Hello again... so soon too.
I had great success (nor a novice) yesterday getting my flash form & PHP to populate my database...
Now I've been asked to generate a password & then send a validation email!
Perhaps simple for some - impossible for me!
I've added some code which has basically stopped the data being set to my database at all. ;(
Can anyone see anything wrong with my code?
Please help! I am lost.
Main PHP
activate.php
I had great success (nor a novice) yesterday getting my flash form & PHP to populate my database...
Now I've been asked to generate a password & then send a validation email!
Perhaps simple for some - impossible for me!
I've added some code which has basically stopped the data being set to my database at all. ;(
Can anyone see anything wrong with my code?
Please help! I am lost.
Main PHP
Code:
<?php require("db.php"); /*php varibales to be used for next php script*/ $first_name = $_POST['first_name']; $last_name = $_POST['last_name']; $website_url = $_POST['website_url']; $bus_name = $_POST['bus_name']; $contact_number = $_POST['contact_number']; $website_cat = $_POST['website_cat']; $website_caption = $_POST['website_caption']; $email_address = $_POST['email_address']; $continent = $_POST['continent']; $enter_coord = $_POST['enter_coord']; $total_boxes = $_POST['total_boxes']; $box_numbers = $_POST['box_numbers']; $need_website = $_POST['need_website']; $terms = $_POST['terms']; /* Strip any escape characters etc */ $first_name = stripslashes($first_name); $last_name = stripslashes($last_name); $website_url = stripslashes($website_url); $bus_name = stripslashes($bus_name); $contact_number = stripslashes($contact_number); $website_cat = stripslashes($website_cat); $website_caption = stripslashes($website_caption); $email_address = stripslashes($email_address); $continent = stripslashes($continent); $enter_coord = stripslashes($enter_coord); $total_boxes = stripslashes($total_boxes); $box_numbers = stripslashes($box_numbers); $need_website = stripslashes($need_website); $terms = stripslashes($terms); function makeRandomPassword() { $salt = "abchefghjkmnpqrstuvwxyz0123456789"; srand((double)microtime()*1000000); $i = 0; while ($i <= 7) { $num = rand() % 33; $tmp = substr($salt, $num, 1); $pass = $pass . $tmp; $i++; } return $pass; } $random_password = makeRandomPassword(); $password = md5($random_password); $q1 = "INSERT INTO Customers ( first_name, last_name, website_url, bus_name, contact_number, website_cat, website_caption, email_address, continent, enter_coord, total_boxes, box_numbers, need_website , terms, db_password ) VALUES ( '$first_name', '$last_name', '$website_url', '$bus_name', '$contact_number', '$website_cat', '$website_caption', '$email_address' , '$continent', '$enter_coord', '$total_boxes', '$box_numbers', '$need_website', '$terms', '$db_password' )"; $rslt1 = mysql_query($q1, $con) or die("Query failed"); if(!$rslt1){ echo 'There has been an error creating your account. Please contact the webmaster.'; } else { $userid = mysql_insert_id(); // Let's mail the user! $subject = "Your Membership at company!"; $message = "Dear $first_name $last_name, Thank you for registering at http://www.company.com! I require you to activate your application. Activation gives me confidence that your application is genuine and not a web robot. To activate your application, please click here: http://www.company.com/activate.php?code=$db_password Once you activate your application, I will assess your membership against our site's mission (my aim is to do this within 48 hours). Thanks! hiap. This is an automated response, please do not reply!"; mail($email_address, $subject, $message, "From: hiap at company <admin@company.com>\nX-Mailer: PHP/" . phpversion()); } mysql_close($con); // header('Location: thankyou.html'); // Onece You uncomment this after submitting data you can call for another Page from PHP it self ?>
Code:
<? /* Account activation script */ // Get database connection include 'db.php'; // Create variables from URL. $ID = $_REQUEST['id']; $code = $_REQUEST['code']; //echo "memberid = $memberid"; //echo "code = $code"; $sql = mysql_query("UPDATE member SET activated='1' WHERE memberid='$ID' AND db_password='$code'"); //echo "sql = $sql"; $sql_doublecheck = mysql_query("SELECT * FROM member WHERE memberid='$ID' AND db_password='$code' AND activated='1'"); $doublecheck = mysql_num_rows($sql_doublecheck); //echo "sql_doublecheck = $sql_doublecheck"; //echo "doublecheck = $doublecheck"; if($doublecheck == 0){ echo "<strong><font color=red>Your application could not be activated!</font></strong>"; } elseif ($doublecheck > 0) { echo "<strong>Your application has been activated! We will now assess your site against company.com's purpose. We aim to get back to you within 48 hours.</strong> <br />"; // include 'index.htm'; } ?>
Comment