...

View Full Version : Activation problems



Ludatha
02-18-2008, 12:40 AM
Hi, I am having trouble with my activation system, I can register, it sends the email, when I click the link in the email it says: "Your account could not be activated"

Could someone help me out?

Live test: http://www.ludatha.com/test/register.php
(Passwords are encrypted)

Register.php


<?php
if (isset($_POST['submitted'])) {
$errors = array();
require_once ('mysql_connect.php');
if (eregi('^[[:alnum:]\.\'\-]{4,30}$', stripslashes(trim($_POST['username']))) ) {

$user = mysql_real_escape_string($_POST['username']);

$query = "SELECT username FROM members WHERE username = '$user'";

$result = @mysql_query($query);

$num = @mysql_num_rows($result);



if ($num> 0) {

$errors[] = '<font color="red">The username you have chosen has already been taken, please try again.</font>';

} else {

$username = mysql_real_escape_string($_POST['username']);

}

} else {

$errors[] = '<font color="red">Please provide a valid username between 4 and 30 characters.</font>';

}


if (!eregi('^[a-zA-Z]+[a-zA-Z0-9_-]*@([a-zA-Z0-9]+){1}(\.[a-zA-Z0-9]+){1,2}', stripslashes(trim($_POST['email'])) )) {

$errors[] = '<font color="red">Please provide a valid email address.</font>';

} else {

$email = mysql_real_escape_string($_POST['email']);

}


if (!empty($_POST['password1'])) {

if ($_POST['password1'] != $_POST['password2']) {

$errors[] = '<font color="red">The 2 passwords you have entered do not match.</font>';

} else {

$password = $_POST['password1'];

}

} else {

$errors[] = '<font color="red">Please provide a password.</font>';

}


if (empty($errors)) {

$a = md5(uniqid(rand(), true));

$query = "INSERT INTO members (username, email, password, active) VALUES ('$username', '$email', SHA('$password'), '$a')";



$result = @mysql_query($query);



if (mysql_affected_rows() == 1) {



// Send the E-Mail

$body = "Thank you for registering at the User Registration site. To activate your account, please click on this link:\n\n";

$body .= "http://www.ludatha.com/test/activate.php?x=" . mysql_insert_id() . "&y=$a";

mail($_POST['email'], 'Registration Confirmation', $body, 'From: bot@ludatha.com');



// Show thank you message

echo '<h3>Thank You!</h3>

You have been registered, you have been sent an e-mail to the address you specified before. Please check your e-mails to activate your account.';

} else {

echo '<font color="red">You could not be registered, please contact us about the problem and we will fix it as soon as we can.</font>';

}


} else {

echo '<h3>Error!</h3>

The following error(s) occured:<br />';



foreach ($errors as $msg) {

echo " - <font color=\"red\">$msg</font><br />\n";

}

}

}

?>


<h3>Register</h3>

<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">

<p><input type="text" name="username" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" size="30" maxlength="30" /> <small>Username</small></p>



<p><input type="password" name="password1" size="30" maxlength="40" /> <small>Password</small></p>



<p><input type="password" name="password2" size="30" maxlength="40" /> <small>Confirm Password</small></p>



<p><input type="text" name="email" size="30" maxlength="30" value="<?php if(isset($_POST['email'])) echo $_POST['email']; ?>" /> <small>Email Address</small></p>



<p><input type="submit" name="submit" value="Register" /></p>

<input type="hidden" name="submitted" value="TRUE" />

</form>





Activate.php


<?php
if (isset($_GET['x'])) {
$x = (int) $_GET['x'];
} else {
$x = 0;
}
if (isset($_GET['y'])) {
$y = $_GET['y'];
} else {
$y = 0;
}

if ( ($x> 0) && (strlen($y) == 32)) {
require_once ('mysql_connect.php');
$query = "UPDATE users SET active=NULL WHERE (user_id=$x AND active='" . $y . "') LIMIT 1";
$result = mysql_query($query);
if (mysql_affected_rows() == 1) {
echo "<h3>Your account is now active. You may now log in.</h3>";
} else {
echo '<p><font color="red" size="+1">Your account could not be activated. Please re-check the link or contact the system administrator.</font></p>';
}
mysql_close();
} else {
echo '<b>Activation link not valid!</b>';
}
?>

Thanks :)

oesxyl
02-18-2008, 03:38 AM
Hi, I am having trouble with my activation system, I can register, it sends the email, when I click the link in the email it says: "Your account could not be activated"

Could someone help me out?

Live test: http://www.ludatha.com/test/register.php
(Passwords are encrypted)

Register.php


<?php
if (isset($_POST['submitted'])) {
$errors = array();
require_once ('mysql_connect.php');
if (eregi('^[[:alnum:]\.\'\-]{4,30}$', stripslashes(trim($_POST['username']))) ) {

$user = mysql_real_escape_string($_POST['username']);

$query = "SELECT username FROM members WHERE username = '$user'";

$result = @mysql_query($query);

$num = @mysql_num_rows($result);



if ($num> 0) {

$errors[] = '<font color="red">The username you have chosen has already been taken, please try again.</font>';

} else {

$username = mysql_real_escape_string($_POST['username']);

}

} else {

$errors[] = '<font color="red">Please provide a valid username between 4 and 30 characters.</font>';

}


if (!eregi('^[a-zA-Z]+[a-zA-Z0-9_-]*@([a-zA-Z0-9]+){1}(\.[a-zA-Z0-9]+){1,2}', stripslashes(trim($_POST['email'])) )) {

$errors[] = '<font color="red">Please provide a valid email address.</font>';

} else {

$email = mysql_real_escape_string($_POST['email']);

}


if (!empty($_POST['password1'])) {

if ($_POST['password1'] != $_POST['password2']) {

$errors[] = '<font color="red">The 2 passwords you have entered do not match.</font>';

} else {

$password = $_POST['password1'];

}

} else {

$errors[] = '<font color="red">Please provide a password.</font>';

}


if (empty($errors)) {

$a = md5(uniqid(rand(), true));

$query = "INSERT INTO members (username, email, password, active) VALUES ('$username', '$email', SHA('$password'), '$a')";



$result = @mysql_query($query);



if (mysql_affected_rows() == 1) {



// Send the E-Mail

$body = "Thank you for registering at the User Registration site. To activate your account, please click on this link:\n\n";

$body .= "http://www.ludatha.com/test/activate.php?x=" . mysql_insert_id() . "&y=$a";

mail($_POST['email'], 'Registration Confirmation', $body, 'From: bot@ludatha.com');



// Show thank you message

echo '<h3>Thank You!</h3>

You have been registered, you have been sent an e-mail to the address you specified before. Please check your e-mails to activate your account.';

} else {

echo '<font color="red">You could not be registered, please contact us about the problem and we will fix it as soon as we can.</font>';

}


} else {

echo '<h3>Error!</h3>

The following error(s) occured:<br />';



foreach ($errors as $msg) {

echo " - <font color=\"red\">$msg</font><br />\n";

}

}

}

?>


<h3>Register</h3>

<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">

<p><input type="text" name="username" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" size="30" maxlength="30" /> <small>Username</small></p>



<p><input type="password" name="password1" size="30" maxlength="40" /> <small>Password</small></p>



<p><input type="password" name="password2" size="30" maxlength="40" /> <small>Confirm Password</small></p>



<p><input type="text" name="email" size="30" maxlength="30" value="<?php if(isset($_POST['email'])) echo $_POST['email']; ?>" /> <small>Email Address</small></p>



<p><input type="submit" name="submit" value="Register" /></p>

<input type="hidden" name="submitted" value="TRUE" />

</form>





Activate.php


<?php
if (isset($_GET['x'])) {
$x = (int) $_GET['x'];
} else {
$x = 0;
}
if (isset($_GET['y'])) {
$y = $_GET['y'];
} else {
$y = 0;
}

if ( ($x> 0) && (strlen($y) == 32)) {
require_once ('mysql_connect.php');
$query = "UPDATE users SET active=NULL WHERE (user_id=$x AND active='" . $y . "') LIMIT 1";
$result = mysql_query($query);
if (mysql_affected_rows() == 1) {
echo "<h3>Your account is now active. You may now log in.</h3>";
} else {
echo '<p><font color="red" size="+1">Your account could not be activated. Please re-check the link or contact the system administrator.</font></p>';
}
mysql_close();
} else {
echo '<b>Activation link not valid!</b>';
}
?>

Thanks :)
probably you miss $result in call of mysql_affected_rows

make your code more easy to debug and more robust, for example:


$numres = mysql_affected_rows($result)
if ($numres == 1) {
echo "<h3>Your account is now active. You may now log in.</h3>";
}elseif($numres == 0){
// unregistered?
} else {
// now this means more then 1 row, check database to see that
// by the way, limit 1 in mysql query, make this case imposible
echo '<p><font color="red" size="+1">Your account could not be activated. Please re-check the link or contact the system administrator.</font></p>';
}


could be also something else.

best regards



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum