Hi to everyone, im need some help, im have a register form on my website, here are the form: register.php <? include("includes/session.php"); include("templates/header.php"); include("templates/header_sub.php"); ?> <table width="725" border="0" align="center"> <tr> <td> <? /** * The user is already logged in, not allowed to register. */ if($session->logged_in){ echo "<h1>Registered</h1>"; echo "<p>We're sorry <b>$session->username</b>, but you've already registered. " ."<a href=\"$web_path\">Go back Home</a>.</p>"; } /** * The user has submitted the registration form and the * results have been processed. */ elseif(isset($_SESSION['regsuccess'])){ /* Registration was successful */ if($_SESSION['regsuccess']){ echo "<h3>Registered!</h3>"; echo "<p>Thank you <b>".$_SESSION['reguname']."</b>, your information has been added to the database, " ."you may now <a href=\"".$web_path."main.php\">log in</a>.</p>"; } /* Registration failed */ else{ echo "<h3>Registration Failed</h3>"; echo "<p>We're sorry, but an error has occurred and your registration for the username <b>".$_SESSION['reguname']."</b>, " ."could not be completed.<br>You will be redirected back to the register page in a few seconds.</p><br>"; echo "<script language=javascript> setTimeout(\"location.href='register.php'\", 5000); </script>"; } unset($_SESSION['regsuccess']); unset($_SESSION['reguname']); } /** * The user has not filled out the registration form yet. * Below is the page with the sign-up form, the names * of the input fields are important and should not * be changed. */ else{ ?> <table align="center" border="0" width="728"> <tr> <td valign="top"><p><br> <? echo $settings[reg_text]; echo "<br>"; ?> </td> </tr> <tr><td> </td></tr> <td valign="top"> <?if($_GET['error']!="") { echo "<div class=\"little-box\">$_GET[error]</div>"; } ?> </td> </tr> <script type="text/javascript"> function verifyEmail(){ var emailRegEx = /^[A-Z0-9._%+-]+@yahoo+\.[A-Z]{2,4}$/i; if (document.register.email.value.search(emailRegEx) == 1) { alert("Please enter a valid email address."); return false; } else { document.myform.submit(); } </script> <td valign="top"> <form name="Register" action="<?=$web_path;?>process.php" method="POST" onSubmit="return ValidateForm()"> <table align="left" border="0" cellspacing="0" cellpadding="3"> <tr><td colspan="2"> </td></tr> <? if($form->num_errors > 0){ echo "<tr><td colspan=\"2\"><font size=\"1\" color=\"#ff0000\">".$form->num_errors." error(s) found</td></tr>"; } ?> <? if($_GET['message'] !=""){ echo "<tr><td colspan=\"2\"><font size=\"1\" color=\"#ff0000\">".$_GET['message']."</td></tr>"; } ?> <tr><td colspan="2"> </td></tr> <tr><td>Username:</td><td><input type="text" name="user" maxlength="30" value="<? echo $form->value("user"); ?>"></td><td><? echo $form->error("user"); ?></td></tr> <tr><td>Password:</td><td><input type="password" name="pass" maxlength="30" value="<? echo $form->value("pass"); ?>"></td><td><? echo $form->error("pass"); ?></td></tr> <tr><td>Email:</td><td><input type="text" name="email" maxlength="50" value="<? echo $form->value("email"); ?>"></td><td><? echo $form->error("email"); ?></td></tr> <tr><td colspan="2" align="right"> require_once('recaptchalib.php'); $publickey = "6LfAjQcAAAAAAC1Keenhop3mGGS_ujdb_iSQl3Pt"; // you got this from the signup page echo recaptcha_get_html($publickey); <input type="hidden" name="subjoin" value="1"> <input type="submit" value="Join!"></td></tr> <tr><td colspan="2"> </td></tr> <tr><td colspan="2" align="left"><a href="main.php">Already registered? Click here to login!</a></td></tr> </table> </form> </td><td width="310" align="center" valign="top"> <?=$ads['box_ad'];?></td></tr></table> <? } ?> </td> </tr> </table> </td> </tr> </table> <?php include("templates/footer.php");?> </body> </html> PHP: And here are the process.php what is validate the form: <? include("includes/session.php"); class Process { /* Class constructor */ function Process(){ global $session; /* User submitted login form */ if(isset($_POST['sublogin'])){ $this->procLogin(); } /* User submitted registration form */ else if(isset($_POST['subjoin'])){ $this->procRegister(); } /* User submitted forgot password form */ else if(isset($_POST['subforgot'])){ $this->procForgotPass(); } /* User submitted edit account form */ else if(isset($_POST['subedit'])){ $this->procEditAccount(); } /** * The only other reason user should be directed here * is if he wants to logout, which means user is * logged in currently. */ else if($session->logged_in){ $this->procLogout(); } /** * Should not get here, which means user is viewing this page * by mistake and therefore is redirected. */ else{ header("Location: main.php"); } } /** * procLogin - Processes the user submitted login form, if errors * are found, the user is redirected to correct the information, * if not, the user is effectively logged in to the system. */ function procLogin(){ global $session, $form; /* Login attempt */ $retval = $session->login($_POST['user'], $_POST['pass'], isset($_POST['remember'])); /* Login successful */ if($retval){ header("Location: ".$session->referrer); } /* Login failed */ else{ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = $form->getErrorArray(); header("Location: ".$session->referrer); } } /** * procLogout - Simply attempts to log the user out of the system * given that there is no logout form to process. */ function procLogout(){ global $session; $retval = $session->logout(); header("Location: main.php"); } /** * procRegister - Processes the user submitted registration form, * if errors are found, the user is redirected to correct the * information, if not, the user is effectively registered with * the system and an email is (optionally) sent to the newly * created user. */ function procRegister(){ global $session, $form, $mailer; /* Convert username to all lowercase (by option) */ // if(ALL_LOWERCASE){ $_POST['user'] = strtolower($_POST['user']); // } /* Registration attempt */ // $retval = $session->register($_POST['user'], $_POST['pass'], $_POST['email']); $result = mysql_query("SELECT COUNT(*) FROM users WHERE username = '".$_POST['user']."'") or die(mysql_error()); $row = mysql_fetch_array( $result ); if($row[0]==0){ $retval=0; }else{ $retval=2; } //if(!isset($_POST['user'])||!isset($_POST['pass'])||!isset($_POST['email'])){ // $retval=1; // } else if(strlen($_POST[user])<3){ $retval=3; } if(strlen($_POST[pass])<6){ $retval=4; } $email = $_POST['email']; $email = mysql_real_escape_string($email); if (eregi("@yahoo", $email)) { $retval = 5; } if($retval==0){ mysql_query("INSERT INTO users (`username`,`password`,`userid`,`userlevel`,`email`,`timestamp`) VALUES('".$_POST['user']."', '".md5($_POST['pass'])."','".md5($_POST['user'])."','1','".$_POST['email']."',NOW() ) ") or die(mysql_error()); } /* Registration Successful */ if($retval == 0){ $_SESSION['reguname'] = $_POST['user']; $_SESSION['regsuccess'] = true; $mailer->sendWelcome($_POST['user'],$_POST['email'],$_POST['pass']); header("Location: ".$session->referrer); } /* Error found with form */ else if($retval == 1){ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = "Please fill in all data."; header("Location: ".$session->referrer); } /* Registration attempt failed */ else if($retval == 2){ $_SESSION['reguname'] = $_POST['user']; $_SESSION['regsuccess'] = false; header("Location: ".$session->referrer); } /* Registration attempt failed */ else if($retval == 3){ $_SESSION['reguname'] = $_POST['user']; // $_SESSION['regsuccess'] = false; header("Location: ".$session->referrer."?error=Error: Please Make Sure Username is 3 characters or more."); } /* Registration attempt failed */ else if($retval == 4){ $_SESSION['reguname'] = $_POST['user']; // $_SESSION['regsuccess'] = false; header("Location: ".$session->referrer."?error=Error: Please Make Sure Password is 6 characters or more."); } else if ($retval == 5){ $_SESSION['reguname'] = $_POST['user']; // $_SESSION['regsuccess'] = false; header("Location: ".$session->referrer."?error=Error: Please Make Sure E-mail is not a Yahoo account"); } } /** * procForgotPass - Validates the given username then if * everything is fine, a new password is generated and * emailed to the address the user gave on sign up. */ function procForgotPass(){ global $database, $session, $mailer, $form; /* Username error checking */ $subuser = $_POST['user']; $field = "user"; //Use field name for username if(!$subuser || strlen($subuser = trim($subuser)) == 0){ $form->setError($field, "* Username not entered<br>"); } else{ /* Make sure username is in database */ $subuser = stripslashes($subuser); if(strlen($subuser) < 3 || strlen($subuser) > 30 || !eregi("^([0-9a-z_-])+$", $subuser) || (!$database->usernameTaken($subuser))){ $form->setError($field, "* Username does not exist<br>"); } } /* Get email of user */ $usrinf = $database->getUserInfo($subuser); $email = $usrinf['email']; if($_POST['email']!=$email){ $form->setError('email', "* Email does not match<br>"); } /* Errors exist, have user correct them */ if($form->num_errors > 0){ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = $form->getErrorArray(); } /* Generate new password and email it to user */ else{ /* Generate new password */ $newpass = $session->generateRandStr(8); /* Attempt to send the email with new password */ if($mailer->sendNewPass($subuser,$email,$newpass)){ /* Email sent, update database */ $database->updateUserField($subuser, "password", md5($newpass)); $_SESSION['forgotpass'] = true; } /* Email failure, do not change password */ else{ $_SESSION['forgotpass'] = false; } } header("Location: ".$session->referrer); } /** * procEditAccount - Attempts to edit the user's account * information, including the password, which must be verified * before a change is made. */ function procEditAccount(){ global $session, $form; /* Account edit attempt */ $retval = $session->editAccount($_POST['curpass'], $_POST['newpass'], $_POST['email']); /* Account edit successful */ if($retval){ $_SESSION['useredit'] = true; header("Location: ".$session->referrer); } /* Error found with form */ else{ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = $form->getErrorArray(); header("Location: ".$session->referrer); } } }; /* Initialize process */ $process = new Process; ?> PHP: If you check the code, when the user forgot the password, the system generate a new password, i want what when the user register the user dont make the password, i want what the system send to his email. How i can do that? i hope somebody can help me, thanks
I don't think you will find this a problem, especially, when you write the whole code above on you own. Anyway, your problem is quite easy to deal with. First, in register.php, remove password field. Then, in process.php, remove the $_POST[pass]. Add: generate random pass + mail function to mail to email (check if mail successfully sent).Then write password to databse + everything else. Finally, you're done. You have random password sent to user's email address. If you cannot figure it out, just reply, I will post a complete php code .
Try these codes, if some error happens, post the error message here register.php <? include("includes/session.php"); include("templates/header.php"); include("templates/header_sub.php"); ?> <table width="725" border="0" align="center"> <tr> <td> <? /** * The user is already logged in, not allowed to register. */ if($session->logged_in){ echo "<h1>Registered</h1>"; echo "<p>We're sorry <b>$session->username</b>, but you've already registered. " ."<a href=\"$web_path\">Go back Home</a>.</p>"; } /** * The user has submitted the registration form and the * results have been processed. */ elseif(isset($_SESSION['regsuccess'])){ /* Registration was successful */ if($_SESSION['regsuccess']){ echo "<h3>Registered!</h3>"; echo "<p>Thank you <b>".$_SESSION['reguname']."</b>, your information has been added to the database, " ."you may now <a href=\"".$web_path."main.php\">log in</a>.</p>"; } /* Registration failed */ else{ echo "<h3>Registration Failed</h3>"; echo "<p>We're sorry, but an error has occurred and your registration for the username <b>".$_SESSION['reguname']."</b>, " ."could not be completed.<br>You will be redirected back to the register page in a few seconds.</p><br>"; echo "<script language=javascript> setTimeout(\"location.href='register.php'\", 5000); </script>"; } unset($_SESSION['regsuccess']); unset($_SESSION['reguname']); } /** * The user has not filled out the registration form yet. * Below is the page with the sign-up form, the names * of the input fields are important and should not * be changed. */ else{ ?> <table align="center" border="0" width="728"> <tr> <td valign="top"><p><br> <? echo $settings[reg_text]; echo "<br>"; ?> </td> </tr> <tr><td> </td></tr> <td valign="top"> <?if($_GET['error']!="") { echo "<div class=\"little-box\">$_GET[error]</div>"; } ?> </td> </tr> <script type="text/javascript"> function verifyEmail(){ var emailRegEx = /^[A-Z0-9._%+-]+@yahoo+\.[A-Z]{2,4}$/i; if (document.register.email.value.search(emailRegEx) == 1) { alert("Please enter a valid email address."); return false; } else { document.myform.submit(); } </script> <td valign="top"> <form name="Register" action="<?=$web_path;?>process.php" method="POST" onSubmit="return ValidateForm()"> <table align="left" border="0" cellspacing="0" cellpadding="3"> <tr><td colspan="2"> </td></tr> <? if($form->num_errors > 0){ echo "<tr><td colspan=\"2\"><font size=\"1\" color=\"#ff0000\">".$form->num_errors." error(s) found</td></tr>"; } ?> <? if($_GET['message'] !=""){ echo "<tr><td colspan=\"2\"><font size=\"1\" color=\"#ff0000\">".$_GET['message']."</td></tr>"; } ?> <tr><td colspan="2"> </td></tr> <tr><td>Username:</td><td><input type="text" name="user" maxlength="30" value="<? echo $form->value("user"); ?>"></td><td><? echo $form->error("user"); ?></td></tr> <tr><td>Email:</td><td><input type="text" name="email" maxlength="50" value="<? echo $form->value("email"); ?>"></td><td><? echo $form->error("email"); ?></td></tr> <tr><td colspan="2" align="right"> require_once('recaptchalib.php'); $publickey = "6LfAjQcAAAAAAC1Keenhop3mGGS_ujdb_iSQl3Pt"; // you got this from the signup page echo recaptcha_get_html($publickey); <input type="hidden" name="subjoin" value="1"> <input type="submit" value="Join!"></td></tr> <tr><td colspan="2"> </td></tr> <tr><td colspan="2" align="left"><a href="main.php">Already registered? Click here to login!</a></td></tr> </table> </form> </td><td width="310" align="center" valign="top"> <?=$ads['box_ad'];?></td></tr></table> <? } ?> </td> </tr> </table> </td> </tr> </table> <?php include("templates/footer.php");?> </body> </html> PHP: process.php <? include("includes/session.php"); class Process { /* Class constructor */ function Process(){ global $session; /* User submitted login form */ if(isset($_POST['sublogin'])){ $this->procLogin(); } /* User submitted registration form */ else if(isset($_POST['subjoin'])){ $this->procRegister(); } /* User submitted forgot password form */ else if(isset($_POST['subforgot'])){ $this->procForgotPass(); } /* User submitted edit account form */ else if(isset($_POST['subedit'])){ $this->procEditAccount(); } /** * The only other reason user should be directed here * is if he wants to logout, which means user is * logged in currently. */ else if($session->logged_in){ $this->procLogout(); } /** * Should not get here, which means user is viewing this page * by mistake and therefore is redirected. */ else{ header("Location: main.php"); } } /** * procLogin - Processes the user submitted login form, if errors * are found, the user is redirected to correct the information, * if not, the user is effectively logged in to the system. */ function procLogin(){ global $session, $form; /* Login attempt */ $retval = $session->login($_POST['user'], $_POST['pass'], isset($_POST['remember'])); /* Login successful */ if($retval){ header("Location: ".$session->referrer); } /* Login failed */ else{ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = $form->getErrorArray(); header("Location: ".$session->referrer); } } /** * procLogout - Simply attempts to log the user out of the system * given that there is no logout form to process. */ function procLogout(){ global $session; $retval = $session->logout(); header("Location: main.php"); } /** * procRegister - Processes the user submitted registration form, * if errors are found, the user is redirected to correct the * information, if not, the user is effectively registered with * the system and an email is (optionally) sent to the newly * created user. */ function procRegister(){ global $session, $form, $mailer; /* Convert username to all lowercase (by option) */ // if(ALL_LOWERCASE){ $_POST['user'] = strtolower($_POST['user']); // } /* Registration attempt */ // $retval = $session->register($_POST['user'], $_POST['pass'], $_POST['email']); $result = mysql_query("SELECT COUNT(*) FROM users WHERE username = '".$_POST['user']."'") or die(mysql_error()); $row = mysql_fetch_array( $result ); if($row[0]==0){ $retval=0; }else{ $retval=2; } //if(!isset($_POST['user'])||!isset($_POST['pass'])||!isset($_POST['email'])){ // $retval=1; // } else if(strlen($_POST[user])<3){ $retval=3; } $pass= rand(1000000, 99999999); $email = $_POST['email']; $email = mysql_real_escape_string($email); if (eregi("@yahoo", $email)) { $retval = 5; } if($retval==0){ $mailer->sendWelcome($_POST['user'],$_POST['email'], $pass); mysql_query("INSERT INTO users (`username`,`password`,`userid`,`userlevel`,`email`,`timestamp`) VALUES('".$_POST['user']."', '".md5($pass)."','".md5($_POST['user'])."','1','".$_POST['email']."',NOW() ) ") or die(mysql_error()); } /* Registration Successful */ if($retval == 0){ $_SESSION['reguname'] = $_POST['user']; $_SESSION['regsuccess'] = true; $mailer->sendWelcome($_POST['user'],$_POST['email'],$_POST['pass']); header("Location: ".$session->referrer); } /* Error found with form */ else if($retval == 1){ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = "Please fill in all data."; header("Location: ".$session->referrer); } /* Registration attempt failed */ else if($retval == 2){ $_SESSION['reguname'] = $_POST['user']; $_SESSION['regsuccess'] = false; header("Location: ".$session->referrer); } /* Registration attempt failed */ else if($retval == 3){ $_SESSION['reguname'] = $_POST['user']; // $_SESSION['regsuccess'] = false; header("Location: ".$session->referrer."?error=Error: Please Make Sure Username is 3 characters or more."); } /* Registration attempt failed */ else if($retval == 4){ $_SESSION['reguname'] = $_POST['user']; // $_SESSION['regsuccess'] = false; header("Location: ".$session->referrer."?error=Error: Please Make Sure Password is 6 characters or more."); } else if ($retval == 5){ $_SESSION['reguname'] = $_POST['user']; // $_SESSION['regsuccess'] = false; header("Location: ".$session->referrer."?error=Error: Please Make Sure E-mail is not a Yahoo account"); } } /** * procForgotPass - Validates the given username then if * everything is fine, a new password is generated and * emailed to the address the user gave on sign up. */ function procForgotPass(){ global $database, $session, $mailer, $form; /* Username error checking */ $subuser = $_POST['user']; $field = "user"; //Use field name for username if(!$subuser || strlen($subuser = trim($subuser)) == 0){ $form->setError($field, "* Username not entered<br>"); } else{ /* Make sure username is in database */ $subuser = stripslashes($subuser); if(strlen($subuser) < 3 || strlen($subuser) > 30 || !eregi("^([0-9a-z_-])+$", $subuser) || (!$database->usernameTaken($subuser))){ $form->setError($field, "* Username does not exist<br>"); } } /* Get email of user */ $usrinf = $database->getUserInfo($subuser); $email = $usrinf['email']; if($_POST['email']!=$email){ $form->setError('email', "* Email does not match<br>"); } /* Errors exist, have user correct them */ if($form->num_errors > 0){ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = $form->getErrorArray(); } /* Generate new password and email it to user */ else{ /* Generate new password */ $newpass = $session->generateRandStr(8); /* Attempt to send the email with new password */ if($mailer->sendNewPass($subuser,$email,$newpass)){ /* Email sent, update database */ $database->updateUserField($subuser, "password", md5($newpass)); $_SESSION['forgotpass'] = true; } /* Email failure, do not change password */ else{ $_SESSION['forgotpass'] = false; } } header("Location: ".$session->referrer); } /** * procEditAccount - Attempts to edit the user's account * information, including the password, which must be verified * before a change is made. */ function procEditAccount(){ global $session, $form; /* Account edit attempt */ $retval = $session->editAccount($_POST['curpass'], $_POST['newpass'], $_POST['email']); /* Account edit successful */ if($retval){ $_SESSION['useredit'] = true; header("Location: ".$session->referrer); } /* Error found with form */ else{ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = $form->getErrorArray(); header("Location: ".$session->referrer); } } }; /* Initialize process */ $process = new Process; ?> PHP: BTW, you didn't code those files on your own right? Just wonder.
Hi, i didnt write the code, and works great, only what the system sent 2 equals emails only one without any password and other with the password and dont check if the email is register, so, any user can use the same email or register various account with the same email address
oops, my fault. Here is the code for process.php <? include("includes/session.php"); class Process { /* Class constructor */ function Process(){ global $session; /* User submitted login form */ if(isset($_POST['sublogin'])){ $this->procLogin(); } /* User submitted registration form */ else if(isset($_POST['subjoin'])){ $this->procRegister(); } /* User submitted forgot password form */ else if(isset($_POST['subforgot'])){ $this->procForgotPass(); } /* User submitted edit account form */ else if(isset($_POST['subedit'])){ $this->procEditAccount(); } /** * The only other reason user should be directed here * is if he wants to logout, which means user is * logged in currently. */ else if($session->logged_in){ $this->procLogout(); } /** * Should not get here, which means user is viewing this page * by mistake and therefore is redirected. */ else{ header("Location: main.php"); } } /** * procLogin - Processes the user submitted login form, if errors * are found, the user is redirected to correct the information, * if not, the user is effectively logged in to the system. */ function procLogin(){ global $session, $form; /* Login attempt */ $retval = $session->login($_POST['user'], $_POST['pass'], isset($_POST['remember'])); /* Login successful */ if($retval){ header("Location: ".$session->referrer); } /* Login failed */ else{ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = $form->getErrorArray(); header("Location: ".$session->referrer); } } /** * procLogout - Simply attempts to log the user out of the system * given that there is no logout form to process. */ function procLogout(){ global $session; $retval = $session->logout(); header("Location: main.php"); } /** * procRegister - Processes the user submitted registration form, * if errors are found, the user is redirected to correct the * information, if not, the user is effectively registered with * the system and an email is (optionally) sent to the newly * created user. */ function procRegister(){ global $session, $form, $mailer; /* Convert username to all lowercase (by option) */ // if(ALL_LOWERCASE){ $_POST['user'] = strtolower($_POST['user']); // } /* Registration attempt */ // $retval = $session->register($_POST['user'], $_POST['pass'], $_POST['email']); $result = mysql_query("SELECT COUNT(*) FROM users WHERE username = '".$_POST['user']."'") or die(mysql_error()); $row = mysql_fetch_array( $result ); if($row[0]==0){ $retval=0; }else{ $retval=2; } //if(!isset($_POST['user'])||!isset($_POST['pass'])||!isset($_POST['email'])){ // $retval=1; // } else if(strlen($_POST[user])<3){ $retval=3; } $pass= rand(1000000, 99999999); $email = $_POST['email']; $email = mysql_real_escape_string($email); if (eregi("@yahoo", $email)) { $retval = 5; } if($retval==0){ $mailer->sendWelcome($_POST['user'],$_POST['email'], $pass); mysql_query("INSERT INTO users (`username`,`password`,`userid`,`userlevel`,`email`,`timestamp`) VALUES('".$_POST['user']."', '".md5($pass)."','".md5($_POST['user'])."','1','".$_POST['email']."',NOW() ) ") or die(mysql_error()); } /* Registration Successful */ if($retval == 0){ $_SESSION['reguname'] = $_POST['user']; $_SESSION['regsuccess'] = true; header("Location: ".$session->referrer); } /* Error found with form */ else if($retval == 1){ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = "Please fill in all data."; header("Location: ".$session->referrer); } /* Registration attempt failed */ else if($retval == 2){ $_SESSION['reguname'] = $_POST['user']; $_SESSION['regsuccess'] = false; header("Location: ".$session->referrer); } /* Registration attempt failed */ else if($retval == 3){ $_SESSION['reguname'] = $_POST['user']; // $_SESSION['regsuccess'] = false; header("Location: ".$session->referrer."?error=Error: Please Make Sure Username is 3 characters or more."); } /* Registration attempt failed */ else if($retval == 4){ $_SESSION['reguname'] = $_POST['user']; // $_SESSION['regsuccess'] = false; header("Location: ".$session->referrer."?error=Error: Please Make Sure Password is 6 characters or more."); } else if ($retval == 5){ $_SESSION['reguname'] = $_POST['user']; // $_SESSION['regsuccess'] = false; header("Location: ".$session->referrer."?error=Error: Please Make Sure E-mail is not a Yahoo account"); } } /** * procForgotPass - Validates the given username then if * everything is fine, a new password is generated and * emailed to the address the user gave on sign up. */ function procForgotPass(){ global $database, $session, $mailer, $form; /* Username error checking */ $subuser = $_POST['user']; $field = "user"; //Use field name for username if(!$subuser || strlen($subuser = trim($subuser)) == 0){ $form->setError($field, "* Username not entered<br>"); } else{ /* Make sure username is in database */ $subuser = stripslashes($subuser); if(strlen($subuser) < 3 || strlen($subuser) > 30 || !eregi("^([0-9a-z_-])+$", $subuser) || (!$database->usernameTaken($subuser))){ $form->setError($field, "* Username does not exist<br>"); } } /* Get email of user */ $usrinf = $database->getUserInfo($subuser); $email = $usrinf['email']; if($_POST['email']!=$email){ $form->setError('email', "* Email does not match<br>"); } /* Errors exist, have user correct them */ if($form->num_errors > 0){ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = $form->getErrorArray(); } /* Generate new password and email it to user */ else{ /* Generate new password */ $newpass = $session->generateRandStr(8); /* Attempt to send the email with new password */ if($mailer->sendNewPass($subuser,$email,$newpass)){ /* Email sent, update database */ $database->updateUserField($subuser, "password", md5($newpass)); $_SESSION['forgotpass'] = true; } /* Email failure, do not change password */ else{ $_SESSION['forgotpass'] = false; } } header("Location: ".$session->referrer); } /** * procEditAccount - Attempts to edit the user's account * information, including the password, which must be verified * before a change is made. */ function procEditAccount(){ global $session, $form; /* Account edit attempt */ $retval = $session->editAccount($_POST['curpass'], $_POST['newpass'], $_POST['email']); /* Account edit successful */ if($retval){ $_SESSION['useredit'] = true; header("Location: ".$session->referrer); } /* Error found with form */ else{ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = $form->getErrorArray(); header("Location: ".$session->referrer); } } }; /* Initialize process */ $process = new Process; ?> PHP: This one should work as it's supposed to .