[RESOLVED] Need help with an activation page

Seitan

Here is my code, all that happens is it just redirects the user to my homepage. I took the redirect code out and all I get is a blank page. Can someone please help.

<?php # activate.php
// This page activates the user's account.

// Include the configuration file for error management and such.
require_once('./php/config.inc.php');

// Set the page title and include the HTML header.
$page_title = 'Activate Your Account';
include ('../php/header.php');

// Validate $GET['x'] and $GET['y'].
if (isset($GET['x'])) {
$x = (int) $GET['x'];
} else {
$x = 0;
}
if (isset($GET['y'])) {
$y = $GET['y'];
} else {
$y = 0;
}

// If $x and $y aren't correct, redirect the user.
if ( ($x > 0) && (strlen($y) == 32)) {

require_once ('/whereever/mysql_connect.php'); // Connect to the
database.
$query = "UPDATE users SET active= NULL WHERE (user_id=$x AND
active='" . escape_data($y) . "')LIMIT 1";
$result = mysql_query ($query) or trigger_error("Query: $query\n
<br />MySQL Error: " . mysql_error());

// Print a customized message.
if (mysql_affected_rows() == 1) {
echo "<h3>Your account is now active. You may now log in.</h3>";
} else {
echo '<p><font color="red"size="-1">Your account could not
be activated. Please re-check the link or contact the system
administrator.</font></p>';
}
mysql_close();

} else { // Redirect.

// Start defining the URL.
$url = 'http://www.ourvegankitchen.com';

ob_end_clean(); //Delete the buffer.
header("Location: $url");
exit(); //Quit the script.

} // End of main IF-ELSE.

include ('../php/footer.php');
?>

Seitan

sorry, did I mention the user gets an activation code in an email. it looks something like this

http://www.enteryoururl.com/activate.php?x=0&y=7f59512882edebf53dd6609279de63c2

NogDog

In your example link, you have "x=0" in your URL query string, so the following check will be false, thus redirecting the user:

// If $x and $y aren't correct, redirect the user.
if ( ($x > 0) && (strlen($y) == 32)) {

Seitan

Alright I see......well all of my activation codes have a 0 in them, so it must be my register page.....here is my code, I've been playing around with this for the last couple of days and I thought I got all of the bugs worked out.....could someone help me?

<?php # register.php
// This is the registration page for the site.

// Include the configuration file for error management and such.
require_once ('../php/config.inc.php');

// Set the page title and include the HTML header.
$page_title = 'Register';

include ('../php/header.php');

if (isset($_POST['submitted'])) { // Handle the form.

require_once ('../Somewhere/mysql_connect.php');
// Connect to the database.

if (eregi("^{[[:alpha:].'-]{2,15}$",} stripslashes(trim($POST['first_name'])))) {
$fn = escape_data($POST['first_name']);
} else {
$fn = FALSE;
echo '<div id="errorecho"><p><font color="red" size="1">Please enter your first name</font></p></div>';
}

if (eregi("^{[[:alpha:].'-]{2,30}$",} stripslashes(trim($POST['last_name'])))) {
$ln = escape_data($POST['last_name']);
} else {
$ln = FALSE;
echo '<div id="errorecho"><p><font color="red" size="1">Please enter your last name</font></p></div>';
}

if (eregi("^{[[:alnum:]][a-z0-9.-]*@[a-z0-9.-]+.[a-z]{2,4}$",} stripslashes(trim($POST['email'])))) {
$e = escape_data($_POST['email']);
} else {
$e = FALSE;
echo '<div id="errorecho"><p><font color="red" size="1">Please enter a valid email address</font></p></div>'
;
}

if (eregi("^{[[:alnum:]]{4,20}$",} stripslashes(trim($POST['user_name'])))) {
$u = escape_data($_POST['user_name']);
} else {
$u = FALSE;
echo '<div id="errorecho"><p><font color="red" size="1">Please enter a valid username</font></p></div>';
}

if (eregi("^{[[:alnum:]]{4,20}$",} stripslashes(trim($POST['password1'])))) {
if ($POST['password1'] == $POST['password2']) {
$p = escape_data($POST['password1']);
} else {
$p = FALSE;
echo '<div id="errorecho"><p><font color="red" size="1">Your password did not match the confirmed password</font></p></div>';
}
} else {
$p = FALSE;
echo '<div id="errorecho"><p><font color="red" size="1">Please enter a valid password</font></p></div>';
}
if ($u && $fn && $ln && $e && $p) { // If everything's OK.

// Check for previous registration.
// Make sure the email address is available.
$query = "SELECT user_name FROM users WHERE user_name ='$u'";
$result = mysql_query ($query) or trigger_error("Query:
$query\n<br/>MySQL Error: " . mysql_error());

  if (mysql_num_rows($result) == 0) { // Available.

    // Create the activation code.
    $a = md5(uniqid(rand(), true));

    // Add the user.
    $query = "INSERT INTO users (user_name, email, password,
    first_name, last_name, active, registration_date)
    VALUES ('$u','$e', SHA('$p'), '$fn', '$ln','$a', NOW() )";
    $result = mysql_query ($query) or trigger_error("Query: 
    $query\n<br/>MySQL Error: " . mysql_error());

       if (mysql_affected_rows()== 1) {

           // Send the email.
          $body = "Thank you for registering at the somewhere. To activate your account, please
          click on this link: http://www.somewhere.com/activate.php?x=" . mysql_insert_id() . "&y=$a";
          mail($_POST['email'],'Registration Confirmation',
          $body);


          // Finish the page.
          echo '<h3>Thank you for registering! A confirmation
          email has been sent to your address. Please click on
          the link in that email in order to activate your
          account.</h3>';
          include ('../php/footer.php'); // Include the HTML footer.
          exit();

       } else { // If it did not run OK.
          echo '<p><font color="red" size="-1">You could not
          be registered due to a system error. We apologize for any
          inconvenience. </font></p>';
      }

       } else { // The email address is not available.
          echo '<p><font color="red" size="-1">That username
          has already been taken. If you have forgotten
          your password,use the link to have your password sent to
          you.</font></p>';
       }

    } else { // If one of the data tests failed.
       echo '<p><font color="red" size="-1">Please try
       again.</font>
       </p>';
    }

    mysql_close(); // Close the database connection.

} // End of the main Submit conditional.
?>

<h2>Register</h2>
<div align = "left">
<form action="register.php" method="post">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>User Name: <br>
<input type="text" name="user_name" size="15" maxlength="15"
value="<?php if (isset($POST['user_name']))
echo $POST['user_name']; ?>" /></td>
<td>Email Address: <br>
<input type="text" name="email" size="20" maxlength="40"
value="<?php if (isset($POST['email'])) echo $POST ['email']; ?>" /></td>
</tr>
<tr>
<td>First Name: <br>
<input type="text" name="first_name" size="15" maxlength="15"
value="<?php if (isset($POST['first_name']))
echo $POST['first_name']; ?>" /></td>
<td>Password Minimum 5 Characters <br>
<input type="password" name="password1" size="10"
maxlength="20" /></td>
</tr>
<tr>
<td>Last Name: <br>
<input type="text" name="last_name" size="15"maxlength="30"
value="<?php if (isset($POST['last_name']))
echo $POST['last_name']; ?>" /></td>
<td><p>Confirm Password:<br>
<input type="password" name="password2" size="10"
maxlength="20" >
</td>
</tr>
</table>
<p><div align="center">
<input type="submit" name= "submit" value="Register" />
</p>
<input type="hidden" name= "submitted" value="TRUE" />
</form>
</div align>
</div>
<?php
include ('../php/footer.php');
?>

Seitan

Alright so I realized that I forgot to put the user_id field in my user table......im such a noob, anyways now Im getting THIS error when I run the activation script....can someone please help me

Fatal error: main() [function.require]: Failed opening required '../somewhere/mysql_connect.php' (include_path='.:/usr/local/lib/php') in /homepages/29/d178597021/htdocs/activate.php on line 26

Seitan

Alright I got it, nevermind, but thanks anyways tho