[Resolved] Email activation

minds_gifts

Hello everybody,
I've a contact form and when the user submits the form, i save all the information into a table and I send an e-mail to the user who filled in.
What does this e-mail do???
I just send a link in-order to activate his e-mail address.Once the user click on the link and activates his e-mail,I would like to show a message, your e-mail has been activated.If the e-mail is activated, I update the table and set the column activated=1.

The following code seems to be working fine except the print message-"the e-mail has been activated."
Well, I dont check in this script if the e-mail entered in in a proper format, i already did that check using java-script in my contactform.
Could somebody tell me where the error is or if there is any un-necessary code.
Thanks

<?php

/*This script will handle the variables passed from the contact form*/

//Declare the relevant variables

$hostname = "";
$username = "";
$password = "";
$dbname = "";
$mytable = "user_information";
$adminaddress = "";

//Database connection

mysql_connect($hostname,$username,$password)or die ("unable to connect my database");
mysql_select_db("$dbname") or die ("unable to select database");

echo "<body bgcolor='#FFFFCC'>";
echo "<CENTER>";
echo "Hello, $name";
echo "<BR><BR>";
echo "Thank you for your interest.<BR><BR>";
echo "We have sent you an activation e-mail to $email.Please check your e-mail";
echo "<CENTER>";

$from = $_REQUEST['email'];
// create the MD5 hash 
  $secret_code = 'secret';
  $formatted_email = preg_replace("/(-|\@|\.)/", "", $from);
  $hashed = md5("$secret_code $formatted_email");
// wait, are we verifying the email?
   if($_REQUEST['m'] != "") {
// this is validation routine
   if($hashed == $_REQUEST['m']) {
   print("Congrats, you have successfully validated your email address.");
// add the email to your double opt-in list here
      exit;
    } else {
      print("Sorry, this email does not validate");
    }
  } else {
// since we aren't validating then it is time to send out validation mail
    $mail_body = "To validate this email click the following link:\nhttp://www.blahblah.com/project/activate.php?email=$from&m=$hashed";
    mail($from, "Validation Email", $mail_body, "From: Admin\n");
    print("Please check your email <b>$from</b> for the test validation message");   

  }

//Send the relevant email 

mail ("ich@inkaytown.f2o.org", "visitor request for info", "$name requested for information.The email address is $email"); 

//Insert into the table

$query = "insert into $mytable (name, email, text, contacted_id) values ('$name','$email','$description','$id')";
$result = mysql_query($query);

//We close the MySQL connection 

mysql_close(); 

?>

activate.php

$sql = mysql_query("UPDATE $mytable SET activated='1' WHERE activated='$hashed'");
?>

lanjoky

where is the variable m in the querystring comming from and are you sure you are building it correctly?? ie (what is in $_Request['m'])
and why are u you using an exit inside of an if statement??
are you expecting to exit out of the page??

minds_gifts

I got it from a tutorial and it is'nt well explained.Actually, it also checks the format of the e-mail entered, but i removed it.I've taken care to check the format of the email entered using java-script in my contact form.
Is there a way to modify my code??

Thanks once again

lanjoky

<?php 

/*This script will handle the variables passed from the contact form*/ 

//Declare the relevant variables 

$hostname = ""; 
$username = ""; 
$password = ""; 
$dbname = ""; 
$mytable = "user_information"; 
$adminaddress = ""; 

//Database connection 

mysql_connect($hostname,$username,$password)or die ("unable to connect my database"); 
mysql_select_db("$dbname") or die ("unable to select database"); 

echo "<body bgcolor='#FFFFCC'>"; 
echo "<CENTER>"; 
echo "Hello, $name"; 
echo "<BR><BR>"; 
echo "Thank you for your interest.<BR><BR>"; 
echo "We have sent you an activation e-mail to $email.Please check your e-mail"; 
echo "<CENTER>"; 

$from = $_REQUEST['email']; 
// create the MD5 hash 
  $secret_code = 'secret'; 
  $formatted_email = preg_replace("/(-|@|.)/", "", $from); 
  $hashed = md5("$secret_code $formatted_email"); 
// wait, are we verifying the email? 
   if($_REQUEST['m'] != "") { 
// this is validation routine 
   if($hashed == $_REQUEST['m']) { 
   print("Congrats, you have successfully validated your email address."); 
// add the email to your double opt-in list here 
      //exit; (You dont need the exit )
    } else { 
      print("Sorry, this email does not validate"); 
    } 
  } else { 
// since we aren't validating then it is time to send out validation mail 
    $mail_body = "To validate this email click the following link:\nhttp://www.blahblah.com/project/activate.php?email=$from&m=$hashed"; 
    mail($from, "Validation Email", $mail_body, "From: Admin\n"); 
    print("Please check your email <b>$from</b> for the test validation message");    

  } 

//Send the relevant email 

mail ("ich@inkaytown.f2o.org", "visitor request for info", "$name requested for information.The email address is $email");  

//Insert into the table 

$query = "insert into $mytable (name, email, text, contacted_id) values ('$name','$email','$description','$id')"; 
$result = mysql_query($query); 

//We close the MySQL connection 

mysql_close();  

?>

try that and tell me what happens

minds_gifts

lanjoky,

I tried the code which you have given me and when i click on the activation link, I get a blank page.
well, I modified the code as follows:

$from = $_REQUEST['email'];
// create the MD5 hash 
    $secret_code = 'secret';
    $formatted_email = preg_replace("/(-|\@|\.)/", "", $from);
    $hashed = md5("$secret_code $formatted_email");

$mail_body = "To validate this email click the following link:\nhttp://www.inkaytown.f2o.org/project/activate.php?email=$from&m=$hashed";
mail($from, "Validation Email", $mail_body, "From: inkaytown\n");
print("Please check your email <b>$from</b> for the test validation message");

This also seems to be working as the code which you have written me.Once I click on the activation link, I get a blank page.

I've one more question - I received an e-mail asking to activate by clicking on the link thats in the email, i have'nt done it.so, now the value of the activated column is 0 to that id and I've got another email when i contacted a different profile.This I activated,and now I see all the activated columns to 1, though i have'nt activated one link previously.
Can this be made w.r.t id??

Thanks for your time

lanjoky

can you clarify what you would like me to look at. your last message has me confused... thanks

kevinsequeira

u might want to look at a similar post, which might help you solve ure problem

http://www.phpbuilder.com/board/showthread.php?threadid=10243439

reg
kevin

minds_gifts

Sorry Logan.

This is my actual code:

<?php

/*This script will handle the variables passed from the contact form*/

//Declare the relevant variables

$hostname = "";
$username = "";
$password = "";
$dbname = "";
$mytable = "user_information";
$adminaddress = "";

//Database connection

mysql_connect($hostname,$username,$password)or die ("unable to connect my database");
mysql_select_db("$dbname") or die ("unable to select database");

echo "<body bgcolor='#FFFFCC'>";
echo "<CENTER>";
echo "Hello, $name";
echo "<BR><BR>";
echo "Thank you for your interest.<BR><BR>";
echo "We have sent you an activation e-mail to $email.Please check your e-mail";
echo "<CENTER>";

$from = $_REQUEST['email'];
// create the MD5 hash 
    $secret_code = 'secret';
    $formatted_email = preg_replace("/(-|\@|\.)/", "", $from);
    $hashed = md5("$secret_code $formatted_email");

$mail_body = "To validate this email click the following link:\nhttp://www.blahblah.com/project/activate.php?email=$from&m=$hashed";
mail($from, "Validation Email", $mail_body, "From: inkaytown\n");
print("Please check your email <b>$from</b> for the test validation message");   

//Send the relevant email 
mail ("myself@blahblah.com", "visitor request for info", "$name requested for information.The email address is $email"); 

//Insert into the table

$query = "insert into $mytable (name, email, text, contacted_id) values ('$name','$email','$description','$id')";
$result = mysql_query($query);
//echo "$mytable";

//We close the MySQL connection 

mysql_close(); 

?>

and heres the code for my activate.php

$sql = mysql_query("UPDATE $mytable SET activated='1' WHERE activated='$hashed'");

and now my questions are:
1.when i click on the link i get a blank page, how can i put some message saying thanks.
2.If i dont activate the e-mail, the column activated is zero and if i activate other e-mail all the other id fields which have activated column as zero is now 1.How can i restrict this w.r.t id??

Thanks for your time

lanjoky

in your code (stuff you didnt post) do you have a redirect to activate.php on the page that is supposed to post the "thank you"?? if so thats why its not being posted.

minds_gifts

well, I just made activate.php in order to update the column activated, that is to set the column activated = 1

I dont have anythinng else here.My only concern over here is, the column activated should get updated to one only when the link corresponding to that id is being clicked.

Example:
I have 3 profiles with id's 1, 2, 3.
Now, I contact profile 1.I'll get an email and with the activation link.
Again, I contact profile 2.I do get an email with the activation link.I do the activation here, so my column activated updates to 1 only w.r.t id 2 but not to id1.Right now, it gets updated both the id's.

Does my questions make sense??

Thanks for your time

lanjoky

when these accounts were created do they contain the same contact email address?? If so then ur script is working correctly because $hashed would be the same for both id values 1 and 2 if they have the same email address!!

minds_gifts

No, though the e-mail address are different it still updates the column activated to 1.

Though i contacted 2 profiles, and i activate only 1 profile.so, only this profile w.r.t id has to be updated.

Thanks once again

lanjoky

How is and where is activate.asp called??

I see the code but no where do I see where you call or refer to the page.

sorry if this is painful but I need to see it all to get an idea of what is wrong ... my apologies 🙂

minds_gifts

Never mind,
its over here:

$mail_body = "To validate this email click the following link:\nhttp://www.blahblah.com/project/activate.php?email=$from&m=$hashed";

batman

Take a look at this. It deals with activating a user.

Cheers,

minds_gifts

This code does'nt seems to be working fine with me, i changed it and that solved my problem.