Here is the processing2.php script for the above script.
processing2.php
<?php
session_start();
$username=trim($_POST['username']);
$username=addslashes($username);//in case of apostrophes
include("dbcon.php");//your own database connection script here or a file to be included
//connect to database and enter data in temporary member table (only good for 24 hours).
$connect=mysql_connect($host,$user,$pass)
or die("Failed to connect to MySQL server. MySQL said: ".mysql_error());
$select=mysql_select_db($database,$connect)
or die("Failed to select the database $database. MySQL said: ".mysql_error());
$query="SELECT username FROM members WHERE username ='$username'";
$result=mysql_query($query,$connect)
or die("Failed the query. MySQL said: ".mysql_error());
$num=mysql_num_rows($result);
if($num>0){//That username exists so send message and exit.
echo"Sorry $username is already taken. Use the back button and try another.";
$_POST['username']="";//set the username to null
exit;
}
//See if they pressed submit and selected yes in the terms of service
if($_POST['register']=='Register' && $_POST['tos']=='yes' && $_POST['underage']=='yes'){
//Make some short variables and assign some session Variables
//Trim all entries with the trim() function to eliminate spaces before and after
//entries that users manually entered (not necessary for selection boxes)
$firstname=trim($_POST['firstname']);
$firstname=addslashes($firstname);
$lastname=trim($_POST['lastname']);
$lastname=addslashes($lastname);
$password=trim($_POST['pass']);
$pass2=trim($_POST['pass2']);
$email=trim($_POST['email']);
$address=trim($_POST['address']);
$_SESSION['address']=$address;
$address=addslashes($address);
$city=trim($_POST['city']);
$city=addslashes($city);
if(!get_magic_quotes_gpc()){
$firstname=mysql_real_escape_string($firstname);//get rid of pesky apostrophes and such
$lastname=mysql_real_escape_string($lastname); //get rid of pesky apostrophes and such
$address=mysql_real_escape_string($address); //get rid of pesky apostrophes and such
$city=mysql_real_escape_string($city); //get rid of pesky apostrophes and such
}
$_SESSION['city']=$city;
$state=trim($_POST['state']);
$_SESSION['state']=$state;
$zip=trim($_POST['zip']);
$_SESSION['zip']=$zip;
$dobm=$_POST['dobm'];//date of birth month from selection box
$dobd=$_POST['dobd'];//date of birth day from selection box
$doby=$_POST['doby'];//date of birth year from selection box
$date="$doby-$dobm-$dobd";//convert to MySQL date format yyyy-mm-dd
$_SESSION['date']=$date;//set dob to session
$occupation=trim($_POST['occupation']);
$_SESSION['occupation']=$occupation;
$random=rand(0,100000);//generate the activation random number for activation from e-mail
$to=$email;//for the email to field of user
$num=0;//set error number to 0
$error="<span style='color:red'>";//set error to nothing except red colored text.
if($firstname==""){
$error="You did not provide a first name.";
$num++;
}
else{
$_SESSION['fname']=$firstname;//assign a session variable for later usage
}
if($lastname==""){
$error.="You did not enter your last name.<br />";
$num++;
}
else{
$_SESSION['lname']=$lastname;//assign $_SESSION
}
if($username==""){
$error.=("You have not entered a username.<br />");
$num++;
}
else{
$_SESSION['username']=$username;
}
if($password==""){
$error.=("You did not enter a psaaword.<br />");
$num++;
}
else{
$_SESSION['password']=$password;
}
if($pass2==""){
$error.=("You did not enter a confirmation password.<br />");
$num++;
}
else $_SESSION['pass2']=$pass2;
if($password != $pass2){
$error.=("Password and confirmation password do not match.<br />");
$num++;
}
if($email==""){
$error.=("An e-mail address was not entered.<br />");
$num++;
}
else{
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)){
$error.=("The e-mail address you entered is invalid.<br />");
$num++;
}
$_SESSION['email']=$email;
}
if($num=="0"){
//do the further processing here database update and mail information little welcome message.
//encode password
$_SESSION['random']=$random;
$password=md5($password);//assign session random in case they activate now instead of e-mail.
$query="INSERT INTO temp (firstname,lastname,username,password,email,address,city,state,zip,dob,occupation,random)VALUES('$firstname','$lastname','$username','$password','$email','$address','$city','$state','$zip','$date','$occupation','$random')";//set up insert data into temp table query
$result=mysql_query($query)//execute the query or exit
or die("Query failed. MySQL said: ".mysql_error());
//mysql_close();
$message ="<html><body><center><h3>Your Account Activation Information</h3></center>";
$message .= "You or someone using your e-mail address <b>$email</b> has registered with our website. ";
$message .="If you recieved this e-mail in error please send an e-mail to <a href='mailto:youremailstuff.com'>Our Webmaster</a>With the subject of REMOVE ME<br /><br />";
$message .="To activate your account click on the following link <a href='http://localhost/activate.php?active=$random'>http://localhost/activate.php?active=$random</a> If you use <b>AOL</b> you might have to copy and paste the link into your address bar.<br /><br />";
$message .="Your username (login name) is $username<br />and your password is $pass2.<br /><br /> This password was encoded when inserting it into our database and is not retrievable so you might want to print this page and keep it in a safe place. To finish activation you need to enter your username (login name) and password to complete the process at the link provided with this message.<br /><br />If this is not done within the next day (24 hours) this information will be purged from the database and you will have to re-register.";
$message .= "</body></html>";
$message = wordwrap($message,72,"\r\n");//limit line length to 72 characters
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'From: youemailstuff.com'."\r\n".
'Reply-To: youremailstuff.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to,'Account Activation',$message,$headers);//mail to user
echo "The form has been accepted and the information has been entered into the database. You ";
echo "will recieve an e-mail (usually within ten minutes) with activation instructions which must ";
echo "be used within the next 24 hours or you will have to re-register. The below information is ";
echo "what you provided and will be entered temporarily into the database till activated:<br /><br />";
echo "You may also activate from this page and keep the email you will recieve for your records.";
echo "You will need the activation code which is the next line so write it down or copy it and paste ";
echo "it in the appropriate area of the form on the page the link after the activation code will give ";
echo "you to complete the registration process. Your activation code is $random to use it right now ";
echo "you will need to use <a href='action.php'><b>this link</b></a> to finish registration.";
echo "<h4>First name: $firstname <br />Last name: $lastname<br />
Username (login name): $username<br />";
echo "Desired password: $pass2<br />E-Mail Address: $email<br />";
echo "Street Address: $address<br />City: $city<br />State: $state Zip Code: $zip<br />";
echo "Date of Birth: $dobm-$dobd-$doby (Month-day-year).<br />";
echo "Your occupation: $occupation </h4><br />";
exit("<h3>Thank you for your time in filling out the form! Welcome to our site.</h3>");
}
else{
//There were errors in the form
echo "There are $num errors in your submission, they are listed below:";
echo "$error </span><br /> Press your back button to correct them.";
}
}
else{
echo "You failed to answer yes to the <span style='color:blue'>Terms of Service</span> and the age question. Press your back button to correct!";
}
?>
