Here is what I am currently using to register users.
I am sure it needs a little cleaning up however.
The first page is called: register.php
Code: Select all
<?php require_once('Connections/registerconfig.php'); ?>
<?php
function sendMail($to, $hash) {
$message = "Thanks for registering at my site. In order to enable your login you will have to validate your email address by clicking on the following link:\n\n";
$message .= "http://www.yourwebsite.com/path to/validate.php?hash=$hash\n\n";
$message .= "All that this will do is confirm to our system that you have received this email and that the email address that you entered is therefore valid";
mail($to,"Please confirm your email address",$message);
}
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
$hash = md5(uniqid("reg_",true).$_POST['usr_email']);
$insertSQL = sprintf("INSERT INTO phpwcms_user (usr_login, usr_pass, usr_email, usr_name, user_hash) VALUES (%s, %s, %s, %s, %s)",
GetSQLValueString($_POST['usr_login'], "text"),
GetSQLValueString(MD5($_POST['usr_pass']), "text"),
GetSQLValueString($_POST['usr_email'], "text"),
GetSQLValueString($_POST['usr_name'], "text"),
GetSQLValueString($hash,"text"));
mysql_select_db($database_name, $name);
$Result1 = mysql_query($insertSQL, $name) or die(mysql_error());
sendMail($_POST['usr_email'],$hash);
$insertGoTo = "thanks.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_findObj(n, d) { //v4.01
var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_validateForm() { //v4.0
var i,p,q,nm,test,num,min,max,errors='',args=MM_validateForm.arguments;
for (i=0; i<(args.length-2); i+=3) { test=args[i+2]; val=MM_findObj(args[i]);
if (val) { nm=val.name; if ((val=val.value)!="") {
if (test.indexOf('isEmail')!=-1) { p=val.indexOf('@');
if (p<1 || p==(val.length-1)) errors+='- '+nm+' must contain an e-mail address.\n';
} else if (test!='R') { num = parseFloat(val);
if (isNaN(val)) errors+='- '+nm+' must contain a number.\n';
if (test.indexOf('inRange') != -1) { p=test.indexOf(':');
min=test.substring(8,p); max=test.substring(p+1);
if (num<min || max<num) errors+='- '+nm+' must contain a number between '+min+' and '+max+'.\n';
} } } else if (test.charAt(0) == 'R') errors += '- '+nm+' is required.\n'; }
} if (errors) alert('The following error(s) occurred:\n'+errors);
document.MM_returnValue = (errors == '');
}
//-->
</script>
</head>
<body>
<form action="<?php echo $editFormAction; ?>" method="POST" name="form1" onSubmit="MM_validateForm('usr_login','','R','usr_email','','RisEmail','usr_pass','','R');return document.MM_returnValue">
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td>Login Name</td>
<td><input name="usr_login" type="text" id="usr_login"></td>
</tr>
<tr>
<td>Email Address </td>
<td><input name="usr_email" type="text" id="usr_email"></td>
</tr>
<tr>
<td>Password</td>
<td><input name="usr_pass" type="password" id="usr_pass"></td>
</tr>
<tr>
<td>Real Name </td>
<td><input name="usr_name" type="text" id="usr_name"></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="Register"></td>
</tr>
</table>
<input type="hidden" name="MM_insert" value="form1">
</form>
</body>
</html>
Next page I call: validate.php
Code: Select all
<?php require_once('Connections/registerconfig.php'); ?>
<?php
session_start();
$colname_rstUser = "1";
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "tinyint":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
if ($_POST['valcode']==$_SESSION['valcode']) {
$updateSQL = sprintf("UPDATE phpwcms_user SET usr_aktiv=1, user_level=1 WHERE user_hash=%s",
GetSQLValueString($_POST['user_hash'], "text"));
mysql_select_db($database_name, $name);
$Result1 = mysql_query($updateSQL, $name) or die(mysql_error());
$updateGoTo = "index.php";
if (isset($_SERVER['QUERY_STRING'])) {
$updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
$updateGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $updateGoTo));
} else {
header(sprintf("Location: validate.php?hash=%s",$_POST['user_hash']));
}
}
if (isset($_GET['hash'])) {
$colname_rstUser = (get_magic_quotes_gpc()) ? $_GET['hash'] : addslashes($_GET['hash']);
}
mysql_select_db($database_db name, $name);
$query_rstUser = sprintf("SELECT usr_login, user_level FROM phpwcms_user WHERE user_hash = '%s'", $colname_rstUser);
$rstUser = mysql_query($query_rstUser, $name) or die(mysql_error());
$row_rstUser = mysql_fetch_assoc($rstUser);
$totalRows_rstUser = mysql_num_rows($rstUser);
$_SESSION['valcode'] = sprintf("%04d",mt_rand(1,9999));
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Validation Set</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<?php if ($totalRows_rstUser == 0) { // Show if recordset empty ?>
<p>The has you</p>
<?php } // Show if recordset empty ?>
<p> </p>
<?php if ($totalRows_rstUser > 0) { // Show if recordset not empty ?>
<?php if ($row_rstUser['user_level']==0) { // Select between validated or not ?>
<p>Welcome <?php echo $row_rstUser['usr_login']; ?>, To continue validating your account please enter the number
shown below into the box provided and click on Next to continue: </p>
<form name="form1" method="POST" action="<?php echo $editFormAction; ?>">
<img src="valimage.php" width="45" height="20">
<input name="valcode" type="text" id="valcode">
<input name="user_hash" type="hidden" id="user_hash" value="<?php echo $_GET['hash']; ?>">
<input type="submit" name="Submit" value="Next">
<input type="hidden" name="MM_update" value="form1">
</form>
<?php } else { ?>
<p>Your account has already been validated. If you have forgotten your password,
please click here to have your password reset and emailed to you.</p>
<?php } // Select between validated or not ?>
<?php } // Show if recordset not empty ?>
<p> </p>
</body>
</html>
<?php
mysql_free_result($rstUser);
?>
Next page I call: valimage.php
Code: Select all
<?php session_start();
$im = imagecreate(45,20);
$im = imagecreate(45,20);
$blue = imagecolorallocate($im, 0, 0, 255);
$grey = imagecolorallocate($im, 153, 153, 153);
$dblue = imagecolorallocate($im, 0, 0, 153);
$x = 5; $w = imagefontwidth(5);
$range = 20 - imagefontheight(5);
for ($i=4; $i<=39; $i=$i+5) {
imageline($im, $i, 0, $i, 19, $dblue);
}
for ($i=4; $i<=14; $i=$i+5) {
imageline($im, 0, $i, 44, $i, $dblue);
}
for ($i=0;$i<strlen($_SESSION['valcode']);$i++) {
imagestring($im, 5, $x, mt_rand(0,$range), $_SESSION['valcode'][$i], $grey);
$x += $w;
}
header("Content-type: image/png");
imagepng($im);
imagedestroy($im);
?>
and finaly: thanks.php
Code: Select all
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
.style2 {
font-size: 10px;
font-weight: bold;
}
-->
</style>
</head>
<body>
<p>Thank you for Registering for Your Site Here.</p>
<p>Please check your email for a message from us to validate your e-mail address.</p>
<p>Support Team<br>
Your Site.com </p>
</body>
</html>
I Place the above images in the root of my phpwcms install directory.
The final file is: registerconfig.php
Code: Select all
<?php
# FileName="Connection_php_mysql.htm"
# Type="MYSQL"
# HTTP="true"
$hostname_name = "localhost";
$database_name = "db name";
$username_name = "db username";
$password_name = "db password";
$dbname = mysql_pconnect($hostname_name, $username_name, $password_name) or trigger_error(mysql_error(),E_USER_ERROR);
?>
You will ofcourse have to add a few things to your phpwcms_user table in order to work.
I am sure it needs work due to all the hard coding of database "name" through out the pages but hey, dreamweaver did all the work
Thanks to all