Ludatha
02-17-2008, 11:40 PM
Hi, I am having trouble with my activation system, I can register, it sends the email, when I click the link in the email it says: "Your account could not be activated"
Could someone help me out?
Live test: http://www.ludatha.com/test/register.php
(Passwords are encrypted)
Register.php
<?php
if (isset($_POST['submitted'])) {
$errors = array();
require_once ('mysql_connect.php');
if (eregi('^[[:alnum:]\.\'\-]{4,30}$', stripslashes(trim($_POST['username']))) ) {
$user = mysql_real_escape_string($_POST['username']);
$query = "SELECT username FROM members WHERE username = '$user'";
$result = @mysql_query($query);
$num = @mysql_num_rows($result);
if ($num> 0) {
$errors[] = '<font color="red">The username you have chosen has already been taken, please try again.</font>';
} else {
$username = mysql_real_escape_string($_POST['username']);
}
} else {
$errors[] = '<font color="red">Please provide a valid username between 4 and 30 characters.</font>';
}
if (!eregi('^[a-zA-Z]+[a-zA-Z0-9_-]*@([a-zA-Z0-9]+){1}(\.[a-zA-Z0-9]+){1,2}', stripslashes(trim($_POST['email'])) )) {
$errors[] = '<font color="red">Please provide a valid email address.</font>';
} else {
$email = mysql_real_escape_string($_POST['email']);
}
if (!empty($_POST['password1'])) {
if ($_POST['password1'] != $_POST['password2']) {
$errors[] = '<font color="red">The 2 passwords you have entered do not match.</font>';
} else {
$password = $_POST['password1'];
}
} else {
$errors[] = '<font color="red">Please provide a password.</font>';
}
if (empty($errors)) {
$a = md5(uniqid(rand(), true));
$query = "INSERT INTO members (username, email, password, active) VALUES ('$username', '$email', SHA('$password'), '$a')";
$result = @mysql_query($query);
if (mysql_affected_rows() == 1) {
// Send the E-Mail
$body = "Thank you for registering at the User Registration site. To activate your account, please click on this link:\n\n";
$body .= "http://www.ludatha.com/test/activate.php?x=" . mysql_insert_id() . "&y=$a";
mail($_POST['email'], 'Registration Confirmation', $body, 'From: bot@ludatha.com');
// Show thank you message
echo '<h3>Thank You!</h3>
You have been registered, you have been sent an e-mail to the address you specified before. Please check your e-mails to activate your account.';
} else {
echo '<font color="red">You could not be registered, please contact us about the problem and we will fix it as soon as we can.</font>';
}
} else {
echo '<h3>Error!</h3>
The following error(s) occured:<br />';
foreach ($errors as $msg) {
echo " - <font color=\"red\">$msg</font><br />\n";
}
}
}
?>
<h3>Register</h3>
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
<p><input type="text" name="username" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" size="30" maxlength="30" /> <small>Username</small></p>
<p><input type="password" name="password1" size="30" maxlength="40" /> <small>Password</small></p>
<p><input type="password" name="password2" size="30" maxlength="40" /> <small>Confirm Password</small></p>
<p><input type="text" name="email" size="30" maxlength="30" value="<?php if(isset($_POST['email'])) echo $_POST['email']; ?>" /> <small>Email Address</small></p>
<p><input type="submit" name="submit" value="Register" /></p>
<input type="hidden" name="submitted" value="TRUE" />
</form>
Activate.php
<?php
if (isset($_GET['x'])) {
$x = (int) $_GET['x'];
} else {
$x = 0;
}
if (isset($_GET['y'])) {
$y = $_GET['y'];
} else {
$y = 0;
}
if ( ($x> 0) && (strlen($y) == 32)) {
require_once ('mysql_connect.php');
$query = "UPDATE users SET active=NULL WHERE (user_id=$x AND active='" . $y . "') LIMIT 1";
$result = mysql_query($query);
if (mysql_affected_rows() == 1) {
echo "<h3>Your account is now active. You may now log in.</h3>";
} else {
echo '<p><font color="red" size="+1">Your account could not be activated. Please re-check the link or contact the system administrator.</font></p>';
}
mysql_close();
} else {
echo '<b>Activation link not valid!</b>';
}
?>
Thanks :)
Could someone help me out?
Live test: http://www.ludatha.com/test/register.php
(Passwords are encrypted)
Register.php
<?php
if (isset($_POST['submitted'])) {
$errors = array();
require_once ('mysql_connect.php');
if (eregi('^[[:alnum:]\.\'\-]{4,30}$', stripslashes(trim($_POST['username']))) ) {
$user = mysql_real_escape_string($_POST['username']);
$query = "SELECT username FROM members WHERE username = '$user'";
$result = @mysql_query($query);
$num = @mysql_num_rows($result);
if ($num> 0) {
$errors[] = '<font color="red">The username you have chosen has already been taken, please try again.</font>';
} else {
$username = mysql_real_escape_string($_POST['username']);
}
} else {
$errors[] = '<font color="red">Please provide a valid username between 4 and 30 characters.</font>';
}
if (!eregi('^[a-zA-Z]+[a-zA-Z0-9_-]*@([a-zA-Z0-9]+){1}(\.[a-zA-Z0-9]+){1,2}', stripslashes(trim($_POST['email'])) )) {
$errors[] = '<font color="red">Please provide a valid email address.</font>';
} else {
$email = mysql_real_escape_string($_POST['email']);
}
if (!empty($_POST['password1'])) {
if ($_POST['password1'] != $_POST['password2']) {
$errors[] = '<font color="red">The 2 passwords you have entered do not match.</font>';
} else {
$password = $_POST['password1'];
}
} else {
$errors[] = '<font color="red">Please provide a password.</font>';
}
if (empty($errors)) {
$a = md5(uniqid(rand(), true));
$query = "INSERT INTO members (username, email, password, active) VALUES ('$username', '$email', SHA('$password'), '$a')";
$result = @mysql_query($query);
if (mysql_affected_rows() == 1) {
// Send the E-Mail
$body = "Thank you for registering at the User Registration site. To activate your account, please click on this link:\n\n";
$body .= "http://www.ludatha.com/test/activate.php?x=" . mysql_insert_id() . "&y=$a";
mail($_POST['email'], 'Registration Confirmation', $body, 'From: bot@ludatha.com');
// Show thank you message
echo '<h3>Thank You!</h3>
You have been registered, you have been sent an e-mail to the address you specified before. Please check your e-mails to activate your account.';
} else {
echo '<font color="red">You could not be registered, please contact us about the problem and we will fix it as soon as we can.</font>';
}
} else {
echo '<h3>Error!</h3>
The following error(s) occured:<br />';
foreach ($errors as $msg) {
echo " - <font color=\"red\">$msg</font><br />\n";
}
}
}
?>
<h3>Register</h3>
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
<p><input type="text" name="username" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" size="30" maxlength="30" /> <small>Username</small></p>
<p><input type="password" name="password1" size="30" maxlength="40" /> <small>Password</small></p>
<p><input type="password" name="password2" size="30" maxlength="40" /> <small>Confirm Password</small></p>
<p><input type="text" name="email" size="30" maxlength="30" value="<?php if(isset($_POST['email'])) echo $_POST['email']; ?>" /> <small>Email Address</small></p>
<p><input type="submit" name="submit" value="Register" /></p>
<input type="hidden" name="submitted" value="TRUE" />
</form>
Activate.php
<?php
if (isset($_GET['x'])) {
$x = (int) $_GET['x'];
} else {
$x = 0;
}
if (isset($_GET['y'])) {
$y = $_GET['y'];
} else {
$y = 0;
}
if ( ($x> 0) && (strlen($y) == 32)) {
require_once ('mysql_connect.php');
$query = "UPDATE users SET active=NULL WHERE (user_id=$x AND active='" . $y . "') LIMIT 1";
$result = mysql_query($query);
if (mysql_affected_rows() == 1) {
echo "<h3>Your account is now active. You may now log in.</h3>";
} else {
echo '<p><font color="red" size="+1">Your account could not be activated. Please re-check the link or contact the system administrator.</font></p>';
}
mysql_close();
} else {
echo '<b>Activation link not valid!</b>';
}
?>
Thanks :)