Alright so for some reason, Im always getting that email already exists if it doesnt.
public function emailExists($mail) {
$handler = new sql();
$sql = $handler->connect();
$sql->real_escape_string($mail);
$result = $sql->query("SELECT email FROM users WHERE email='".$mail."'");
if($result->num_rows != 0) return true;
else {
$handler->log_write($mail, "register_fail","NULL");
return false;
}
$sql->close();
return false;
}
Now here is the check
if($user->emailExists() == false) {
$user->create($name, $pass, $email, $age, $gender);
jquery_alert("You have been registered. Thank you for using our services. Enjoy your stay!");
jquery_reload();
}
else {
jquery_alert("This email already exists");
}
Pass email address as argument in method.
if($user->emailExists($email) == false) {
// your code here
}
In your function your returning default value is false
And Also Pass email address in your method.
Try this solution
if($user->emailExists($email) == true) {
$user->create($name, $pass, $email, $age, $gender);
jquery_alert("You have been registered. Thank you for using our services. Enjoy your stay!");
jquery_reload();
}
else {
jquery_alert("This email already exists");
}
Related
I have setup a pdo connection and pass that as a variable into a function. This all works fine and the function returns correctly. If I run the function in a conditional statement with the PDO variable and a name it runs correctly - if name is in database it echos correctly if not then it also echos correctly. What I want to do is to pass the value of a form post to the function so that it checks to see if it exists in the database. Here is my code:
The function checks to see if the column count is one.
function user_exists($pdo, $username) {
$stmt = $pdo->prepare('SELECT COUNT(uid) FROM users WHERE username = :username');
$stmt->execute(['username' => $username]);
$result = $stmt->fetchColumn();
return ($result == 1);
}
If the admin user exists in the database echo 'exists' - Just for testing.
if(user_exists($pdo,'admin') == true) {
echo "exists";
} else {
echo "doesnt exist";
}
Checks to see of both fields have been entered then I want it to check if the username entered is in the database, but I am doing something wrong.
if(!empty($_POST) === true) {
$username = $_POST['username'];
$pwood = $_POST['password'];
if(empty($username) === true || empty($pwood) === true) {
echo "You need to enter a username and password";
} else if (user_exists($pdo,$_POST['username']) == false){
echo 'We can\'t find that username. Please try again or register';
}
}
Better don't compare with bool values, just use
//...see below
require_once('UserRepository.php');
$ur = new UserRepostory($pdo);
if(!empty($_POST)) {
if (empty($username) || empty($pwood)) {
// something
} else if (!$ur->exists($_POST['username'])) { // your user_exists($pdo, $username) works fine, too
// something else
}
}
Especially the initial if(!empty($_POST) === true) { is hard to read and lead to errors 'cause of misunderstood operator priority.
Update based on the comments above, here is an example with a class:
// UserRepository.php
class UserRepository {
private $pdo;
// '\PDO' instead of 'PDO', see PHP Namespacing
public function __construct (\PDO $pdo)
{
$this->pdo = $pdo;
}
public function exists($username)
{
$sql = 'SELECT COUNT(uid) FROM users WHERE username = :username');
$stmt = $this->pdo->prepare($sql);
$stmt->execute(['username' => $username]);
$result = $stmt->fetchColumn();
return (bool) $result;
}
}
Hi guys i have loging via email , and i want to add login via email.
When i add (login=:login OR) in sql query, i got bug you can login by any password.
Here some code :
public function login($login,$upass)
{
try {
$stmt = $this->conn->prepare("SELECT * FROM Klient WHERE login=:login OR email=:login LIMIT 1");
$stmt->execute(array(':login' => $login));
$userRow = $stmt->fetch(PDO::FETCH_ASSOC);
if ($stmt->rowCount() == 1) {
if ($userRow['userStatus'] == "Y") {
if ($userRow['haslo'] = $upass) {
$_SESSION['userSession'] = $userRow['idKlient'];
return true;
} else {
header("Location: index.php?error");
exit;
}
} else {
header("Location: index.php?inactive");
exit;
}
} else {
header("Location: index.php?error");
exit;
}
} catch (PDOException $ex) {
echo $ex->getMessage();
}
}
EDIT:
i'm trying to add password_hash(), but when i login in my website is going down.
i tried to add password hash but my website is going down when i login in.
public function login($login, $upass)
{
try {
$stmt = $this->conn->prepare("SELECT * FROM Klient WHERE login=:user_login OR email=:user_login");
$stmt->execute(array(":user_login" => $login));
$userRow = $stmt->fetch(PDO::FETCH_ASSOC);
if ($stmt->rowCount() == 1) {
if ($userRow['userStatus'] == "Y") {
if ( password_verify($upass, $userRow['haslo'])) {
$_SESSION['userSession'] = $userRow['idKlient'];
return true;
} else {
header("Location: index.php?error");
exit;
}
} else {
header("Location: index.php?inactive");
exit;
}
} else {
header("Location: index.php?error");
exit;
}
} catch (PDOException $ex) {
echo $ex->getMessage();
}
}
You need to change here add param for email also
$stmt->execute(array(':login' => $login,':email' => $login));
if ($userRow['haslo'] = $upass) {
You're giving $userRow['haslo'] the password, you need to check it with ===
And please, use hashing not plain-text, check password_hash
You could try something like:
$stmt = $this->conn->prepare("SELECT * FROM Klient WHERE login = :login: OR email = :email: LIMIT 1")
$stmt->execute(array('login' => $login, 'email' => $upass));
And my suggestion is that you check variables before exec, something like:
if(isset($login) && isset($upass)) {
...
}
Hope this helps, cheers!
Do not try to use the same named parameter twice in a single SQL statement, for example
<?php
$sql = 'SELECT * FROM some_table WHERE some_value > :value OR some_value < :value';
$stmt = $dbh->prepare($sql);
$stmt->execute( array( ':value' => 3 ) );
?>
...this will return no rows and no error -- you must use each parameter once and only once. Apparently this is expected behavior (according to this bug report: http://bugs.php.net/bug.php?id=33886) because of portability issues.
Hey :) So I'm trying to check if an user has already registered or not with their email address. The email is a unique field in the database. The problem I am having is when I am checking it, (if the email exists in the table it will return false and a message will be send to the user), num_rows() always returns false even if the email entered does not exist in the table;
I don't know if there is a problem with the post, but if I comment out the email part and register, it will work and if the email is a duplicate, the 1062 error will show.
the model funtion checkEmail()
$email_address = $this->input->post('email');
$this->db->where('email', $email_address);
$result = $this->db->get('user');
if($result->num_rows() > 0){
/*
* the email already exists
* */
return false;
}
and the controller:
$checkEmail = $this->f_model->checkEmail();
if(!$checkEmail){
/*
* if email exists
* */
$msg = '<font color=red>Email already registered.</font><br />';
$this->register($msg);
}
else {
$interest = $this->f_model->enter_register_details_01();
if(!$interest) {
$msg = '<font color=red>Password and Confirm Password do not match.</font><br />';
$this->register($msg);
}
else {
$data['msg'] = $msg;
$this->load->view("registration_view_02", array('interest' => $interest,
'message' => $data));
}
}
even if the table is empty, the message with "Email already registered" appears
Thank for your help.
in checkEmail() function add an else statement
$email_address = $this->input->post('email');
$this->db->where('email', $email_address);
$result = $this->db->get('user');
if($result->num_rows() > 0){
/*
* the email already exists
*
*/
return false;
}else{
return true;
}
So I'm trying to create some code that checks if a username is taken. I'm kind of half there and having trouble. I'm new to it and trying to learn how to do it & the code will be messy.
the jquery:
$('#signusername').keyup(function()
{
var username=$('#signusername').val();
if(username != ''){
$.post('username_check.php', {signusername :username}, function(result)
{
if(result==''){
$('.error').text('Avaliable');
} else{
$('.error').text('Taken');
}
}
);
}else{
$('.error').text('???');//this is the the only thing that outputs correctly
}
the php:
function checkUsername($signusername, $conn) {
$stmt = $conn->prepare("SELECT * FROM user_info where username= '".$signusername."'");
$stmt->bindParam(1, $signusername);
$stmt->execute();
if($stmt->rowCount() == 1) {
return TRUE;
}
};
if(isset($_POST['signusername']) && !empty($_POST['signusername'])){
$signusername= $_POST['signusername'];
checkUsername($signusername, $conn);
$result='';
if(checkUsername($signusername, $conn) == TRUE){
$result='';
}else{
$result='';
}
echo $result;
};
I use the same code to check if the username is taken when the form is submitted so I don't think that is the problem. I assume I'm doing something wrong with moving the username variable across? Hope you can help.
Check your console for syntex error }; remove semicolon after }
Also remove function calling two time and you sending result blank in both condition so send some response back to ajax in also fail condition
if(isset($_POST['signusername']) && !empty($_POST['signusername'])){
$signusername= $_POST['signusername'];
$result='';
if(checkUsername($signusername, $conn) == TRUE){
$result='user found';
}else{
$result='user not found';
}
echo $result;
}
Try this code
function checkUsername($signusername, $conn) {
$stmt = $conn->prepare("SELECT * FROM user_info where username= '".$signusername."'");
$stmt->bindParam(1, $signusername);
$stmt->execute();
if($stmt->rowCount() == 1) {
return TRUE;
}
return false;
};
if(isset($_POST['signusername']) && !empty($_POST['signusername'])){
$signusername= $_POST['signusername'];
$result = checkUsername($signusername, $conn);
if($result != TRUE){
$result='';
}else{
}
echo $result;
};
I've an member system now I've made when somebody register an account, he need to activate it by his email. He will receive an valid link in his inbox So for example:
activate.php?email=ipoon2#outlook.com&email_code=b5b90ae21e31229878d681680db16bdf This link is valid so when I go to this link, he activates the account succesfully.
You see after ?email= ipoon2#outlook.com So when I change that into ipodn2#outlook.com and the email_code is still the same, he cannot activate his account. He needs to receive an error like We cannot find that email, and when he changes the email_code He will receive an error like this problem activate your account
Thats the problem what I've got When I change the email I don't receive any error. Neither for email_code
I've a file that is called activate.php which this code is including:
<?php
} else if (isset($_GET['email'], $_GET['email_code']) === true) {
$email = urldecode(trim($_GET['email']));
$email_code = trim($_GET['email_code']);
$user = new User();
if(User::email_exists($email) === false) {
echo 'We cannot find that email'; // return error doesn't show up
} else if (User::activate($email, $email_code) === false) {
echo 'problem activate your account'; // return error doesn't show up
}
}
?>
Also I've 2 functions made, there are in the class file User.php
public function email_exists($email) {
require './config.php';
$email = urldecode(trim($_GET['email']));
$sql_30 = $db->query("SELECT COUNT(id) FROM users WHERE email = '$email'");
if ($sql_30->fetch_object() === true) {
return true;
} else if ($sql_30->fetch_object() === false) {
return false;
}
}
public function activate($email, $email_code) {
require './config.php';
$email = urldecode($email);
$email_code = $db->real_escape_string($email_code);
$sql_33 = $db->query("SELECT COUNT(`id`) FROM `users` WHERE `email` = '$email' AND `email_code` = '$email_code' AND `group` = 0");
if ($sql_33->fetch_object()) {
$db->query("UPDATE `users` SET `group` = 1 WHERE `email` = '$email' AND `email_code` = '$email_code'");
return true;
} else {
return false;
}
}
To me, your email_exists() and activate() are wrong.
if ($sql_30->fetch_object() === true) {
return true;
} else if ($sql_30->fetch_object() === false) {
return false;
}
From the php documentation of mysqli_result::fetch_object :
Returns an object with string properties that corresponds to the fetched row or NULL if there are no more rows in resultset. So your test must be :
if ($sql_30->fetch_object() !== NULL) {
return true;
}
return false;
I guess it should solve your problem.