Random password for final validation! Help!

**ak1dnar** · Mar 20 '07, 06:42 AM

Variables mismatch in the function and SQL script for password.

[PHP]<?php
function makeRandomPassw ord()
{
$salt = "abchefghjkmnpq rstuvwxyz012345 6789";
srand((double)m icrotime()*1000 000);
$i = 0;
while ($i <= 7) {
$num = rand() % 33;
$tmp = substr($salt, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}

$random_passwor d = makeRandomPassw ord();

$db_password = md5($random_pas sword); // Error was in this line
echo $db_password; // No need of this Line for your Original...
?>[/PHP]

**Head In A Pan** · Mar 20 '07, 06:57 AM

Hey mate - how's it going? ;)

Thanks for the response -
Tried that code and mail is going through...

But when I click on the activation link it gives me this error:

Warning: mysql_num_rows( ): supplied argument is not a valid MySQL result resource in /home/woeru/public_html/db_test/activate.php on line 30
Your application could not be activated!

And I notice on the activation link string there appears to be no 'code' as such
ie: To activate your application, please click here:
http://www.website.com/db_test/activate.php?co de=

My activate.php is this:

Code:

<?

/* Account activation script */



// Get database connection

include 'db.php';



// Create variables from URL.



$memberid = $_REQUEST['id'];

$code = $_REQUEST['code'];

//echo "memberid = $memberid";
//echo "code = $code";

$sql = mysql_query("UPDATE Customers SET activated='1' WHERE memberid='$memberid' AND db_password='$code'");

//echo "sql = $sql";

$sql_doublecheck = mysql_query("SELECT * FROM Customers WHERE memberid='$memberid' AND db_password='$code' AND activated='1'");

$doublecheck = mysql_num_rows($sql_doublecheck);

//echo "sql_doublecheck = $sql_doublecheck";	
//echo "doublecheck = $doublecheck";

if($doublecheck == 0){

	echo "<strong><font color=red>Your application could not be activated!</font></strong>";

} elseif ($doublecheck > 0) {

	echo "<strong>Your application has been activated!   We will now assess your site against whereonearthru.com's purpose.   We aim to get back to you within 48 hours.</strong> <br />";

// 	include 'index.htm'; 

}



?>

**ak1dnar** · Mar 20 '07, 07:06 AM

Replace this area with this in your mail script:

[PHP]$message = 'Dear '.$first_name.' '.$last_name.',
Thank you for registering at http://www.company.com !

I require you to activate your application. Activation gives me confidence that your application is genuine and not a web robot.

To activate your application, please click here: http://www.company.com/activate.php?co de='.$db_passwo rd.'

Once you activate your application, I will assess your membership against our site\'s mission (my aim is to do this within 48 hours).

Thanks!
hiap.

This is an automated response, please do not reply!';[/PHP]

**Head In A Pan** · Mar 20 '07, 07:19 AM

Hmmm.
Weird -
I tried that before but tried again with your most recent post.
Still that same horrible error!

Warning: mysql_num_rows( ): supplied argument is not a valid MySQL result resource in /home/woeru/public_html/db_test/activate.php on line 30
Your application could not be activated!

At least we're getting a random number in the link string now...

**Head In A Pan** · Mar 20 '07, 07:23 AM

Hang on!
The data is now going through to the database with the random password!
But we're still getting that horrible message...

I thought this code was meant to wait until it was activated before posting the data.
Now I'm EXTRA confused! ;-/

**ak1dnar** · Mar 20 '07, 07:39 AM

This Query under Activte.php asking two parameters.

Code:

$sql = mysql_query("UPDATE member SET activated='1' WHERE memberid='$ID' AND db_password='$code'");

$ID and $code

But from your mail script you are passing just only this code variable.you have to get the member id from the table after inserting values and initialize it in variable named $id. then pass it to the url.

[PHP]'******http://www.company.com/activate.php?co de='.$db_passwo rd.'&id='.$id.' ******'[/PHP]

from Activate.php get it back and pass it to SQL query.

[PHP]$ID = $_REQUEST['id'];

$code = $_REQUEST['code'];[/PHP]

or

[PHP]$ID = $_GET['id'];

$code = $_GET['code'];[/PHP]

**Head In A Pan** · Mar 20 '07, 08:29 AM

Hello again...
I don't know what I've done now... Nothing is working. ;(
Not even getting any email at all anymore.

i may have set you off on the wrong track from the start - by trying to recycle the old codes from the site I'm upgrading.

Here's the specs (if you can still be bothered)
I am so sorry if I've made this more difficult!!

I'll be back soon to see how you go. ;)
Thanks again.

Database name is: woeru_buy
Table name is: Customers
My Id field name is: memberid

My First php is:

Code:

<?php
require("db.php");


/*php varibales to be used for next php script*/

$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$website_url = $_POST['website_url'];
$bus_name = $_POST['bus_name'];
$contact_number = $_POST['contact_number'];
$website_cat = $_POST['website_cat'];
$website_caption = $_POST['website_caption'];
$email_address = $_POST['email_address'];
$continent = $_POST['continent'];
$enter_coord = $_POST['enter_coord'];
$total_boxes = $_POST['total_boxes'];
$box_numbers = $_POST['box_numbers'];
$need_website = $_POST['need_website'];
$terms = $_POST['terms'];

/* Strip any escape characters etc */

$first_name = stripslashes($first_name);
$last_name = stripslashes($last_name);
$website_url = stripslashes($website_url);
$bus_name = stripslashes($bus_name);
$contact_number = stripslashes($contact_number);
$website_cat = stripslashes($website_cat);
$website_caption = stripslashes($website_caption);
$email_address = stripslashes($email_address);
$continent = stripslashes($continent);
$enter_coord = stripslashes($enter_coord);
$total_boxes = stripslashes($total_boxes);
$box_numbers = stripslashes($box_numbers);
$need_website = stripslashes($need_website);
$terms = stripslashes($terms);

function makeRandomPassword() 

{

  $salt = "abchefghjkmnpqrstuvwxyz0123456789";

  srand((double)microtime()*1000000); 

      $i = 0;

      while ($i <= 7) {

            $num = rand() % 33;

            $tmp = substr($salt, $num, 1);

            $pass = $pass . $tmp;

            $i++;

      }

      return $pass;

}



$random_password = makeRandomPassword();



$db_password = md5($random_password); // Error was in this line




$q1 = "INSERT INTO Customers (
first_name,
last_name,
website_url,
bus_name,
contact_number,
website_cat,
website_caption,
email_address,
continent,
enter_coord,
total_boxes,
box_numbers,
need_website ,
terms,
db_password
) VALUES (
'$first_name',
'$last_name',
'$website_url',
'$bus_name',
'$contact_number',
'$website_cat',
'$website_caption',
'$email_address' ,
'$continent',
'$enter_coord',
'$total_boxes',
'$box_numbers',
'$need_website',
'$terms',
'$db_password'
)";

$rslt1 = mysql_query($q1, $con) or die("Query failed");             

 if(!$rslt1){
	echo 'There has been an error creating your account. Please contact the webmaster.';
} else {
	$userid = mysql_insert_id();
	// Let's mail the user!
	$subject = "Your Membership at whereonearthru!";
	$message = 'Dear '.$first_name.' '.$last_name.',

    Thank you for registering at http://www.whereonearthru.com!

    

    I require you to activate your application.   Activation gives me confidence that your application is genuine and not a web robot.

    

    To activate your application, please click here:  '******http://www.company.com/activate.php?code='.$db_password.'&id='.$id.'******'

    

    Once you activate your application, I will assess your membership against our site\'s mission (my aim is to do this within 48 hours).

    

    Thanks!

   Ed Jacka.

    

    This is an automated response, please do not reply!'; 

	
	mail($email_address, $subject, $message, "From: Ed at whereonearthru <admin@whereonearthareyou.com>\nX-Mailer: PHP/" . phpversion());
}
mysql_close($con);
// header('Location: thankyou.html');
// Onece You uncomment this after submitting data you can call for another Page from PHP it self
?>

activate.php is:

Code:

<?

/* Account activation script */



// Get database connection

include 'db.php';



// Create variables from URL.




$ID = $_REQUEST['id'];

$code = $_REQUEST['code'];

//echo "memberid = $memberid";
//echo "code = $code";

$sql = mysql_query("UPDATE Customers SET activated='1' WHERE memberid='$ID' AND db_password='$code'");

//echo "sql = $sql";

$sql_doublecheck = mysql_query("SELECT * FROM Customers WHERE memberid='$ID' AND db_password='$code' AND activated='1'");

$doublecheck = mysql_num_rows($sql_doublecheck);

//echo "sql_doublecheck = $sql_doublecheck";	
//echo "doublecheck = $doublecheck";

if($doublecheck == 0){

	echo "<strong><font color=red>Your application could not be activated!</font></strong>";

} elseif ($doublecheck > 0) {

	echo "<strong>Your application has been activated!   We will now assess your site against company.com's purpose.   We aim to get back to you within 48 hours.</strong> <br />";

// 	include 'index.htm'; 

}



?>

**ak1dnar** · Mar 20 '07, 09:38 AM

As i feel this script is not your own one. if that you should have idea about the the variables that you have already used.
try to do the coding by your self, Otherwise next time also you will do the same
Thing.
Try to understand what i have done. Nothing is new here i have already post the solution in previous posts.

[PHP]<?php
require("db.php ");

/*php varibales to be used for next php script*/

$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$website_url = $_POST['website_url'];
$bus_name = $_POST['bus_name'];
$contact_number = $_POST['contact_number '];
$website_cat = $_POST['website_cat'];
$website_captio n = $_POST['website_captio n'];
$email_address = $_POST['email_address'];
$continent = $_POST['continent'];
$enter_coord = $_POST['enter_coord'];
$total_boxes = $_POST['total_boxes'];
$box_numbers = $_POST['box_numbers'];
$need_website = $_POST['need_website'];
$terms = $_POST['terms'];

/* Strip any escape characters etc */

$first_name = stripslashes($f irst_name);
$last_name = stripslashes($l ast_name);
$website_url = stripslashes($w ebsite_url);
$bus_name = stripslashes($b us_name);
$contact_number = stripslashes($c ontact_number);
$website_cat = stripslashes($w ebsite_cat);
$website_captio n = stripslashes($w ebsite_caption) ;
$email_address = stripslashes($e mail_address);
$continent = stripslashes($c ontinent);
$enter_coord = stripslashes($e nter_coord);
$total_boxes = stripslashes($t otal_boxes);
$box_numbers = stripslashes($b ox_numbers);
$need_website = stripslashes($n eed_website);
$terms = stripslashes($t erms);

function makeRandomPassw ord()

{

$salt = "abchefghjkmnpq rstuvwxyz012345 6789";

srand((double)m icrotime()*1000 000);

$i = 0;

while ($i <= 7) {

$num = rand() % 33;

$tmp = substr($salt, $num, 1);

$pass = $pass . $tmp;

$i++;

}

return $pass;

}

$random_passwor d = makeRandomPassw ord();

$db_password = md5($random_pas sword); // Error was in this line

$q1 = "INSERT INTO Customers (
first_name,
last_name,
website_url,
bus_name,
contact_number,
website_cat,
website_caption ,
email_address,
continent,
enter_coord,
total_boxes,
box_numbers,
need_website ,
terms,
db_password
) VALUES (
'$first_name',
'$last_name',
'$website_url',
'$bus_name',
'$contact_numbe r',
'$website_cat',
'$website_capti on',
'$email_address ' ,
'$continent',
'$enter_coord',
'$total_boxes',
'$box_numbers',
'$need_website' ,
'$terms',
'$db_password'
)";

$rslt1 = mysql_query($q1 , $con) or die("Query failed");

if(!$rslt1){
echo 'There has been an error creating your account. Please contact the webmaster.';
} else {
$userid = mysql_insert_id ();
// Let's mail the user!
$subject = "Your Membership at whereonearthru! ";
$message = 'Dear '.$first_name.' '.$last_name.',

Thank you for registering at http://www.whereoneart hru.com!
I require you to activate your application. Activation gives me confidence that your application is genuine and not a web robot. To activate your application, please click here: http://www.company.com/activate.php?co de='.$db_passwo rd.'&id='.$user id.'
Once you activate your application, I will assess your membership against our site\'s mission (my aim is to do this within 48 hours).Thanks!
Ed Jacka.
This is an automated response, please do not reply!';
mail($email_add ress, $subject, $message, "From: Ed at whereonearthru <admin@whereone arthareyou.com> \nX-Mailer: PHP/" . phpversion());
}
mysql_close($co n);
// header('Locatio n: thankyou.html') ;
// Onece You uncomment this after submitting data you can call for another Page from PHP it self
?>[/PHP]

**ak1dnar** · Mar 20 '07, 09:41 AM

Please wrap your php lines with [PHP] instead of [CODE],its hard to read.

**ak1dnar** · Mar 20 '07, 12:17 PM

May know the status of the script. Did you try to find out the problem.

since you have to pass the member id with the URL you have to trap the member id from the Table records. i think in your sql table this user id is Auto_increment. so that once you enter the records the last id will this function and value will be set to $userid variable.
[PHP]$userid = mysql_insert_id ();[/PHP]
again same user id i passed with your URL.both ID and password will get by activate.php.

Random password for final validation! Help!

Random password for final validation! Help!

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment