Re: Problems with email activation
Posted: Wed Feb 29, 2012 4:52 pm
Unknown column 'Blade' in 'where clause'
Maybe i need to pray or something to make it work
Maybe i need to pray or something to make it work
A community of PHP developers offering assistance, advice, discussion, and friendship.
http://forums.devnetwork.net/
Code: Select all
<?php
session_start();
$mysql_server = 'localhost';
$mysql_username = 'username';
$mysql_password = 'password';
$mysql_database = 'database';
$mysql_table = 'USERS';
$success_page = './thank_you_page.html';
$error_message = "";
if ($_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['form_name'] == 'signupform')
{
$newusername = $_POST['username'];
$newemail = $_POST['email'];
$newpassword = $_POST['password'];
$confirmpassword = $_POST['confirmpassword'];
$website = $_SERVER['HTTP_HOST'];
$script = $_SERVER['SCRIPT_NAME'];
$timestamp = time();
$code = md5($website . $timestamp . rand(100000, 999999));
if ($newpassword != $confirmpassword)
{
$error_message = 'Password and Confirm Password are not the same!';
}
else
if (!ereg("^[A-Za-z][a-z_.]{3,25}[a-z0-9]$", $newusername))
{
$error_message = 'Username is not valid, please check and try again!';
}
else
if (!ereg("^[a-z0-9]{5,50}$", $newpassword))
{
$error_message = 'Password is not valid, please check and try again!';
}
else
if (!ereg("^[A-Za-z0-9\.|-|_]*[@]{1}[A-Za-z0-9\.|-|_]*[.]{1}[a-z]{2,5}$", $newemail))
{
$error_message = 'Email is not a valid email address. Please check and try again.';
}
if (empty($error_message))
{
$db = mysql_connect($mysql_server, $mysql_username, $mysql_password);
if (!$db)
{
die('Failed to connect to database server!<br>' . mysql_error());
}
mysql_select_db($mysql_database, $db) or die('Failed to select database<br>' . mysql_error());
$sql = "SELECT username FROM " . $mysql_table . " WHERE username = '" . $newusername . "'";
$result = mysql_query($sql, $db);
if ($data = mysql_fetch_array($result))
{
$error_message = 'Username already used. Please select another username.';
}
}
if (empty($error_message))
{
$crypt_pass = md5($newpassword);
$newusername = mysql_real_escape_string($newusername);
$newemail = mysql_real_escape_string($newemail);
$newfullname = mysql_real_escape_string($newfullname);
$sql = "INSERT `" . $mysql_table . "` (`username`, `password`, `email`, `active`, `code`) VALUES ('$newusername', '$crypt_pass', '$newemail', '0', '$code')";
$result = mysql_query($sql, $db);
mysql_close($db);
$subject = 'Email confirmation';
$message = 'Hi!Thanks for creating an account on our site. Click the link below to confirm your email address:';
$message .= "\r\nUsername: ";
$message .= $newusername;
$message .= "\r\nPassword: ";
$message .= $newpassword;
$message .= "\r\n";
$message .= "\r\nhttp://" . $website . $script . "?user=" . $newusername . "&code=$code";
$message .= "\r\n\r\nThis is an automated message - please do not reply";
$header = "From: webmaster@myhoo22.com" . "\r\n";
$header .= "Reply-To: webmaster@myhoo22.com" . "\r\n";
$header .= "MIME-Version: 1.0" . "\r\n";
$header .= "Content-Type: text/plain; charset=utf-8" . "\r\n";
$header .= "Content-Transfer-Encoding: 8bit" . "\r\n";
$header .= "X-Mailer: PHP v" . phpversion();
mail($newemail, $subject, $message, $header);
header('Location: ' . $success_page);
exit;
}
}
else
if (isset($_GET['code']) && isset($_GET['user']))
{
$db = mysql_connect($mysql_server, $mysql_username, $mysql_password);
if (!$db)
{
die('Failed to connect to database server!<br>' . mysql_error());
}
mysql_select_db($mysql_database, $db) or die('Failed to select database<br>' . mysql_error());
// I'm assuming the column id exists. If not, use your primary key in place of id
$sql = "SELECT username FROM " . $mysql_table . " WHERE username = '" . $_GET['user'] . "' AND code = '" . $_GET['code'] . "'";
$result = mysql_query($sql) or die(mysql_error());
/*list($username) = mysql_fetch_row($result);
if (!$username)
{
die("There was an error in the following sql statement:<hr>$sql<br />" . mysql_error());
}
*/
// User has been found, so we'll activate the account
$query = "UPDATE {$mysql_table} SET active = '1' WHERE username = '".$_GET['user']."'";
mysql_query($query) or die('UPDATE ERROR: '.mysql_error());
header("refresh:5;url=log_in.php");
echo 'Your user account was succesfully activated. You\'ll be redirected in about 5 secs. If not, click <a href="log_in.php">here</a>.';
exit;
}
?>
You are welcome.Blaade wrote:Man...i don't know what to say...Thanks a lot and god bless you! If it wasn't for you i would be stuck for life ii think. After 3 days ofyou made me happy:D Thank you so much. Think everything it's in order now.
What you are experiencing is the action of magic quotes. You can remove the effect by running this functionBlaade wrote: And one last thing if i got your attention, maybe you know. I made a forum and there is a text area named About me. When someone writes words with " ' " (Example: It's, he's....) and submits....on the other page where the form is submitted the words appear like this: It\'s, he\'s, I\'m...Maybe you know the problem because i don't know what to search for, on the internet...
Thank you very much again!
Code: Select all
function my_strip_slashes(&$var){
$var = stripslashes($var);
}
function remove_all_slashes(){
if (ini_get('magic_quotes_gpc')){
array_walk_recursive($_POST,'my_strip_slashes');
array_walk_recursive($_GET,'my_strip_slashes');
array_walk_recursive($_REQUEST,'my_strip_slashes');
array_walk_recursive($_COOKIE,'my_strip_slashes');
}
}
Code: Select all
remove_all_slashes()Blaade wrote:Thanks a lot! If i ever come to Nigeria i'll buy you a drink![]()
Code: Select all
function my_strip_slashes(&$var){
$var = stripslashes($var);
}