[RESOLVED] Account Activation Script

homer09001

ok heres the situation:

i have a form on my site where usres enter their details including their e-mail address i what it so when they click submit they are assigned a unique Activation Number which is inserted in to a field in my database they are then sent an e-mail contaning a link which when clicked on changes tyhe code int eh database to a yes which then means there acount is active and they can log in?

heres the script i got from anouther post to make the id No i know how to put it in teh database but how do i get it to send the e-mail with the activation link?

<? 
$better_token = md5(uniqid(rand(),1)); 
print $better_token; 
?>

maxpup979

assuming you have the email address, you can use the mail function. When you create the body of the message, you can easily include the token.

dalecosp

You construct an email message string that includes the token ($better_token) (and hopefully some meaningful, understandable other text) and use [man]mail/man to send the message to the email address that was posted in the form.

dalecosp

homer09001

maxpup979 wrote:
assuming you have the email address, you can use the mail function. When you create the body of the message, you can easily include the token.

sorted it now send the email including the url to activate prob now is i want the url to include the code & the user id but the user id is assigned by the MYSQL server not the phpcode so is there anyway i can run 2 queries on the table in one script to get the id and add it to teh url heres my code:

activate.php

<? 
$DBhost = "localhost"; /* DON'T CHANGE should be fine as it is ok*/
$DBuser = "******";
$DBpass = "******";
$DBName = "******";
$table = "pilotinfo";  /* DON'T CHANGE*/
mysql_connect($DBhost,$DBuser,$DBpass) or die("Unable to connect to database");

// Create variables from URL. 

$pid = $_REQUEST['id']; 
$code = $_REQUEST['code']; 

$sql = mysql_query("UPDATE pilotinfo SET visible='1' WHERE id='$pid' AND regcode='$regcode'")or die(mysql_error());  

$sql_doublecheck = mysql_query("SELECT * FROM pilotinfo WHERE id='$pid' AND regcode='$regcode' AND activated='1'")or die(mysql_error()); 
$doublecheck = mysql_num_rows($sql_doublecheck)or die(mysql_error()); 

if($doublecheck == 0){ 
    echo "Your account could not be activated, please contact [email]webmistress@hollowdreams.net[/email]; 
} elseif ($doublecheck > 0) { 
    echo "Your account has been activated. You may login below:<br />"; 
    include 'login_form.html'; 
} 

?>

apply.php

<?
print "<BODY BGCOLOR=\"#CCCCCC\">";
$DBhost = "localhost"; /* DON'T CHANGE should be fine as it is ok*/
$DBuser = "*******";
$DBpass = "******";
$DBName = "******";
$table = "pilotinfo";  /* DON'T CHANGE*/
mysql_connect($DBhost,$DBuser,$DBpass) or die("Unable to connect to database");

@mysql_select_db($DBName) or die("Unable to select
database $DBName");


$name = $_POST['name'];
$email = $_POST['email'];
$age = $_POST['age'];
$history = $_POST['history'];
$webaddyhist = $_POST['webaddyhist'];
$role = $_POST['role'];
$comments = $_POST['comments'];
$registered_on = gmdate("l d M Y");
$registered_at = gmdate("H:i:s");
$regcode = md5(uniqid(rand(),1));


$sqlquery = "INSERT INTO $table values ('$id','$visible','$name','$email','$age','$history','$webaddyhist','$role','$comments',0,'$registered_on','$registered_at','$regcode')";
$results = mysql_query($sqlquery);

$idquery = "SELECT id FROM $table WHERE regcode='$regcode'";
$results2 = mysql_query($idquery);
$pid = $results2;

####################################
#confirmation e-mail settings Below#
####################################
$subject = "easyJet Virtual Registration Confirmation";
$message = "Thank You For Registering At easyJet Virtual

Before you appear on the roster and before you can file pireps you are required to activate your account to do so please click on this link to activate your account http://www.danhill.frihost.net/easyjetv/activate.php?code='$regcode'&id='$pid'";

$headers = "From: register@easyjet-v.tk";
$mailsend = mail($email,$subject,$message,$headers);
#####################################
#End of confirmation e-mail settings#
#####################################


mysql_close();

print "<HTML><TITLE> PHP and MySQL </TITLE><center><table border=\"0\"
width=\"500\"><tr><td>";
print "<p><font face=\"verdana\" size=\"+0\"> <center>You
Just Entered This Information Into the
Database<p><blockquote>";
print "Name : $name
<p>
E-Mail : $email
<p
age : $age
<p>
History : $history
<p>
Url of previous VA or E-Mail address : $webaddyhist
<p>
Your Role within easyJet-V : $role
<p>
Comments : $comments
</blockquote></td></tr></table>
</center></BODY></HTML>";
?>

homer09001

this code keeps returnign teh value #2 as the id fro some reason if i run teh same sql query in phpmyadmin it comes up with teh right id so i cant see where it going wrong

maxpup979

which query? I see 4 of them in the code you posted. Please take a moment and narrow things down for us. Also, print out the bad query before it hits the DB. Are the variables passing properly?

homer09001

ok i onyl count 2 queries on the DB but the one thats bugging me is this one

$idquery = "SELECT id FROM $table WHERE regcode='$regcode'"; 
$results2 = mysql_query($idquery); 
$pid = $results2;

iv echoed it and this is what i get what i want is it to tell me the user id No of the user that just registered then add that to the activation URL along with teh registration code
it returns "Resource #2"

homer09001

all i want to know is how to get it to send the email with teh regcode and the Members ID number i can get it to e-mail the url containign the regcode but i cant get it to send the correct id No

maxpup979

gotcha. see if this works:

$idquery = "SELECT id FROM $table WHERE regcode='$regcode'"; 
$results2 = mysql_query($idquery);
$pid=mysql_result($results2,0,"id");

homer09001

that worked great it send teh id int eh e-mail now problem is the activation page wont work here the code

<? 
$DBhost = "localhost"; /* DON'T CHANGE should be fine as it is ok*/
$DBuser = "******";
$DBpass = "******";
$DBName = "******";
$table = "pilotinfo";  /* DON'T CHANGE*/
mysql_connect($DBhost,$DBuser,$DBpass) or die("Unable to connect to database");

@mysql_select_db($DBName) or die("Unable to select
database $DBName");

$pid = $_REQUEST['pid']; 
$code = $_REQUEST['code']; 

$sql = mysql_query("UPDATE pilotinfo SET visible=1 WHERE id='$pid' AND regcode='$code'")or die("problem 1");  

$sql_doublecheck = mysql_query("SELECT * FROM pilotinfo WHERE id='$pid' AND regcode='$code' AND visible=1")or die("problem 2"); 
$doublecheck = mysql_num_rows($sql_doublecheck)or die("problem 3"); 

if($doublecheck == 0){ 
    echo "Your account could not be visible, please contact [email]webmistress@hollowdreams.net[/email]"; 
} elseif ($doublecheck > 0) { 
    echo "Your account has been visible. You may login below:<br />"; 
} 

?>

the problem is where it has problem 3 written (thats just the error message to show)

i cant see what the problem is though

homer09001

ohh btw the error message is problem 3 so i know its there i just can't understand what it is

maxpup979

Nothing obvious is jumping off the page at me...so...
first, check to see that the URL in the email is correct. If that is OK, then check the update script. if that looks fine, then verify that the update worked. just pop into the DB and make sure that the update is firing as you expected it to. If this is all fine, then we know that the problem is isolated in the select and numrows stuff. Its a starting point...🙂

homer09001

maxpup979 wrote:
Nothing obvious is jumping off the page at me...so...
first, check to see that the URL in the email is correct. If that is OK, then check the update script. if that looks fine, then verify that the update worked. just pop into the DB and make sure that the update is firing as you expected it to. If this is all fine, then we know that the problem is isolated in the select and numrows stuff. Its a starting point...🙂

the URL is correct and the codes are the same as that of the DB but they are not ebign activated by the link its stil getting stuck at teh same place

maxpup979

hehehe. Im slow this morning.

$doublecheck = mysql_num_rows($sql_doublecheck);
if($doublecheck==0){print "problem 3"}

homer09001

hmm ok heres my code now after i added your snippet

<? 
$DBhost = "localhost"; /* DON'T CHANGE should be fine as it is ok*/
$DBuser = "homer090_hill";
$DBpass = "qweasd";
$DBName = "homer090_wcms1";
$table = "pilotinfo";  /* DON'T CHANGE*/
mysql_connect($DBhost,$DBuser,$DBpass) or die("Unable to connect to database");

@mysql_select_db($DBName) or die("Unable to select database $DBName");

$id = $_REQUEST['id']; 
$code = $_REQUEST['code']; 

$sql = mysql_query("UPDATE $table SET visible=1 WHERE regcode='$code' AND id='$id'")or die("problem 1");  

$sql_doublecheck = mysql_query("SELECT * FROM $table WHERE regcode='$code' AND id='$id' AND visible=1")or die("problem 2"); 
 $doublecheck = mysql_num_rows($sql_doublecheck); 

if($doublecheck==0){print "problem 3"  

   echo "Your account could not be activated, please contact [email]webmistress@hollowdreams.net[/email]"; 
} elseif ($doublecheck > 0) 

{ 
    echo "Your account has been activated.<br />"; 
} 

?>

the output is as follows:

Parse error: parse error, unexpected T_ECHO in /home/homer090/public_html/easyjetv/activate.php on line 20

maxpup979

if($doublecheck==0){print "problem 3" ;}

homer09001

i think i foudnmn the problem i just run this command in phpmyadmin essentialy what activate.php is and nothings happening

UPDATE pilotinfo SET visible='1' WHERE id='1' AND regcode='f1ad97880e7b97fb7f17df5a10515f54'

so the code somewhere in there is wrong

and btw that code return an eror itself with the } bracket

maxpup979

grin. of course it does. leave off the bracket if you are going to add it to the existing if ($doublecheck). I did forget the semi on my example. but removing the ad die from numrows was the main point..🙂 and the code worked fine for me...granted, I used garbage data, but it worked...🙂

homer09001

i am sure the problem is within the update code itself i think the problem is its getting the wrong values from the variables? because if i replace the variables in the update command it works but with te variables in it doesnt