I'm currently trying to write my own registration/login procedure for a website, using PHP and MySQL. I understand the basics of PHP, but I'm using Dreamweaver to write the bulk of the code for me, editting it only where I need to. Here is what I have so far:
I have a registration page set-up, that inserts a users email address (after piecing it together from a user-entered email prefix and an email domain taken from a drop down menu),their name and their encrypted password into a table called 'users', and also an encrypted, random confirmation code. It checks their email to ensure it is a unique entry (as this is what will be used to login), and emails them a confirmation link with the confirmation code as part of the URL, checks the URL code against the confirmation code in the database and if they match, it transfers all their information into a table called 'registered_users', deleting the entry from 'users', and sends them to 'userprofile.php'. I still need to change the 'unique user' script at the moment though, because currently it only checks the 'users' table, and not the 'registered_users' table. I haven't quite had time to do this yet.
I also have a login page that works properly, checking their username against the encrypted password, and if they match, it logs them in.
I've run into a couple of hiccups at the minute though:
Should the script send the email if it is being run off localhost? I'm assuming not, but I just wanted to check. Is there any way of testing to see if the email actually gets sent, or can you only do that when it is hosted on a remote server? From what I can tell, it looks like it should work, but I'd like to check it, obviously.
I now want to create a page which allows the user to enter information about themselves into a table called 'userinfo'. However, I want this information to be linked to their login information in 'registered_users', so that the two records are associated with each other. Is the best way to do this using foreign keys, or is there a better way of doing this?
I am currently trying to set a session variable in the login screen (in addition to the 'Usename' session variable), that holds the user_ID of the user that logs in. This is what I have so far (Username session variable has been set):
$Query = ("SELECT id FROM registered_users WHERE email='textfield'");
$Result_ID = mysql_query ($Query, $Conn);
while ($list = mysql_fetch_array($Result_ID)) {
$User_ID = "{$list['id']} <br>";
}
$_SESSION['User_ID'] = $User_ID;
When I echo the session variable User_ID on the next page however, it comes up blank. After playing around a little, it seems that it is looking for 'textfield' in the actual database, rather than taking the user-entered value from the login form. How can I ask it to take the user-entered value rather than the literal term 'textfield'?
Thanks for all your help.
