Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

Redirection Failing in Php 7 ?

php

  • Please log in to reply
No replies to this topic

#1 uniqueideaman

uniqueideaman

    CC Newcomer

  • Member
  • PipPip
  • 23 posts

Posted 09 March 2017 - 03:43 PM

Hi,
 
I'm a beginner in php. Starting my learning at php 7 and not 5 or earlier.
I don't understand why php 7 is acting weird. It give different result at different time. Do you guy mind checking if I got the coding wrong or if I've come across a php 7 bug ?
It is a basic member registration & login script.
 
How It Works:
1. When you register (username, password, email), it dumps the data onto a MySQL table "pending_users" and inserts "0" on "account activation" row. It will replace the "0" with "1" after you click the account activation link that gets emailed to you.
It sends you email with your account activation link that contains your account activation code (GET METHOD).
 
 
2. When you click the account activation link, your email gets verified and a new table in mysql gets created under your username. That table will contain data of your account activities.
Script replaces the "0" (table: pending_users, row: account activation) with "1" after you click the account activation link that gets emailed to you. If you click the link anytime, anyday after that then you get alerted a message asking you why you trying to activate an account you already activated.
 
That's about it.
 
Pages: register.php  AND account_activation.php.
 
The problems are in the account_activation.php. When you click the account activation link in your email then that page takes over. So far, so good. Now, notice that after you get the message that your account has been activated, you do not get redirected to home.php like the script says. Redirection failing in php 7.
 
PROBLEM 2: You will see you get errors not on the error file but on the activation_account.php page. The error:
 
<pre>You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'varchar(30) NOT NULL, Email varchar(50) NOT NULL, Forename varchar(30)' at line 3</pre>
 
 
OTHER ISSUE:
I am trying to learn php starting from php 7. Getting these codes watching youtube php channels. I update as much as I can to customize according to my needs. I fear the code may contain php 5 syntax and so if you spot any then kindly show me a php 7 syntax example and get a thumbs-up from here.
 
PS - Why don't you guys open a php 7 tutorial channel and teach how to build Social Network like facebook, twitter and youtube etc. ? There are channels in youtube that teach these but they don't regularly upload videos and and I hate the waiting.
 
Thanks
 
 
register.php
 
[syntax=php]
 
<!DOCTYPE html>
<html>
<head>
<title>Signup Page</title>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <link rel="stylesheet" href="https://maxcdn.boots...strap.min.css">
</head>
<body>
<div class = "container">
<center><h2>Loud Gobs Browser Signup Form</h2></center>
<form method="post" action="">
<div class="form-group">
<center><label for="username">Username:</label>
<input type="text" class="form-control" id="user" placeholder="Enter a unique Username" name="member_registration_username"></center>
</div>
<div class="form-group">
<center><label for="password">Password:</label>
<input type="password" class="form-control" id="pwd" placeholder="Enter new Password" name="member_registration_password"></center>
</div>
<div class="form-group">
<center><label for="password">Repeat Password:</label>
<input type="password" class="form-control" id="member_registration_repeat_pwd" placeholder="Repeat new Password" name="member_registration_password_confirmation"></center>
</div>
<div class="form-group">
<center><label for="forename">First Name:</label>
<input type="text" class="form-control" id="member_registration_first_name" placeholder="Enter your First Name" name="member_registration_forename"></center>
</div>
<div class="form-group">
<center><label for="surname">Surname:</label>
<input type="text" class="form-control" id="member_registration_last_name" placeholder="Enter your Surname" name="member_registration_surname"></center>
</div>
<div class="form-group">
<center><label for="email">Email:</label>
<input type="email" class="form-control" id="member_registration_email" placeholder="Enter your Email" name="member_registration_email"></center>
</div>
<div class="form-group">
<center><label for="email">Repeat Email:</label>
<input type="email" class="form-control" id="member_registration_repeat_email" placeholder="Repeat your Email" name="member_registration_email_confirmation"></center>
</div>
<center><button type="submit" class="btn btn-default" name="submit">Register!</button></center>
<center><font color="red" size="3"><b>Already have an account ?</b><br><a href="login.php">Login here!</a></font></center>
</form>
</div>
</body>
</html>
<?php
require "conn.php";
if  (isset($_POST['submit']))
{
if(!empty($_POST["member_registration_username"]) && !empty($_POST["member_registration_password"])&& !empty($_POST["member_registration_password_confirmation"])&& !empty($_POST["member_registration_email"])&& !empty($_POST["member_registration_email_confirmation"])&& !empty($_POST["member_registration_forename"])&& !empty($_POST["member_registration_surname"]))
{
$member_registration_account_activation = 0;
$member_registration_random_numbers = random_int(0, 9999999999);
 
 
        $member_registration_username = trim($_POST["member_registration_username"]);
        $member_registration_forename = trim($_POST["member_registration_forename"]);
        $member_registration_surname = trim($_POST["member_registration_surname"]);
        $member_registration_password = trim($_POST["member_registration_password"]);
        $member_registration_password_confirmation = trim($_POST["member_registration_password_confirmation"]);
        $member_registration_email = trim($_POST["member_registration_email"]);
        $member_registration_email_confirmation = trim($_POST["member_registration_email_confirmation"]);
$member_registration_account_activation_code = trim("$member_registration_random_numbers");       
 
        $member_registration_username = mysqli_real_escape_string($conn,$_POST["member_registration_username"]);
        $member_registration_forename = mysqli_real_escape_string($conn,$_POST["member_registration_forename"]);
        $member_registration_surname = mysqli_real_escape_string($conn,$_POST["member_registration_surname"]);
        $member_registration_password = mysqli_real_escape_string($conn,$_POST["member_registration_password"]);
        $member_registration_password_confirmation = mysqli_real_escape_string($conn,$_POST["member_registration_password_confirmation"]);
        $member_registration_email = mysqli_real_escape_string($conn,$_POST["member_registration_email"]);
        $member_registration_email_confirmation = mysqli_real_escape_string($conn,$_POST["member_registration_email_confirmation"]);    
        $member_registration_account_activation_code = mysqli_real_escape_string($conn,$member_registration_account_activation_code);     
 
if($member_registration_email != $member_registration_email_confirmation)
{
            echo "<center>Your email inputs do not match! Try inputting again and then re-submit.</center>";
            $conn->close();
       exit();
        }
        else
   {
        }
        if($member_registration_password != $member_registration_password_confirmation)
{
            echo "<center>Your password inputs do not match! Try inputting again and then re-submit.</center>";
            $conn->close();
       exit();
        }
        else
        {
        }
 
        $sql_check_username_in_pending_users = "SELECT * FROM pending_users WHERE Username='".$member_registration_username."'";
        $result_username_in_pending_users = mysqli_query($conn,$sql_check_username_in_pending_users);
        if(mysqli_num_rows($result_username_in_pending_users)>0)
{
   echo "<script>alert('That Username $member_registration_username is pending registration!')</script>";
            exit();
        }
       
$sql_check_username_in_users = "SELECT * FROM users WHERE Username='".$member_registration_username."'";
        $result_username_in_users = mysqli_query($conn,$sql_check_username_in_users);
        if(mysqli_num_rows($result_username_in_users)>0)
{
            echo "<script>alert('That Username $member_registration_username is already registered!')</script>";
            exit();
        }
 
        $sql_check_email_in_pending_users = "SELECT * FROM pending_users WHERE Email='".$member_registration_email."'";
        $result_email_in_pending_users = mysqli_query($conn,$sql_check_email_in_pending_users);
        if(mysqli_num_rows($result_email_in_pending_users)>0)
{
            echo "<script>alert('That Email $member_registration_email is pending registration!')</script>";
            exit();
        }
 
$sql_check_email_in_users = "SELECT * FROM users WHERE Email='".$member_registration_email."'";
        $result_email_in_users = mysqli_query($conn,$sql_check_email_in_users);
        if(mysqli_num_rows($result_email_in_users)>0)
{
            echo "<script>alert('That Email $member_registration_email is already registered!')</script>";
            exit();
        }
 
   $sql = "INSERT INTO pending_users(Username,Password,Email,Forename,Surname,Account_Activation_Code,Account_Activation) VALUES('".$member_registration_username."','".$member_registration_password."','".$member_registration_email."','".$member_registration_forename."','".$member_registration_surname."','".$member_registration_account_activation_code."','".$member_registration_account_activation."')";
        if($conn->query($sql)===TRUE)
   {
       echo "Data insertion into table success!";
        }
   else    
   {
            echo "Data insertion into table failure!";
       $conn->close();
       exit();
   }
 
   $to = "$member_registration_email";
   $subject = "loudgobs Browser Account Activation!";
   $body = "$member_registration_forename $member_registration_surname,\n\n You need to click the following link to confirm your email address and activate your account.\n\n\
   $from = "admin_loudgobs-browser@loudgobs.com";
   $message = "from: $from";
 
   mail($to,$subject,$body,$message);
   echo "<script>alert('Check your email for further instructions!')</script>";
   $conn->close();
    }
else
{
   echo "<script>alert('You must fill-in all input fields!')</script>";
$conn->close();
}
}
 
?>
 
[/syntax]
 
activate_account.php
 
[syntax=php]
 
<?php
session_start();
require "conn.php";
 
    //Grab account activator's email and account activation code from account activation link's url.
 
if(!isset($_GET["email"], $_GET["member_registration_account_activation_code"]) === TRUE) 
{
echo "<script>alert('Invalid Email Address! Invalid Account Activation Link! This email is not registered! Try registering an account!')</script>";
    $conn->close();
header("location:register.php");
exit();
}
else
{
$confirmed_email = trim($_GET["email"]);
$member_registration_account_activation_code = trim($_GET["member_registration_account_activation_code"]);
 
$confirmed_email = mysqli_real_escape_string($conn,$confirmed_email);
$member_registration_account_activation_code = mysqli_real_escape_string($conn,$member_registration_account_activation_code);
 
 
//Check User's Username (against users tbl) if it has already been taken or not whilst User was in midst of activating his/her account.
    
    $query = "SELECT * FROM users WHERE Email = '".$confirmed_email."'";
    $result = mysqli_query($conn,$query);
$numrows = mysqli_num_rows($result);
if($numrows != 0)
    {
        echo "<script>alert('That email '".$confirmed_email."' is already registered!')</script>";
$conn->close();
exit();
}
else
    {
        //Grab User details from table "pending_users". Search data with confirmed Email Address.
 
$query = "SELECT * FROM pending_users WHERE Email = '".$confirmed_email."'";
$result = mysqli_query($conn,$query);
$numrows = mysqli_num_rows($result);
if($numrows = 0)
{
echo "<script>alert('Invalid Email Address! Invalid Account Activation Link! This email is not registered! Try registering an account!')</script>";
$conn->close();
exit();
}
else 
{
   while($row = mysqli_fetch_assoc($result)) 
   {
$db_id = $row["Id"];
$db_username = $row["Username"];
$db_password = $row["Password"];
$db_email = $row["Email"];
$db_forename = $row["Forename"];
$db_surname = $row["Surname"];
$db_account_activation_code = $row["Account_Activation_Code"];
$db_account_activation = $row["Account_Activation"];    
   
if($db_account_activation != 0)
{
echo "<script>alert('Since your account is already activated, why are you trying to activate it again ?')</script>";
$conn->close();
exit();
}
else
{
$conn->query("UPDATE pending_users SET Account_Activation 1 WHERE Email = '".$confirmed_email."'");
           echo "Activating your account! Wait to be auto-logged-in to your account as that will be the sign that your account has been activated.";
echo "Your email '".$confirmed_email."' has now been confirmed!";
   echo "Activating your account! Wait to be auto-logged-in to your account as that will be the sign that your account has been activated.";
 
 
//Create table under $username to hold user account activity data.
 
$sql = "CREATE TABLE $db_username (
Id INT(6) UNSIGNED AUTO_INCREMENT, PRIMARY KEY 
Username varchar(30) NOT NULL,
Email varchar(50) NOT NULL,
Forename varchar(30) NOT NULL,
Surname varchar(30) NOT NULL,
Password varchar(32) NOT NULL,
Profile_Pic (longblob) NOT NULL,
Bio varchar(250) NOT NULL,
Status varchar(100) NOT NULL)";
 
if ($conn->query($sql) != TRUE) 
{
   echo "Error creating table: " . mysqli_error($conn);
$conn->close();
                    } 
else 
{
                        echo "Table $db_username created successfully";
 
 
//Copy $user's registration data from table "pending_users" to table user.
 
$sql = "INSERT INTO $db_username(Username,Password,Email,Forename,Surname,Account_Activation_Code) VALUES('$db_username','$db_password','$db_email','$db_forename','$db_surname','$db_account_activation_code')";
 
if($conn->query($sql) != TRUE)
{
echo "inserting data into table $db_username failed! " . mysqli_error($conn);
$conn->close();
 
}
else
{
echo "inserted data into table $db_username!";
 
 
//Copy $user's registration data from table "pending_users" to table users.
 
$sql = "INSERT INTO users (Username,Password,Email,Forename,Surname,Account_Activation_Code) VALUES('$db_username','$db_password','$db_email','$db_forename','$db_surname','$db_account_activation_code')";
 
if($conn->query($sql) != TRUE)
{
echo "inserting data into table users failed! " . mysqli_error($conn);
$conn->close();
 
}
else
{
echo "inserted data into table users!";
 
 
//Redirect newly activated user to his/her account homepage.
 
$user = $db_username;
$userid = $db_id;
$_SESSION["user"] = $user;
 
header("location: home.php");
}
}
}
}
}
}
    }
}
 
?>
 
[/syntax]

  • 0