Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

Help with simple sign-up code

signup registration email verification

This topic has been archived. This means that you cannot reply to this topic.
1 reply to this topic

#1 zak

zak

    CC Lurker

  • New Member
  • Pip
  • 7 posts

Posted 02 November 2013 - 04:14 PM

Hi

 

Sorry just started learning to code. I took the following sign-up script from net tuts+ ( http://net.tutsplus....search_index=41 ) got it to work fine after changing a few things. However getting stuck having a hard time making the correct code changes for the following. 

 

a. PDO connection
b. error handling for the following
1. username not valid
2. username duplicate in Database
3. email not valid
4. email duplicate in Database
5. error when nothing is submitted
6. prevent submission until all fields are filled

 

I know it's better/secure to use PDO however need to figure/learn the basics first. I learn alot quicker by example so was hoping for help from the experts here. Again sorry for the rookie question any help would be appricated. This is what I have sofar (I know it's horrible ).

 <?php
	    
	    	mysql_connect("localhost", "table", "password") or die(mysql_error()); // Connect to database server(localhost) with username and password.
			mysql_select_db("database-name") or die(mysql_error()); // Select registration database.
	    	
	    	
	    	if(isset($_POST['username']) && !empty($_POST['username']) AND isset($_POST['email']) && !empty($_POST['email'])){
	    		$username = mysql_escape_string($_POST['username']);
	    		$email = mysql_escape_string($_POST['email']);
	    		
	    		if(!preg_match('/[a-zA-Z]{0,1}[a-zA-Z0-9._-]$/i', $username)){
					$msg1 = 'The username you have entered is invalid, please try again.';
    }
	    		
				elseif(!preg_match("/^[_\.0-9a-zA-Z-]+@([0-9a-zA-Z][0-9a-zA-Z-]+\.)+[a-zA-Z]{2,6}$/i", $email)){
					// Return Error - Invalid Email
					$msg = 'The email you have entered is invalid, please try again.';
				}else{
					// Return Success - Valid Email
					$msg = 'Your account has been made, <br /> please verify it by clicking the activation link that has been sent to your email.';
					
					$hash = md5( rand(0,1000) ); // Generate random 32 character hash and assign it to a local variable.
					$password = substr(hash('sha512',rand()),0,50); 
					
					mysql_query("INSERT IGNORE INTO users (username, password, email, hash, ip, whenadded) VALUES(
					'". mysql_escape_string($username) ."', 
					'". mysql_escape_string(md5($password)) ."', 
					'". mysql_escape_string($email) ."', 
					'". mysql_escape_string($hash) ."',
					'". $_SERVER['REMOTE_ADDR'] ."',
					now()) ") or die(mysql_error());  
					
					$to      = $email;
					$subject = 'Signup | Verification'; 
					$message = '

					Thanks for signing up!
					Your account has been created, you can login with the following credentials after you have activated your account by pressing the url below.

					------------------------
					Username: '.$username.'
					Password: '.$password.'
					------------------------

					Please click this link to activate your account:
					http://www.example.com/verify.php?email='.$email.'&hash='.$hash.'

					'; 
					
					$headers = 'From:noreply@example.com' . "\r\n"; // Set from headers
					mail($to, $subject, $message, $headers); // Send the email

				}
				
	    	}
	    	
	    ?>
<?php 
			if(isset($msg1)){ 
				echo '<div class="statusmsg, display-success">'.$msg1.'</div>'; 
			} ?>
		<?php 
			if(isset($msg)){ // Check if $msg is not empty
				echo '<div class="statusmsg, display-success">'.$msg.'</div>';
			} ?>
<form id="form" class="form" action="" method="post">
	<div class='field'>
			<label for="username">Username</label>
			<input class="text" type="text" placeholder="Username" size="50" id="username" name="username" tabindex="1" />
            </div>
         <div class='field'>
			<label for="email">Email</label>
			<input class="text" type="text" placeholder="Email address" size="50" id="email" name="email" tabindex="2" />
		</div>
		</form>


#2 SkHacker

SkHacker

    CC Newcomer

  • Member
  • PipPip
  • 14 posts

Posted 05 November 2013 - 10:46 PM

while checking the username and email you have used "AND" for logical and operation.
Replace it with "&&".

 

For checking valid email try to use "/^[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,4}$/".

 

 

It worked for me






Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download