1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Help with a php script .. User registration / email activation...

Discussion in 'PHP' started by Dominic Ceraso, Apr 24, 2015.

0
  1. #1
    Okay guys, I need a little help - I have a php based website that I am building and I have the user membership / registration working. Meaning when someone registers it inserts the email, name, and password (md5) into the database, along with the randomly generated activation code that I have the registration script cook up. Now, They receive the e-mail and click the link for activation. I need to be able to when they click the link to activate the account have them type in their e-mail and/or activation code from the e-mail and then have the database update the table 'confirm_activation' to 1 instead of 0 this should allow the user's to actually get to the dashboard and use the site. I have everything working up until the point of the confirm_activation being able to switch from 0 to 1 upon successful activation. I am using mysqli as my DB connection. Here is the code:

    register-auth.php
    <?php
   
    require 'connection.php';
   
   
    $chars = array("1","2","3","4","5","6","7","8","9");
    $length = 6;
    $textstr = " ";
    for ($i=0; $i<$length; $i++) {
        $textstr .= $chars[rand(0, count($chars)-1)];
    }
   
   
    if(count($_POST) !== 3)
    {
        echo 'Please fill all the fields.';
    }


    if (!($stmt = $link->prepare("INSERT INTO users (name, email, password, activation) VALUES (?, ?, ?, ?)"))) {
        echo "Prepare failed: (" . $link->errno . ") " . $link->error;
    }
   
    $stmt->bind_param("sssi", $_POST['fullName'], $_POST['email'], md5($_POST['password']), $textstr);
   
    if (!$stmt->execute()) {
        echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
    }
   
       


    echo "Activation Email Sent.";

    $mail_to= $_POST['email'];
    $mail_subject="Email Activation - ISE";
    $mail_body.="This email will activate your account with ISE.<br>\r\n";
    $mail_body.="Your Activation Code is: $textstr <br> \r\n";
    $mail_body.="Click the following link to activate now.<br> \r\n";
    $mail_body.="<a href='http://steelcitydevstudios.com/dev/ise/activation-form.php?username=$username&activation=$textstr'>Click Here</a>";
    $sent = mail($mail_to,$mail_subject,$mail_body,
    'MIME-Version: 1.0' . "\r\n" .
    'Content-type: text/html; charset=UTF-8' . "\r\n" .
    'From: ise@steelcitydevstudios.com' . "\r\n" .
    'Reply-To: ise@steelcitydevstudios.com' . "\r\n" .
    'X-Mailer: PHP/' . phpversion());
       
    //} else {
    //    echo "Failed to send activation code, please contact support.";
    //}

?>
    PHP:
    acivation-form.php
    <?php
    include_once('functions.php');
    displayHeader('Activation');
?>

<div class="row register">
        <div class="col-md-7">
            <div class="reg-box">
                <form class="register" name="reg-form" method="post" action="check-activation-script.php">
                    <div id="reg-logo">
                        <p class="reg">Finish Activation</p>
                            <img class="login-logo" src="/dev/ise/images/logo.png" alt="Information Security Education" width="296px" height="62px">
                    </div>
                        <hr>
                        <label class="login">Email:</label>
                            <input type="text" name="email" id="email" placeholder="" required autocomplete="off" >
                        <label class="login">Activation Code:</label>
                            <input type="text" name="activation_code" id="activation_code" placeholder="" required autocomplete="off" >
                            <input type="submit" id="continue" value="Activate">
                </form>
                       
                        <hr class="registerbox-btm">
                            <p>Already have an account? <a href="login.php">Login</a></p>
            </div>
        </div>
            <div class="col-md-5">
            <h1 class="register">Welcome To ISE!</h1>
                <h2 class="register-content">Here you’ll find the most advanced, efficient and fun employee training portal online!</h2> <br>
            <h1 class="register"> Scheduling, Training, Communication</h1>
                <h2 class="register-content">Use our dashboard and communication portal to establish training sessions for your employee’s or set your training times and collaborate ith your employer.</h2> <br>
            <h1 class="register">Train, Quiz, Get Certified!</h1>
                <h2 class="register-content">View our premium training videos, while answering our test questions as a popup inside the video! Get a passing mark and receive a ISE certification!</h2>
        </div>

</div>



                       
                       



<?php
    displayFooter();
?>
    PHP:
    check-activation.php
    <?php
   
    require 'connection.php';
   
   
    $email = $_POST['email'];
    $activation_code = $_POST['activation_code'];
    //$command = "UPDATE users SET check_activation='1' WHERE email='$email' AND activation='$activation_code'";
       
        if (!($stmt = $link->prepare("UPDATE users SET check_verification VALUE (?) WHERE email='$email' AND activation='$activation'")));
   
    $stmt->bind_param('i', $activation_status);
   
    $activation_status = 1;   
   
    $stmt->execute();

    $result = mysql_query($command);
    if ($result) {
        echo "Congratulations, Your account has been successfully activated! You may now begin using our site.";
    } else {
        echo "Youve entered an invalid activation code / email. - Please try again.";
    }
   
    ?>
    PHP:
    database table (users)
    CREATE TABLE IF NOT EXISTS `users` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `email` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
  `name` varchar(255) COLLATE utf8_unicode_ci NOT NULL COMMENT 'user''s name',
  `password` varchar(255) COLLATE utf8_unicode_ci NOT NULL COMMENT 'will be case-sensitive',
  `active` enum('N','Y') COLLATE utf8_unicode_ci NOT NULL DEFAULT 'N' COMMENT 'is this user active?',
  `deleted` enum('N','Y') COLLATE utf8_unicode_ci NOT NULL DEFAULT 'N' COMMENT 'is the user deleted?',
  `is_god` enum('N','Y') COLLATE utf8_unicode_ci NOT NULL DEFAULT 'N',
  `accountType` int(11) NOT NULL COMMENT '0=Employee, 1=Company, 2=Site_Admin',
  `activation` int(6) NOT NULL DEFAULT '0',
  `check_activation` int(6) NOT NULL DEFAULT '0',
  PRIMARY KEY (`id`)
) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci COMMENT='The backend users' AUTO_INCREMENT=16 ;
    Code (SQL):
    the url is http://steelcitydevstudios.com/dev/ise/register.php
     
    Dominic Ceraso, Apr 24, 2015 IP
  2. PoPSiCLe

    PoPSiCLe Illustrious Member

    Messages:
    4,623
    Likes Received:
    725
    Best Answers:
    152
    Trophy Points:
    470
    #2
    Why are you using enum('N','Y') on the active and deleted columns? Why not just use tinyint (boolean) 1/0?
    Second, if you have sent a user a link, then all you need to do is use that link - there's no reason for the user to fill out even more forms?
    Send the user a link containing the user's email, and the unique activation code, something like this: http://www.example.com?page=activate&email=something@example.com&activationcode=asbd4w798347sase
    Then you check if that activation code matches the one in the DB for the user with that email-address, and if it does, you flip the value to 1.
     
    PoPSiCLe, Apr 24, 2015 IP