PHP & MySQL Login / Registration System help. : PHP General

FAQ

It is currently Wed Feb 08, 2012 5:40 pm

View unanswered posts | View active topics

Board index » PHP Forums » PHP General

All times are UTC + 2 hours [ DST ]

PHP & MySQL Login / Registration System help.

Moderators: lostboy, berber

Page 1 of 1

[ 10 posts ]

Previous topic | Next topic

Author

Message

europeanteens

Post subject: PHP & MySQL Login / Registration System help.

Posted: Sun Jul 13, 2008 4:56 pm

Joined: Sun Jul 13, 2008 4:39 pm
Posts: 16

Hello I have a website at www.europeanteens.byethost17.com
and if you navigate to the members page you'll see the login system, and if you click "Not a member? Signup now!" It'll take you to the registration page.
It took me ages to make but I'm running into a few problems with it, basically when people signup it sends their info to a temporary database, then when they've verifyed their email their removed from the temporary table, and moved into the actual members table.

But you see, when someone gets put into the temp_members table I see all their information, thats all good. But when they verify their email, and but into the members table all their information is blank, and only their ID number is displayed, why? I do not know and thats what I need help with.

Here is the tutorial I followed: http://phpeasystep.com/phptu/24.html

And here are the codes for all of the pages, I CENSORED the passwords.

Signup.php where users enter their info, this is the form code:

Code:

<form action="signup_ac.php" method="post" name="form1" id="form1">
                      <table width="100%" border="1" cellpadding="0" cellspacing="4" bordercolor="#000033">
                        <tr>
                          <td colspan="3" bgcolor="#000033"><span class="style30">Sign up</span></td>
                        </tr>
                        <tr>
                          <td width="76" bgcolor="#000033"><span class="style29">Name</span></td>
                          <td width="3" bgcolor="#000033"><span class="style31">:</span></td>
                          <td width="305" bgcolor="#000033"><input name="name" type="text" id="name" size="30" /></td>
                        </tr>
                        <tr>
                          <td bgcolor="#000033"><span class="style29">E-mail</span></td>
                          <td bgcolor="#000033"><span class="style31">:</span></td>
                          <td bgcolor="#000033"><input name="email" type="text" id="email" size="30" /></td>
                        </tr>
                        <tr>
                          <td bgcolor="#000033"><span class="style29">Password</span></td>
                          <td bgcolor="#000033"><span class="style31">:</span></td>
                          <td bgcolor="#000033"><input name="password" type="password" id="password" size="30" /></td>
                        </tr>
                        <tr>
                          <td bgcolor="#000033"><span class="style29">Country</span></td>
                          <td bgcolor="#000033"><span class="style31">:</span></td>
                          <td bgcolor="#000033"><input name="country" type="text" id="country" size="30" /></td>
                        </tr>
                        <tr>
                          <td bgcolor="#000033"><span class="style29">Username</span></td>
                          <td bgcolor="#000033"><span class="style31">:</span></td>
                          <td bgcolor="#000033"><input name="username" type="text" id="username" size="30" /></td>
                        </tr>
                        <tr>
                          <td bgcolor="#000033"><span class="style29">Profile</span></td>
                          <td bgcolor="#000033"><span class="style31">:</span></td>
                          <td bgcolor="#000033"><textarea name="profile" cols="27" rows="6" id="profile"></textarea></td>
                        </tr>
                        <tr>
                          <td bgcolor="#000033"><span class="style29">What do you love and hate about your country?</span></td>
                          <td bgcolor="#000033"><span class="style31">:</span></td>
                          <td bgcolor="#000033"><textarea name="lovehate" cols="27" rows="4" id="lovehate"></textarea></td>
                        </tr>
                        <tr>
                          <td bgcolor="#000033"><span class="style29">DOB</span></td>
                          <td bgcolor="#000033"><span class="style31">:</span></td>
                          <td bgcolor="#000033"><input name="dob" type="text" id="dob" value="DD/MM/YYYY" size="30" /></td>
                        </tr>
                        <tr>
                          <td bgcolor="#000033"><span class="style31"></span></td>
                          <td bgcolor="#000033"><span class="style31"></span></td>
                          <td bgcolor="#000033"><input type="submit" name="Submit" value="Submit" />
                            &nbsp;
                            <input type="reset" name="Reset" value="Reset" /></td>
                        </tr>
                      </table>
                  </form>

Config.php:

Code:

<?

$host="sql207.byethost17.com"; // Host name
$username="b17_2102460"; // Mysql username
$password="CENSORED"; // Mysql password
$db_name="b17_2102460_members"; // Database name


//Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect to server");
mysql_select_db("$db_name")or die("cannot select DB");

?>

Checklogin.php:

Code:

<?php
$host="sql207.byethost17.com"; // Host name
$username="b17_2102460"; // Mysql username
$password="CENSORED"; // Mysql password
$db_name="b17_2102460_members"; // Database name
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Login was unsuccessful, please try again or contact webmaster.";
}
?>

confirmation.php:

Code:

<?
include('config.php');

// Passkey that got from link
$passkey=$_GET['passkey'];

$tbl_name1="temp_members_db";

// Retrieve data from table where row that match this passkey
$sql1="SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'";
$result1=mysql_query($sql1);

// If successfully queried
if($result1){

// Count how many row has this passkey
$count=mysql_num_rows($result1);

// if found this passkey in our database, retrieve data from table "temp_members_db"
if($count==1){

$name=$rows['name'];
$email=$rows['email'];
$country=$rows['country'];
$password=$rows['password'];
$username=$rows['username'];
$profile=$rows['profile'];
$lovehate=$rows['lovehate'];
$dob=$rows['dob'];

$tbl_name2="members";

// Insert data that retrieves from "temp_members_db" into table "members"
$sql2="INSERT INTO $tbl_name2(name, email, password, country, username, profile, lovehate, dob)VALUES('$name', '$email', '$password', '$country', '$username', '$profile', '$lovehate', '$dob')";
$result2=mysql_query($sql2);
}

// if not found passkey, display message "Wrong Confirmation code"
else {
echo "Wrong Confirmation code";
}

// if successfully moved data from table"temp_members_db" to table "members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db"
if($result2){

echo "Your account has been activated";

// Delete information of this user from table "temp_members_db" that has this passkey
$sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'";
$result3=mysql_query($sql3);

}

}
?>

Signup_ac.php:

Code:

<?
include('config.php');

// table name
$tbl_name=temp_members_db;

// Random confirmation code
$confirm_code=md5(uniqid(rand()));

// values sent from form
$name=$_POST['name'];
$email=$_POST['email'];
$country=$_POST['country'];
$password=$_POST['password'];
$username=$_POST['username'];
$profile=$_POST['profile'];
$lovehate=$_POST['lovehate'];
$dob=$_POST['dob'];

// Insert data into database
$sql="INSERT INTO $tbl_name(confirm_code, name, email, password, country, username, profile, lovehate, dob)VALUES('$confirm_code', '$name', '$email', '$password', '$country', '$username', '$profile', '$lovehate', '$dob')";
$result=mysql_query($sql);

// if suceesfully inserted data into database, send confirmation link to email
if($result){

// ---------------- SEND MAIL FORM ----------------

// send e-mail to ...
$to=$email;

// Your subject
$subject="Confirm your EuRoPeAn TeEnS Registration";

// From
$header="from: Charlie <charliebobgordon@hotmail.com>";

// Your message
$message="Hello thanks for signing upto EuRoPeAn TeEnS \r\n";
$message.="Click on this link to activate your account now \r\n";
$message.="http://www.europeanteens.byethost17.com/confirmation.php?passkey=$confirm_code";

// send email
$sentmail = mail($to,$subject,$message,$header);

}

// if not found
else {
echo "Not found your email in our database";
}

// if your email succesfully sent
if($sentmail){
echo "Your Confirmation link Has Been Sent To Your Email Address.";
}
else {
echo "Cannot send Confirmation link to your e-mail address";
}

?>

Login Form:

Code:

<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" align="center" cellpadding="3" cellspacing="1" bordercolor="#003399" bgcolor="#FFFFFF">

<tr>
<td width="78" bgcolor="#003399"><span class="style33">Username</span></td>
<td width="6" bgcolor="#003399"><span class="style33">:</span></td>
<td width="294" bgcolor="#003399"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td bgcolor="#003399"><span class="style33">Password</span></td>
<td bgcolor="#003399"><span class="style33">:</span></td>
<td bgcolor="#003399"><input name="mypassword" type="password" id="mypassword" /></td>
</tr>
<tr>
<td bgcolor="#003399"><span class="style34"></span></td>
<td bgcolor="#003399"><span class="style34"></span></td>
<td bgcolor="#003399"><input name="Submit" type="submit" value="Login"></td>
</tr>
</table></td>
</form>

Top

lostboy

Post subject:

Posted: Sun Jul 13, 2008 5:25 pm

Joined: Sun May 02, 2004 11:34 pm
Posts: 6500
Location: toronto, canada

why not just have a TEMP flag in the regular database. Then when the email address is confirmed, you just change the flag.

_________________
Lostboy

Cat, the other other white meat

Please read Posting Etiquette before posting

You can always try Google

Top

europeanteens

Post subject:

Posted: Sun Jul 13, 2008 6:13 pm

Joined: Sun Jul 13, 2008 4:39 pm
Posts: 16

lostboy wrote:

why not just have a TEMP flag in the regular database. Then when the email address is confirmed, you just change the flag.

Hi I'm a begginner at this type of coding and I'm learning, could you tell me step by step on how to do this please?
Have you got MSN?

Top

lostboy

Post subject:

Posted: Sun Jul 13, 2008 7:01 pm

Joined: Sun May 02, 2004 11:34 pm
Posts: 6500
Location: toronto, canada

change the confirmation.php to address the $rows array

Code:

 whiile ($rows = mysql_fetch_array($result))
 {
   $name=$rows['name'];
   $email=$rows['email'];
   $country=$rows['country'];
   $password=$rows['password'];
   $username=$rows['username'];
   $profile=$rows['profile'];
   $lovehate=$rows['lovehate'];
   $dob=$rows['dob'];
 }

complete file

Code:

<?php
<?
include('config.php');

// Passkey that got from link
$passkey=$_GET['passkey'];

$tbl_name1="temp_members_db";

// Retrieve data from table where row that match this passkey
$sql1="SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'";
$result1=mysql_query($sql1);

// If successfully queried
if($result1){

// Count how many row has this passkey
$count=mysql_num_rows($result1);

// if found this passkey in our database, retrieve data from table "temp_members_db"
if($count==1){

whiile ($rows = mysql_fetch_array($result))
 {
   $name=$rows['name'];
   $email=$rows['email'];
   $country=$rows['country'];
   $password=$rows['password'];
   $username=$rows['username'];
   $profile=$rows['profile'];
   $lovehate=$rows['lovehate'];
   $dob=$rows['dob'];
 }
 
$tbl_name2="members";

// Insert data that retrieves from "temp_members_db" into table "members"
$sql2="INSERT INTO $tbl_name2(name, email, password, country, username, profile, lovehate, dob)VALUES('$name', '$email', '$password', '$country', '$username', '$profile', '$lovehate', '$dob')";
$result2=mysql_query($sql2);
}

// if not found passkey, display message "Wrong Confirmation code"
else {
echo "Wrong Confirmation code";
}

// if successfully moved data from table"temp_members_db" to table "members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db"
if($result2){

echo "Your account has been activated";

// Delete information of this user from table "temp_members_db" that has this passkey
$sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'";
$result3=mysql_query($sql3);

}

}
?>

_________________
Lostboy

Cat, the other other white meat

Please read Posting Etiquette before posting

You can always try Google

Top

europeanteens

Post subject: New problem

Posted: Sun Jul 13, 2008 7:28 pm

Joined: Sun Jul 13, 2008 4:39 pm
Posts: 16

Ok now we've got a different problem lol :lol:

1. I sign up.
2. I check that the info is in the temp_members_db
and it is, its all there.
3. I recieve the confirmation email, and I click the link and instead of seeing "Your account has been activated" I get a blank page.
4. I go back to the temp_members_db and the information is still stuck there, and had not moved to the members table.
H E L P :shock:

Top

europeanteens

Post subject: Update.

Posted: Sun Jul 13, 2008 11:17 pm

Joined: Sun Jul 13, 2008 4:39 pm
Posts: 16

I seeked help from other websites, including live.pirillo.com in the chatroom, and someone corrected it even more, it makes more sense now, but I'm now back to how it was at the beggining.

1. I sign up.

2. I click the confirmation link in email.

3. Some of the information gets transfered to the members table but some wrong and missing.

For example:

id :Tranfered
Name :Didnt transfer
E-mail :Didnt transfer
Password : Transfered
Country : Didnt transfer
Username : Transfered but username was my MySQL username and not the username i inputted at signup
Profile : Didnt transfer
What do you love and hate about your country? : Didnt transfer
DOB : Didnt transfer

Here is a screenshot of the members table after confirmation link clicked:
http://img396.imageshack.us/img396/6971/screenieql1.jpg

Heres the updated version of confirmation.php:

Code:

<?php
include('config.php');

// Passkey that got from link
$passkey=$_GET['passkey'];

$tbl_name1="temp_members_db";

// Retrieve data from table where row that match this passkey
$sql1="SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'";
$result1=mysql_query($sql1);

// If successfully queried
if($result1){

// Count how many row has this passkey
$count=mysql_num_rows($result1);

// if found this passkey in our database, retrieve data from table "temp_members_db"
if($count==1){

while ($rows = mysql_fetch_array($result))
 {
   $name=$rows['name'];
   $email=$rows['email'];
   $country=$rows['country'];
   $password=$rows['password'];
   $username=$rows['username'];
   $profile=$rows['profile'];
   $lovehate=$rows['lovehate'];
   $dob=$rows['dob'];
 }
 
$tbl_name2="members";

// Insert data that retrieves from "temp_members_db" into table "members"
$sql2="INSERT INTO $tbl_name2(name, email, password, country, username, profile, lovehate, dob)VALUES('$name', '$email', '$password', '$country', '$username', '$profile', '$lovehate', '$dob')";
$result2=mysql_query($sql2);
}

// if not found passkey, display message "Wrong Confirmation code"
else {
echo "Wrong Confirmation code";
}

// if successfully moved data from table"temp_members_db" to table "members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db"
if($result2){

echo "Your account has been activated";

// Delete information of this user from table "temp_members_db" that has this passkey
$sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'";
$result3=mysql_query($sql3);

}

}
?> 

Top

lostboy

Post subject:

Posted: Tue Jul 15, 2008 5:24 pm

Joined: Sun May 02, 2004 11:34 pm
Posts: 6500
Location: toronto, canada

let's try this:

Code:

<?
include('config.php');

// Passkey that got from link
$passkey = $_GET['passkey'];

$tbl_name1 = "temp_members_db";

// Retrieve data from table where row that match this passkey
$sql1 = "SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'";
echo $sql1 ."<hr>";
$result1 = mysql_query($sql1) or die(mysql_error());

// If successfully queried and there is a row required
if($result1){

  // Count how many row has this passkey
  $count = mysql_num_rows($result1);

  // if found this passkey in our database, retrieve data from table "temp_members_db"
  if($count==1)
  {

    $name      = $rows['name'];
    $email     = $rows['email'];
    $country   = $rows['country'];
    $password  = $rows['password'];
    $username  = $rows['username'];
    $profile   = $rows['profile'];
    $lovehate  = $rows['lovehate'];
    $dob       = $rows['dob'];

    $tbl_name2 = "members";

    // Insert data that retrieves from "temp_members_db" into table "members"
    $sql2    = "INSERT INTO $tbl_name2(name, email, password, country, username, profile, lovehate, dob)
                VALUES('$name', '$email', '$password', '$country', '$username', '$profile', '$lovehate', '$dob')";

    echo "<hr>". $sql2 . "<h2>";
    $result2 = mysql_query($sql2) or die(mysql_error());
  }

  // if not found passkey, display message "Wrong Confirmation code"
  else {
    echo "Could not find a record with confirmation code $passkey";
  }

  // if successfully moved data from table"temp_members_db" to table "members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db"
  if($result2){

    echo "Your account has been activated";

    // Delete information of this user from table "temp_members_db" that has this passkey
    $sql3    = "DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'";
    $result3 = mysql_query($sql3);

  }

}
?>

If you can, can you send me the structure for the two database tables...then i can run the code locally and see where its going wrong

_________________
Lostboy

Cat, the other other white meat

Please read Posting Etiquette before posting

You can always try Google

Top

europeanteens

Post subject:

Posted: Wed Jul 16, 2008 10:11 pm

Joined: Sun Jul 13, 2008 4:39 pm
Posts: 16

thanks for your help, but I decided to start again and its working now.

But I need just some extra help,

at the moment someone could just keep pressing submit on my form loads and spam my database, how can I make it so they have to type atleast a certain amount of characters in certains fields, and if they didnt they'd get an error message?

Top

lostboy

Post subject:

Posted: Wed Jul 16, 2008 11:33 pm

Joined: Sun May 02, 2004 11:34 pm
Posts: 6500
Location: toronto, canada

You would need that in your signup_ac page by doing things like

Code:

$sError = '';
// values sent from form
$name     = (!empty($_POST['name'] && strlen($_POST['name']>2)         ? $_POST['name']    : $sError .= "Name not set";
$email    = (!empty($_POST['email'] && strlen($_POST['email'])>5)      ? $_POST['email']   : $sError .= "Email not set";
$country  = (!empty($_POST['country'] && strlen($_POST['country'])>5)  ? $_POST['country'] : $sError .= "Country not set";
$password = (!empty($_POST['password'] && strlen($_POST['password'])>5)? $_POST['password']: $sError .= "Password not set";
$username = (!empty($_POST['username'] && strlen($_POST['username'])>5)? $_POST['username']: $sError .= "Username not set";
$profile  = (!empty($_POST['profile'] && strlen($_POST['profile'])>5)  ? $_POST['profile'] : $sError .= "Profile not set";
$lovehate = (!empty($_POST['lovehate'] && strlen($_POST['lovehate'])>5)? $_POST['lovehate']: $sError .= "Lovehate not set";
$dob      = (!empty($_POST['dob'] && strlen($_POST['dob'])>5)          ? $_POST['dob']     : $sError .= "DoB not set";

//check to see if there is a value for error messages
if($sError != '')
{
   //code here not to go any further


}

Note that you can create all sorts of rules for what the values should be based on what the fields hold including length of data, type of data (intergers vs dates vs text), text that holds only text

There are a number of functions in php that make this simple

is_date
is_numeric
eregi

and many others that could be used to validate the data. Regex is one of the best ways to validate data. Have a look at email regex expressions to help you best check if an email is correct

_________________
Lostboy

Cat, the other other white meat

Please read Posting Etiquette before posting

You can always try Google

Top

europeanteens

Post subject:

Posted: Wed Jul 16, 2008 11:51 pm

Joined: Sun Jul 13, 2008 4:39 pm
Posts: 16

Hi thanks, as you know I'm a begginner! :oops:

Could you possibly come on MSN to help me further on this?
Thanks, Charlie.

Top

Page 1 of 1

[ 10 posts ]

Board index » PHP Forums » PHP General

All times are UTC + 2 hours [ DST ]

Who is online

Users browsing this forum: No registered users and 0 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Jump to: