error: ' . mysql_error());
}
echo "An email has been sent to $_POST[email] with an activation key. Please check your mail to complete registration.";
##Send activation Email
$to = $_POST[email];
$subject = " BassNation.com Registration";
$message = "Welcome to our website!\r\rYou, or someone using your email address, has completed registration at BassNation.com. You can complete registration by clicking the following link:\rhttp://www.BassNation.us/TournamentApp/admin/verify.php?$activationKey\r\rIf this is an error, ignore this email and you will be removed from our mailing list.\r\rRegards,\ BassNation.com Team";
$headers = 'From: noreply@BassNation.com' . "\r\n" .
'Reply-To: noreply@BassNation.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
}
else {
##User isn't registering, check verify code and change activation code to null, status to activated on success
$queryString = $_SERVER['QUERY_STRING'];
$query = "SELECT * FROM users";
$result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result)){
if ($queryString == $row["activationkey"]){
echo "Congratulations! " . $row["username"] . " you may now login by <a href=\"http://www.BassNation.us/EastTexas/TournamentApp/admin/login.php\">CLICKING HERE</a> \r to start posting tournaments.";
$sql="UPDATE users SET activationkey = '', status='activated' WHERE (id = $row[id])";
if (!mysql_query($sql))
{
die('Error: ' . mysql_error());
}
}
}
}
?>