PHP & MySQL Login / Registration System help.

WeberForums.com Forum Index -> PHP General

View previous topic :: View next topic   Author Message europeanteens Joined: 13 Jul 2008 Posts: 16 Posted: Sun Jul 13, 2008 3:56 pm    Post subject: PHP & MySQL Login / Registration System help. Hello I have a website at www.europeanteens.byethost17.com and if you navigate to the members page you'll see the login system, and if you click "Not a member? Signup now!" It'll take you to the registration page. It took me ages to make but I'm running into a few problems with it, basically when people signup it sends their info to a temporary database, then when they've verifyed their email their removed from the temporary table, and moved into the actual members table. But you see, when someone gets put into the temp_members table I see all their information, thats all good. But when they verify their email, and but into the members table all their information is blank, and only their ID number is displayed, why? I do not know and thats what I need help with. Here is the tutorial I followed: http://phpeasystep.com/phptu/24.html And here are the codes for all of the pages, I CENSORED the passwords. Signup.php where users enter their info, this is the form code: Code: <form action="signup_ac.php" method="post" name="form1" id="form1">                       <table width="100%" border="1" cellpadding="0" cellspacing="4" bordercolor="#000033">                         <tr>                           <td colspan="3" bgcolor="#000033"><span class="style30">Sign up</span></td>                         </tr>                         <tr>                           <td width="76" bgcolor="#000033"><span class="style29">Name</span></td>                           <td width="3" bgcolor="#000033"><span class="style31">:</span></td>                           <td width="305" bgcolor="#000033"><input name="name" type="text" id="name" size="30" /></td>                         </tr>                         <tr>                           <td bgcolor="#000033"><span class="style29">E-mail</span></td>                           <td bgcolor="#000033"><span class="style31">:</span></td>                           <td bgcolor="#000033"><input name="email" type="text" id="email" size="30" /></td>                         </tr>                         <tr>                           <td bgcolor="#000033"><span class="style29">Password</span></td>                           <td bgcolor="#000033"><span class="style31">:</span></td>                           <td bgcolor="#000033"><input name="password" type="password" id="password" size="30" /></td>                         </tr>                         <tr>                           <td bgcolor="#000033"><span class="style29">Country</span></td>                           <td bgcolor="#000033"><span class="style31">:</span></td>                           <td bgcolor="#000033"><input name="country" type="text" id="country" size="30" /></td>                         </tr>                         <tr>                           <td bgcolor="#000033"><span class="style29">Username</span></td>                           <td bgcolor="#000033"><span class="style31">:</span></td>                           <td bgcolor="#000033"><input name="username" type="text" id="username" size="30" /></td>                         </tr>                         <tr>                           <td bgcolor="#000033"><span class="style29">Profile</span></td>                           <td bgcolor="#000033"><span class="style31">:</span></td>                           <td bgcolor="#000033"><textarea name="profile" cols="27" rows="6" id="profile"></textarea></td>                         </tr>                         <tr>                           <td bgcolor="#000033"><span class="style29">What do you love and hate about your country?</span></td>                           <td bgcolor="#000033"><span class="style31">:</span></td>                           <td bgcolor="#000033"><textarea name="lovehate" cols="27" rows="4" id="lovehate"></textarea></td>                         </tr>                         <tr>                           <td bgcolor="#000033"><span class="style29">DOB</span></td>                           <td bgcolor="#000033"><span class="style31">:</span></td>                           <td bgcolor="#000033"><input name="dob" type="text" id="dob" value="DD/MM/YYYY" size="30" /></td>                         </tr>                         <tr>                           <td bgcolor="#000033"><span class="style31"></span></td>                           <td bgcolor="#000033"><span class="style31"></span></td>                           <td bgcolor="#000033"><input type="submit" name="Submit" value="Submit" />                             &nbsp;                             <input type="reset" name="Reset" value="Reset" /></td>                         </tr>                       </table>                   </form> Config.php: Code: <? $host="sql207.byethost17.com"; // Host name $username="b17_2102460"; // Mysql username $password="CENSORED"; // Mysql password $db_name="b17_2102460_members"; // Database name //Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect to server"); mysql_select_db("$db_name")or die("cannot select DB"); ?> Checklogin.php: Code: <?php $host="sql207.byethost17.com"; // Host name $username="b17_2102460"; // Mysql username $password="CENSORED"; // Mysql password $db_name="b17_2102460_members"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:login_success.php"); } else { echo "Login was unsuccessful, please try again or contact webmaster."; } ?> confirmation.php: Code: <? include('config.php'); // Passkey that got from link $passkey=$_GET['passkey']; $tbl_name1="temp_members_db"; // Retrieve data from table where row that match this passkey $sql1="SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'"; $result1=mysql_query($sql1); // If successfully queried if($result1){ // Count how many row has this passkey $count=mysql_num_rows($result1); // if found this passkey in our database, retrieve data from table "temp_members_db" if($count==1){ $name=$rows['name']; $email=$rows['email']; $country=$rows['country']; $password=$rows['password']; $username=$rows['username']; $profile=$rows['profile']; $lovehate=$rows['lovehate']; $dob=$rows['dob']; $tbl_name2="members"; // Insert data that retrieves from "temp_members_db" into table "members" $sql2="INSERT INTO $tbl_name2(name, email, password, country, username, profile, lovehate, dob)VALUES('$name', '$email', '$password', '$country', '$username', '$profile', '$lovehate', '$dob')"; $result2=mysql_query($sql2); } // if not found passkey, display message "Wrong Confirmation code" else { echo "Wrong Confirmation code"; } // if successfully moved data from table"temp_members_db" to table "members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db" if($result2){ echo "Your account has been activated"; // Delete information of this user from table "temp_members_db" that has this passkey $sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'"; $result3=mysql_query($sql3); } } ?> Signup_ac.php: Code: <? include('config.php'); // table name $tbl_name=temp_members_db; // Random confirmation code $confirm_code=md5(uniqid(rand())); // values sent from form $name=$_POST['name']; $email=$_POST['email']; $country=$_POST['country']; $password=$_POST['password']; $username=$_POST['username']; $profile=$_POST['profile']; $lovehate=$_POST['lovehate']; $dob=$_POST['dob']; // Insert data into database $sql="INSERT INTO $tbl_name(confirm_code, name, email, password, country, username, profile, lovehate, dob)VALUES('$confirm_code', '$name', '$email', '$password', '$country', '$username', '$profile', '$lovehate', '$dob')"; $result=mysql_query($sql); // if suceesfully inserted data into database, send confirmation link to email if($result){ // ---------------- SEND MAIL FORM ---------------- // send e-mail to ... $to=$email; // Your subject $subject="Confirm your EuRoPeAn TeEnS Registration"; // From $header="from: Charlie <charliebobgordon@hotmail.com>"; // Your message $message="Hello thanks for signing upto EuRoPeAn TeEnS \r\n"; $message.="Click on this link to activate your account now \r\n"; $message.="http://www.europeanteens.byethost17.com/confirmation.php?passkey=$confirm_code"; // send email $sentmail = mail($to,$subject,$message,$header); } // if not found else { echo "Not found your email in our database"; } // if your email succesfully sent if($sentmail){ echo "Your Confirmation link Has Been Sent To Your Email Address."; } else { echo "Cannot send Confirmation link to your e-mail address"; } ?> Login Form: Code: <form name="form1" method="post" action="checklogin.php"> <td> <table width="100%" border="0" align="center" cellpadding="3" cellspacing="1" bordercolor="#003399" bgcolor="#FFFFFF"> <tr> <td width="78" bgcolor="#003399"><span class="style33">Username</span></td> <td width="6" bgcolor="#003399"><span class="style33">:</span></td> <td width="294" bgcolor="#003399"><input name="myusername" type="text" id="myusername"></td> </tr> <tr> <td bgcolor="#003399"><span class="style33">Password</span></td> <td bgcolor="#003399"><span class="style33">:</span></td> <td bgcolor="#003399"><input name="mypassword" type="password" id="mypassword" /></td> </tr> <tr> <td bgcolor="#003399"><span class="style34"></span></td> <td bgcolor="#003399"><span class="style34"></span></td> <td bgcolor="#003399"><input name="Submit" type="submit" value="Login"></td> </tr> </table></td> </form> Back to top lostboy Joined: 02 May 2004 Posts: 6033 Location: toronto, canada Posted: Sun Jul 13, 2008 4:25 pm    Post subject: why not just have a TEMP flag in the regular database. Then when the email address is confirmed, you just change the flag. Back to top europeanteens Joined: 13 Jul 2008 Posts: 16 Posted: Sun Jul 13, 2008 5:13 pm    Post subject: lostboy wrote: why not just have a TEMP flag in the regular database. Then when the email address is confirmed, you just change the flag. Hi I'm a begginner at this type of coding and I'm learning, could you tell me step by step on how to do this please? Have you got MSN? Back to top lostboy Joined: 02 May 2004 Posts: 6033 Location: toronto, canada Posted: Sun Jul 13, 2008 6:01 pm    Post subject: change the confirmation.php to address the $rows array Code:  whiile ($rows = mysql_fetch_array($result))  {    $name=$rows['name'];    $email=$rows['email'];    $country=$rows['country'];    $password=$rows['password'];    $username=$rows['username'];    $profile=$rows['profile'];    $lovehate=$rows['lovehate'];    $dob=$rows['dob'];  } complete file Code: <?php <? include('config.php'); // Passkey that got from link $passkey=$_GET['passkey']; $tbl_name1="temp_members_db"; // Retrieve data from table where row that match this passkey $sql1="SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'"; $result1=mysql_query($sql1); // If successfully queried if($result1){ // Count how many row has this passkey $count=mysql_num_rows($result1); // if found this passkey in our database, retrieve data from table "temp_members_db" if($count==1){ whiile ($rows = mysql_fetch_array($result))  {    $name=$rows['name'];    $email=$rows['email'];    $country=$rows['country'];    $password=$rows['password'];    $username=$rows['username'];    $profile=$rows['profile'];    $lovehate=$rows['lovehate'];    $dob=$rows['dob'];  }   $tbl_name2="members"; // Insert data that retrieves from "temp_members_db" into table "members" $sql2="INSERT INTO $tbl_name2(name, email, password, country, username, profile, lovehate, dob)VALUES('$name', '$email', '$password', '$country', '$username', '$profile', '$lovehate', '$dob')"; $result2=mysql_query($sql2); } // if not found passkey, display message "Wrong Confirmation code" else { echo "Wrong Confirmation code"; } // if successfully moved data from table"temp_members_db" to table "members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db" if($result2){ echo "Your account has been activated"; // Delete information of this user from table "temp_members_db" that has this passkey $sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'"; $result3=mysql_query($sql3); } } ?> Back to top europeanteens Joined: 13 Jul 2008 Posts: 16 Posted: Sun Jul 13, 2008 6:28 pm    Post subject: New problem Ok now we've got a different problem lol 1. I sign up. 2. I check that the info is in the temp_members_db and it is, its all there. 3. I recieve the confirmation email, and I click the link and instead of seeing "Your account has been activated" I get a blank page. 4. I go back to the temp_members_db and the information is still stuck there, and had not moved to the members table. H E L P Back to top europeanteens Joined: 13 Jul 2008 Posts: 16 Posted: Sun Jul 13, 2008 10:17 pm    Post subject: Update. I seeked help from other websites, including live.pirillo.com in the chatroom, and someone corrected it even more, it makes more sense now, but I'm now back to how it was at the beggining. 1. I sign up. 2. I click the confirmation link in email. 3. Some of the information gets transfered to the members table but some wrong and missing. For example: id :Tranfered Name :Didnt transfer E-mail :Didnt transfer Password : Transfered Country : Didnt transfer Username : Transfered but username was my MySQL username and not the username i inputted at signup Profile : Didnt transfer What do you love and hate about your country? : Didnt transfer DOB : Didnt transfer Here is a screenshot of the members table after confirmation link clicked: http://img396.imageshack.us/img396/6971/screenieql1.jpg Heres the updated version of confirmation.php: Code: <?php include('config.php'); // Passkey that got from link $passkey=$_GET['passkey']; $tbl_name1="temp_members_db"; // Retrieve data from table where row that match this passkey $sql1="SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'"; $result1=mysql_query($sql1); // If successfully queried if($result1){ // Count how many row has this passkey $count=mysql_num_rows($result1); // if found this passkey in our database, retrieve data from table "temp_members_db" if($count==1){ while ($rows = mysql_fetch_array($result))  {    $name=$rows['name'];    $email=$rows['email'];    $country=$rows['country'];    $password=$rows['password'];    $username=$rows['username'];    $profile=$rows['profile'];    $lovehate=$rows['lovehate'];    $dob=$rows['dob'];  }   $tbl_name2="members"; // Insert data that retrieves from "temp_members_db" into table "members" $sql2="INSERT INTO $tbl_name2(name, email, password, country, username, profile, lovehate, dob)VALUES('$name', '$email', '$password', '$country', '$username', '$profile', '$lovehate', '$dob')"; $result2=mysql_query($sql2); } // if not found passkey, display message "Wrong Confirmation code" else { echo "Wrong Confirmation code"; } // if successfully moved data from table"temp_members_db" to table "members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db" if($result2){ echo "Your account has been activated"; // Delete information of this user from table "temp_members_db" that has this passkey $sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'"; $result3=mysql_query($sql3); } } ?> Back to top lostboy Joined: 02 May 2004 Posts: 6033 Location: toronto, canada Posted: Tue Jul 15, 2008 4:24 pm    Post subject: let's try this: Code: <? include('config.php'); // Passkey that got from link $passkey = $_GET['passkey']; $tbl_name1 = "temp_members_db"; // Retrieve data from table where row that match this passkey $sql1 = "SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'"; echo $sql1 ."<hr>"; $result1 = mysql_query($sql1) or die(mysql_error()); // If successfully queried and there is a row required if($result1){   // Count how many row has this passkey   $count = mysql_num_rows($result1);   // if found this passkey in our database, retrieve data from table "temp_members_db"   if($count==1)   {     $name      = $rows['name'];     $email     = $rows['email'];     $country   = $rows['country'];     $password  = $rows['password'];     $username  = $rows['username'];     $profile   = $rows['profile'];     $lovehate  = $rows['lovehate'];     $dob       = $rows['dob'];     $tbl_name2 = "members";     // Insert data that retrieves from "temp_members_db" into table "members"     $sql2    = "INSERT INTO $tbl_name2(name, email, password, country, username, profile, lovehate, dob)                 VALUES('$name', '$email', '$password', '$country', '$username', '$profile', '$lovehate', '$dob')";     echo "<hr>". $sql2 . "<h2>";     $result2 = mysql_query($sql2) or die(mysql_error());   }   // if not found passkey, display message "Wrong Confirmation code"   else {     echo "Could not find a record with confirmation code $passkey";   }   // if successfully moved data from table"temp_members_db" to table "members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db"   if($result2){     echo "Your account has been activated";     // Delete information of this user from table "temp_members_db" that has this passkey     $sql3    = "DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'";     $result3 = mysql_query($sql3);   } } ?> If you can, can you send me the structure for the two database tables...then i can run the code locally and see where its going wrong Back to top europeanteens Joined: 13 Jul 2008 Posts: 16 Posted: Wed Jul 16, 2008 9:11 pm    Post subject: thanks for your help, but I decided to start again and its working now. But I need just some extra help, at the moment someone could just keep pressing submit on my form loads and spam my database, how can I make it so they have to type atleast a certain amount of characters in certains fields, and if they didnt they'd get an error message? Back to top lostboy Joined: 02 May 2004 Posts: 6033 Location: toronto, canada Posted: Wed Jul 16, 2008 10:33 pm    Post subject: You would need that in your signup_ac page by doing things like Code: $sError = ''; // values sent from form $name     = (!empty($_POST['name'] && strlen($_POST['name']>2)         ? $_POST['name']    : $sError .= "Name not set"; $email    = (!empty($_POST['email'] && strlen($_POST['email'])>5)      ? $_POST['email']   : $sError .= "Email not set"; $country  = (!empty($_POST['country'] && strlen($_POST['country'])>5)  ? $_POST['country'] : $sError .= "Country not set"; $password = (!empty($_POST['password'] && strlen($_POST['password'])>5)? $_POST['password']: $sError .= "Password not set"; $username = (!empty($_POST['username'] && strlen($_POST['username'])>5)? $_POST['username']: $sError .= "Username not set"; $profile  = (!empty($_POST['profile'] && strlen($_POST['profile'])>5)  ? $_POST['profile'] : $sError .= "Profile not set"; $lovehate = (!empty($_POST['lovehate'] && strlen($_POST['lovehate'])>5)? $_POST['lovehate']: $sError .= "Lovehate not set"; $dob      = (!empty($_POST['dob'] && strlen($_POST['dob'])>5)          ? $_POST['dob']     : $sError .= "DoB not set"; //check to see if there is a value for error messages if($sError != '') {    //code here not to go any further } Note that you can create all sorts of rules for what the values should be based on what the fields hold including length of data, type of data (intergers vs dates vs text), text that holds only text There are a number of functions in php that make this simple is_date is_numeric eregi and many others that could be used to validate the data. Regex is one of the best ways to validate data. Have a look at email regex expressions to help you best check if an email is correct Back to top europeanteens Joined: 13 Jul 2008 Posts: 16 Posted: Wed Jul 16, 2008 10:51 pm    Post subject: Hi thanks, as you know I'm a begginner! Could you possibly come on MSN to help me further on this? Thanks, Charlie. Back to top Display posts from previous: All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year Oldest FirstNewest First

WeberTrivia Questions   Think you are smart? Prove it!. Try your skills with these questions :   Recursive arrays and multi-dimensional arrays are one and the same. (PHP and MySQL)   The \"cache_dir\" tag of the squid configuration has a default of /var/spool/squid. (Linux) PHP Code Examples   Stream diffrent sizes of images from a single image to save disk space.   JavaScript dropdown list menu to switch any page.   Dump the contents of a PHP variable in html format with a recursive list of subfolders and files from a given root directory.   PHP Dump in html format the contents of one array variable with a recursive list of the nested array variables inside.   Link Extractor - This function is used to extract links from a given URL. This will convert relative path into absolute path and also remove PHPSESSID stuff.   Building a Dynamic Form using Javascript and innerHTML. Add form elements in realtime without refreshing the page.   A PHP Calendar function with CSS : add a cool calendar to any php page by just adding a calendar class based function.

	WeberForums.com Forum Index -> PHP General	All times are GMT + 2 Hours
Page 1 of 1

Jump to: Select a forum PHP Forums----------------PHP GeneralPHP MySQL Jobs and ProjectsPHP Articles Tutorials and ScriptsWhy Use PHPPEARPHP Books MySQL Forums----------------MySQL General Apache Forums----------------Apache General Web Development Forums----------------Java Script / AJAXSearch Engine Optimization (SEO)Cascading Style SheetsHTMLXML & XSL Graphics & Design----------------Theory related web designWeb Design Security Forums----------------Security Linux Forums----------------Linux General Web Development Misc----------------Hosting Related Miscellaneous----------------Feedback & TestimonialsMiscEvents  You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum