1Resource id #2................eh?

Virtue

Okay, so, here's the thing.

I am trying to create a Membership system for my website and have ran into a problem.

After I complete the signup form, I am taken to the "Done!" page.
And the Users info is entered into the Database.
There is a link under that to activate the account, but whenever I click it, I get this error:

1Resource id #2Your account could not be activated!

I have no idea what is wrong, nor how to fix it.
My register.php looks like this:


<?    

include 'db.php';    

// Define post fields into simple variables 
$first_name = $_POST['first_name'];    

$last_name = $_POST['last_name'];    

$email_address = $_POST['email_address'];    

$username = $_POST['username'];    

$db_password = $_POST['passwd'];    

$info = $_POST['info'];    

/* Let's strip some slashes in case the user entered 
any escaped characters. */    

$first_name = stripslashes($first_name);    

$last_name = stripslashes($last_name);    

$email_address = stripslashes($email_address);    

$username = stripslashes($username);    

$password = md5(stripslashes($db_password));    

$info = stripslashes($info);    


/* Do some error checking on the form posted fields */    

if((!$first_name) || (!$last_name) || (!$email_address) || (!$username) || (!$password)){   

    echo 'You did not submit the following required information! <br />';    

    if(!$first_name){    

        echo "First Name is a required field. Please enter it below.<br />";    

    }    

    if(!$last_name){    

        echo "Last Name is a required field. Please enter it below.<br />";    

    }    

    if(!$email_address){    

        echo "Email Address is a required field. Please enter it below.<br />";    

    }    

    if(!$username){    

        echo "Desired Username is a required field. Please enter it below.<br />";    

    }    

    if(!$passwd){    

        echo "Desired Password is a required field. Please enter it below.<br />";    

    }    

    include 'join_form.html'; // Show the form again! 
    /* End the error checking and if everything is ok, we'll move on to 
     creating the user account */    

    exit(); // if the error checking has failed, we'll exit the script! 
}    

/* Let's do some checking and ensure that the user's email address or username 
does not exist in the database */    

 $sql_email_check = mysql_query("SELECT email_address FROM users  

            WHERE email_address='$email_address'");    

 $sql_username_check = mysql_query("SELECT username FROM users  

            WHERE username='$username'");    

 $email_check = mysql_num_rows($sql_email_check);    

 $username_check = mysql_num_rows($sql_username_check);    

 if(($email_check > 0) || ($username_check > 0)){    

    echo "Please fix the following errors: <br />";    

    if($email_check > 0){    

        echo "<strong>Your email address has already been used by another member 
        in our database. Please submit a different Email address!<br />";    

        unset($email_address);    

    }    

    if($username_check > 0){    

        echo "The username you have selected has already been used by another member 
         in our database. Please choose a different Username!<br />";    

        unset($username);    

    }    

    include 'join_form.html'; // Show the form again! 
     exit();  // exit the script so that we do not create this account! 
 }    

/* Everything has passed both error checks that we have done. 
It's time to create the account! */    

// Enter info into the Database. 
$db_password = md5($password); 

$info2 = htmlspecialchars($info);    

$sql = mysql_query("INSERT INTO users (first_name, last_name, 
        email_address, username, password, info, signup_date) 
        VALUES('$first_name', '$last_name', '$email_address', 
        '$username', '$db_password', '$info2', now())")     

        or die (mysql_error());    

if(!$sql){    

    echo 'There has been an error creating your account. Please contact the webmaster.';    

} else {    

    echo 'Done!<BR>'; 
    echo "Click <a href=activate.php?id=".$username."&amp;code=".$db_password.">Here</a> to activate your account!"; 

}    

?>

And my activate.php looks like this:


<?   

/* Account activation script */   

// Get database connection 
include 'db.php';   

// Create variables from URL. 

$userid = $_GET['id'];   

$code = $_GET['code'];   

$sql = mysql_query("UPDATE users SET activated='1' WHERE userid='$userid' AND password='".md5($code)."'");  

echo $sql; 

$sql_doublecheck = mysql_query("SELECT * FROM users WHERE userid='$userid' AND password='".md5($code)."' AND activated='1'");  

echo $sql_doublecheck; 
$doublecheck = mysql_num_rows($sql_doublecheck); 

if($doublecheck == 0){   

    echo "<strong><font color=red>Your account could not be activated!</font></strong>";   

} elseif ($doublecheck > 0) {   

    echo "<strong>Your account has been activated!</strong> You may login below!<br />";   

    include 'login_form.html';   

}   

?>

Please help, I would be most greatfull if somebody could help me sort this out.

Virtue.

HalfaBee

You are echoing the resource here
echo $sql_doublecheck;

The reason it doesn't work is that you are inserting the unencrypted password into the db.

HalfaBee

kevinsequeira

change

$sql = mysql_query("UPDATE users SET activated='1' WHERE userid='$userid' AND password='".md5($code)."'");  

echo $sql; 

$sql_doublecheck = mysql_query("SELECT * FROM users WHERE userid='$userid' AND password='".md5($code)."' AND activated='1'");  

echo $sql_doublecheck;

$sql = "UPDATE users SET activated='1' WHERE userid='$userid' AND password='".md5($code)."'";  

echo $sql; 
mysql_query($sql);

$sql_doublecheck = "SELECT * FROM users WHERE userid='$userid' AND password='".md5($code)."' AND activated='1'";  

echo $sql_doublecheck;  

mysql_query($sql_doublecheck)

whatever the queries are try running into the database and see if u have enteries corresponding to the usernames
reg
kevin

HalfaBee

Damm, I was wrong. ( I think the last time was 1991 🙂 )

The password is encrypted twice.

First time $password = md5(stripslashes($db_password));
near where the variables are converted from $_POST

Second just before insertion.
$db_password = md5($password);

$sql = mysql_query("INSERT INTO users (first_name, last_name,
email_address, username, password, info, signup_date)
VALUES('$first_name', '$last_name', '$email_address',
'$username', '$db_password', '$info2', now())")

HalfaBee

Virtue

Ahh, thanks guys.
I THINK I got that part sorted. Now me, being me - has ran into more problems.

All this editing seems to have screwed up all the PHP pages working with eachother.

In total, I now have only 5 pages that I'm trying to edit.

The Signup form now adds the user to the Database and the Account is activated (So it seems, the "activate" var on the database table is now '1'), but everytime I try to log in with the username and password I submitted on the sighnup form, it tells me that I couldn't be logged in because either then name and/or password is incorrect, or the account hasn't been activated.

There must be a linking problem on one/a couple of my pages somewhere. But I don't know where they are.

Virtue.

kevinsequeira

hm, good one halfabee, missed that one, i was working on the original code i posted which had the password encrypted only once

http://www.phpbuilder.com/board/showthread.php?threadid=10243280&perpage=15&pagenumber=1

reg
kevin

kevinsequeira

virtue, post the code where you sign in after the activation bit has been done

reg
kevin

HalfaBee

G'Day kevinsequeira,

I hadn't seen the original thread 🙁

Maybee I was lucky 🙂

Halfabee

Virtue

Oh wait, I fixed the login problem.

I forgot to get rid of one of the md5's.

Now login is successfull.

All I'm having trouble with now is the Roster page. which should add a logged in users name to a table on the page.

the roster.php looks like this:

<? 
//table : roster has roster_id|user_id 
//table : user has user_id|username|........ 
// roster.php 
// $logged_in_user is the current user who has logged in 
// set up db connections

session_start();  // Start Session

include 'db.php';

if(isSet($_GET['func'])){ 
    if($_GET['func']=="add"){ 
     // add the user to roster with user_id 
    } 
    if($_GET['func']=="remove"){ 
     // remove the user from roster using user_id 
    }     

} 
$q = "select roster.user_id, user.username from roster, user "; 
$q = " where roster.user_id = user.user_id"; 
$r = mysql_query($q); 
$count = mysql_num_rows($r); 
echo '<table>'; 
while ($row = mysql_fetch_array($r)){ 
    //using link 
    echo '<tr><td>'.$row[1].'<a href=roster.php?user_id='.$row[0].'&func=remove&logged_in_user='.$logged_in_user.'>remove</a></td></tr>';     

} 
$remainder = 10 - $count; 
if($remainder > 1){ 
    for($i=0;$i<$remainder;$i++){ 
        echo '<tr><td><a href=roster.php?user_id='.$logged_in_user.'&func=add&logged_in_user='.$logged_in_user.'>click to add</a></td></tr>'; 
    } 
} 
echo '</table>'; 
?>

I think you gave me most of that code Kev, so I think of anyone, you'll know what I'm doing wrong.

Oh, also, I get these errors...

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in c:\phpdev\www\roster.php on line 23

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in c:\phpdev\www\roster.php on line 25

Sorry about all this, I'm SO close to getting it all working. Hehe.

Virtue.

kevinsequeira

u missed a . on this line

$q = " where roster.user_id = user.user_id";

change to

$q .= " where roster.user_id = user.user_id";

reg
kevin

kevinsequeira

also i think this is the older version of the code i had posted.
check the earlier posts cause i had modified it to display the remove link only for the logged in user id, otherwise a user can remove all other users

reg
kevin

Virtue

Yeah, you're right, I just looked it up now.

The modified code should look something like this, although I may have posted the new part in the wrong place because I get a Parse error now.

<? 
//table : roster has roster_id|user_id 
//table : user has user_id|username|........ 
// roster.php 
// $logged_in_user is the current user who has logged in 
// set up db connections 
if(isSet($_GET['func'])){ 
if($_GET['func']=="add"){ 
// add the user to roster with user_id 
} 
if($_GET['func']=="remove"){ 
// remove the user from roster using user_id 
} 
} 
$q = "select roster.user_id, user.username from roster, user "; 
$q .= " where roster.user_id = user.user_id"; 
$r = mysql_query($q); 
$count = mysql_num_rows($r); 
echo '<table>'; 
while ($row = mysql_fetch_array($r)){ 
echo '<tr><td>'.$row[1]; 
if($logged_in_user==$row[0]){ 
echo '<a href=roster.php?user_id='.$row[0].'&func=remove&logged_in_user='.$logged_in_user.'> remove from roster</a>' 
} 
echo '</td></tr>'; 
}
$remainder = 10 - $count; 
if($remainder > 1){ 
for($i=0;$i<$remainder;$i++){ 
echo '<tr><td><a href=roster.php?user_id='.$logged_in_user.'&func=add&logged_in_user='.$logged_in_user.'>click to add</a></td></tr>'; 
} 
} 
echo '</table>'; 
?>

And the error is:

Parse error: parse error, expecting `','' or `';'' in c:\phpdev\www\roster.php on line 24

I have gone through those lines, but can't find any obvious parse errors to debug.
With that said, I may have simply got it all wrong and placed the lines you told me to place - in the WRONG place. Heh.

Virtue.

kevinsequeira

ure missing a ; at the end of this line

echo '<a href=roster.php?user_id='.$row[0].'&func=remove&logged_in_user='.$logged_in_user.'> remove from roster</a>'

reg
kevin

Virtue

Oh yes, how stupid of me. =/

Ok, I added that and got some mysql errors, but that was because I didn't register a session and include the db, so I added these lines of code at the top which got rid of 2 of the problems...

session_start();

include 'db.php';

When I get to the page, the 10 "Click Here" links are shown, but when I click any of them, it refreshes the page as opposed to adding a user to the list.

Above the links are the following errors:

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in c:\phpdev\www\roster.php on line 22

Warning: mysql_fetch_array(): supplied argument is not a valid

MySQL result resource in c:\phpdev\www\roster.php on line 24

Virtue.

kevinsequeira

if($GET['func']=="add"){
// add the user to roster with user_id
}
if($GET['func']=="remove"){
// remove the user from roster using user_id
}

i havent given u the whole code, see the part thats been commented out, u need to write the code to either add the user or remove the user from the roster.

also read all the comments in the code like what $logged_in_user is and echo values of variables throughtout the cide to make sure they are ll present, echo the sqls also to see what u are doing to the db

reg
kevin

Virtue

Oh I see. So the lines that are commented out in your above post need to be changed to actual code that will identify a user and add him/her to the roster?

I get the theory, but the actual coding may be somewhat beyond me at my present coding experience state.

If you want me to figure it out myself, can you at least give me some sort of clue as to the code I need to implement?

Virtue.

kevinsequeira

i assume u know how to insert and delete records from a mySQL table using PHP ??

reg
kevin

Virtue

I have very basic knowledge of that.
I can create new mysql tables and add information to it via the pages that I have worked on in the past I.e, this mempership project.

I have read the PHP Manual to the extent of finding things that I want to use for my project, although I havn't read it all yet.

As for creating and adding new lines of code, I am still inexperienced, which is why I am posting here for help.

Thank you very much for assisting me by the way, I really appreciate it.

Virtue.

Virtue

So how would I start doing that?

Virtue.