I know that similar questions to mine have been asked here. I have searched but they are not very relevant to my problem and the solution I am seeking for.
I have this PHP script that I am using for member registration on my website. It is meant to only send a confirmation/verification email to the registrant, but I want it to also send a notification email to me, the admin, that someone has registered with their information. I don't know how to go about achieving this.
Here is the code:
<?php
include 'dbc.php';
$err = array();
if($_POST['doRegister'] == 'Register')
{
foreach($_POST as $key => $value) {
$data[$key] = filter($value);
}
require_once('recaptchalib.php');
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
die ("<h3>Image Verification failed!. Go back and try again.</h3>" .
"(reCAPTCHA said: " . $resp->error . ")");
}
if(empty($data['first_name']) || strlen($data['first_name']) < 4)
{
$err[] = "ERROR - Please enter your first name";
//header("Location: register.php?msg=$err");
//exit();
}
if(empty($data['last_name']) || strlen($data['last_name']) < 4)
{
$err[] = "ERROR - Please enter your last name";
//header("Location: register.php?msg=$err");
//exit();
}
if(empty($data['tel']) || strlen($data['tel']) < 6)
{
$err[] = "ERROR - Please enter your phone number";
//header("Location: register.php?msg=$err");
//exit();
}
if(empty($data['address']) || strlen($data['address']) < 6)
{
$err[] = "ERROR - Please enter your contact address";
//header("Location: register.php?msg=$err");
//exit();
}
if(empty($data['city']) || strlen($data['city']) < 3)
{
$err[] = "ERROR - Please enter your city of residence";
//header("Location: register.php?msg=$err");
//exit();
}
if(empty($data['state']) || strlen($data['state']) < 3)
{
$err[] = "ERROR - Please enter your state of residence";
//header("Location: register.php?msg=$err");
//exit();
}
if(empty($data['country']) || strlen($data['country']) < 3)
{
$err[] = "ERROR - Please choose your country of residence";
//header("Location: register.php?msg=$err");
//exit();
}
if(empty($data['birth_date']) || strlen($data['birth_date']) > 10)
{
$err[] = "ERROR - Please choose your date of birth";
//header("Location: register.php?msg=$err");
//exit();
}
if(empty($data['gender']) || strlen($data['gender']) < 4)
{
$err[] = "ERROR - Please enter your gender";
//header("Location: register.php?msg=$err");
//exit();
}
if(empty($data['description']) || strlen($data['description']) < 10)
{
$err[] = "ERROR - Please describe yourself";
//header("Location: register.php?msg=$err");
//exit();
}
// Validate User Name
if (!isUserID($data['user_name'])) {
$err[] = "ERROR - Invalid user name. It can contain alphabet, number and underscore.";
//header("Location: register.php?msg=$err");
//exit();
}
// Validate Email
if(!isEmail($data['usr_email'])) {
$err[] = "ERROR - Invalid email address.";
//header("Location: register.php?msg=$err");
//exit();
}
// Check User Passwords
if (!checkPwd($data['pwd'],$data['pwd2'])) {
$err[] = "ERROR - Invalid Password or mismatch. Enter 6 chars or more";
//header("Location: register.php?msg=$err");
//exit();
}
$user_ip = $_SERVER['REMOTE_ADDR'];
// stores sha1 of password
$sha1pass = PwdHash($data['pwd']);
// Automatically collects the hostname or domain like example.com)
$host = $_SERVER['HTTP_HOST'];
$host_upper = strtoupper($host);
$path = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
// Generates activation code simple 4 digit number
$activ_code = rand(1000,9999);
$usr_email = $data['usr_email'];
$user_name = $data['user_name'];
/************ USER EMAIL CHECK ************************************
This code does a second check on the server side if the email already exists. It
queries the database and if it has any existing email it throws user email already exists
*******************************************************************/
$rs_duplicate = mysql_query("select count(*) as total from users where user_email='$usr_email' OR user_name='$user_name'") or die(mysql_error());
list($total) = mysql_fetch_row($rs_duplicate);
if ($total > 0)
{
$err[] = "ERROR - The username/email already exists. Please try again with different username and email.";
//header("Location: register.php?msg=$err");
//exit();
}
/***************************************************************************/
if(empty($err)) {
$sql_insert = "INSERT into `users`
(`first_name`,`last_name`,`user_email`,`pwd`,`tel`,`address`,`city`,`state`,`birth_date`,`gender`,`description`,`date`,`users_ip`,`activation_code`,`country`,`user_name`
)
VALUES
('$data[first_name]','$data[last_name]','$usr_email','$sha1pass','$data[tel]','$data[address]','$data[city]','$data[state]','$data[birth_date]','$data[gender]','$data[description]'
,now(),'$user_ip','$activ_code','$data[country]','$user_name'
)
";
mysql_query($sql_insert,$link) or die("Insertion Failed:" . mysql_error());
$user_id = mysql_insert_id($link);
$md5_id = md5($user_id);
mysql_query("update users set md5_id='$md5_id' where id='$user_id'");
// echo "<h3>Thank You</h3> We received your submission.";
if($user_registration) {
$a_link = "
*****ACTIVATION LINK*****\n
http://$host$path/activate.php?user=$md5_id&activ_code=$activ_code
";
} else {
$a_link =
"Your account is *PENDING APPROVAL* and will be soon activated by the administrator.
";
}
$message =
"Hello $data[first_name] $data[last_name], \n
Thank you for your interest in Kisil Entertainment Network. Either you or someone representing you submitted your registration details on our website; http://$host$path. If you neither submitted nor authorized anyone to submit on your behalf, please kindly ignore and immediately delete this message. If you either submitted or authorized someone to submit on your behelf, click on the link below to activate your account and complete your registeration with Kisil Entertainment Network. Here are your login details...\n
User ID: $user_name
Email: $usr_email \n
Passwd: $data[pwd] \n
Click on this link to activate your account $a_link.
If you cannot click on the link, go to http://$host$path/activate.php and paste this activation code: $activ_code into the activation box.
You are welcome to the Kisil Entertainment Network family.
Kind regards,
Kisil Entertainment Network
http://$host$path
Nigeria's No.1 Entertainment Network. /n
______________________________________________________
NOTE: THIS IS AN AUTOMATICALLY GENERATED RESPONSE.
***DO NOT REPLY TO THIS EMAIL****
";
send_mail( 'Kisil Entertainment Network.<noreply#kisilentertainmentnetwork.com>',
$usr_email,
'Activate your account',
$message);
header("Location: thankyou.php");
exit();
}
}
foreach($_GET as $key => $value) {
$get[$key] = filter($value); //get variables are filtered.
}
if ($_POST['doLogin']=='Login')
{
foreach($_POST as $key => $value) {
$data[$key] = filter($value); // post variables are filtered
}
$user_email = $data['usr_email'];
$pass = $data['pwd'];
if (strpos($user_email,'#') === false) {
$user_cond = "user_name='$user_email'";
} else {
$user_cond = "user_email='$user_email'";
}
$result = mysql_query("SELECT `id`,`pwd`,`first_name`,`last_name`,`approved`,`user_level` FROM users WHERE
$user_cond
AND `banned` = '0'
") or die (mysql_error());
$num = mysql_num_rows($result);
// Match row found with more than 1 results - the user is authenticated.
if ( $num > 0 ) {
list($id,$pwd,$first_name,$last_name,$approved,$user_level) = mysql_fetch_row($result);
if(!$approved) {
//$msg = urlencode("Account not activated. Please check your email for activation code");
$err[] = "Account not activated. Please check your email for activation code";
//header("Location: login.php?msg=$msg");
//exit();
}
//check against salt
if ($pwd === PwdHash($pass,substr($pwd,0,9))) {
if(empty($err)){
// this sets session and logs user in
session_start();
session_regenerate_id (true); //prevent against session fixation attacks.
// this sets variables in the session
$_SESSION['user_id']= $id;
$_SESSION['user_name'] = $first_name;
$_SESSION['user_level'] = $user_level;
$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
//update the timestamp and key for cookie
$stamp = time();
$ckey = GenKey();
mysql_query("update users set `ctime`='$stamp', `ckey` = '$ckey' where id='$id'") or die(mysql_error());
//set a cookie
if(isset($_POST['remember'])){
setcookie("user_id", $_SESSION['user_id'], time()+60*60*24*COOKIE_TIME_OUT, "/");
setcookie("user_key", sha1($ckey), time()+60*60*24*COOKIE_TIME_OUT, "/");
setcookie("user_name",$_SESSION['user_name'], time()+60*60*24*COOKIE_TIME_OUT, "/");
}
header("Location: myaccount.php");
}
}
else
{
//$msg = urlencode("Invalid Login. Please try again with correct user email and password. ");
$err[] = "Invalid Login. Please try again with correct user email and password.";
//header("Location: login.php?msg=$msg");
}
} else {
$err[] = "Error - Invalid login. No such user exists";
}
}
?>
Just add your mail id in BCC of php mail script. Then you receive mail for user registration.
Related
How do I create cookies which save the user agent and it's IP address at my login page. When I login, it will be save into my database row as IP and Agent. The login page match the current IP and Agent to with database saved data.
If data match login success else redirect to abcd.com.
Here I can make this code but I not under how to add cookies please help and try to make this.
My code is below:
<?php
$msg = "";
if (isset($_POST['submit'])) {
$con = new mysqli('localhost', 'research_emailC', 'test123', 'research_phpEmailConfirmation');
$email = $con->real_escape_string($_POST['email']);
$password = $con->real_escape_string($_POST['password']);
if ($email == "" || $password == "")
$msg = "Please check your inputs!";
else {
$sql = $con->query("SELECT id, password, isEmailConfirmed FROM users WHERE email='$email'");
if ($sql->num_rows > 0) {
$data = $sql->fetch_array();
if (password_verify($password, $data['password'])) {
if ($data['isEmailConfirmed'] == 0)
$msg = "Please verify your email!";
else {
$msg = "You have been logged in";
}
} else
$msg = "Please check your inputs!";
} else {
$msg = "Please check your inputs!";
}
}
}
?>
I'm having this problem where I have a registration form and I am using PHP and MySQL. The problem is that even when all the data is valid it wont enter the information into the database. I know the database is connected because I can use it with the login part of my website. I think it is the problem with the email and username cross check against the database but I am not sure. Is the positioning of the curly braces or alot more complex?
<?php
include_once('db.php');
$name = mysql_real_escape_string( $_POST["name"] );
$username = mysql_real_escape_string( ($_POST["username"]) );
$password = mysql_real_escape_string( md5 ($_POST["password"]) );
$repeatpassword = mysql_real_escape_string( $_POST['repeatpassword'] );
$email = mysql_real_escape_string( $_POST["email"] );
$confirmemail = mysql_real_escape_string( $_POST['confirmemail'] );
// the below if statement is for when the user does NOT have JS enabled in their browser
if(empty($name) || empty($username) || empty($password) || empty($email)){
echo "(*) indicate that the fields are mandatory.";
exit();
}
if($email == $confirmemail){
exit();
}else{
echo "Your Email address does not match.";
}
if($email == $repeatpassword){
exit();
}else{
echo "Your Passwords do not match.";
exit();
}
$res = mysql_query("SELECT username FROM users WHERE username='$username'");
$row = mysql_fetch_row($res);
$res1 = mysql_query("SELECT email FROM users WHERE email='$email'");
$row1 = mysql_fetch_row($res1);
if( $row > 0 ){
echo nl2br("The username $username is already in use");
}else{
if( $row1 > 0 ){
echo nl2br("the email address $email is already in use");
}else{
$sql = "INSERT INTO users VALUES('','$name', '$username', '$password', '$email')";
if( mysql_query($sql) ){
echo "Inserted Successfully";
}else{
echo "Insertion Failed";
}
}
}
?>
if($email == $confirmemail) {
exit();
}
else {
echo "Your Email address does not match.";
}
So what you're doing in the above code is "if email and confirmation email are the same, stop the script execution else print out 'Your Email address does not match.' and continue execution".
if ($email == $repeatpassword) {
exit();
}
else {
echo "Your Passwords do not match.";
exit();
}
And here you are saying if "email and repeatpassword are the same (???), stop script execution else print out 'Your Passwords do not match.' and also stop script execution".
So because of this logic obviously you never reach the code to insert data to database.
I am working on a simple registration system and after hours of research am still stuck.
If my database is clear (I delete any rows in the table), and I submit the form, it sends a validation email and activates and allows me to login.
If I try to create another account with the same email, I am not getting my error message like I should be, telling the user "the email has already been registered." It just takes me to a blank page, even if I use a new email address after the first row has been created.
When I look at my table, the row created by the form (the first time) has the auto-inc ID which is right, the username is input into the row, but password, email, and activation all say '0'.
Can anyone see where the error is in my code? I need the code to verify that the email entered isn't already used, and if it is, to display the errormessage. If it isn't, it should be creating a new row in the table with the information.
I know I need to hash the password. I'm just trying to get the information in the table right before I proceed with security.
index.php
<?php
include 'sessions.php';
if(isset($_SESSION['errormessage'])){
echo ($_SESSION['errormessage']);
unset ($_SESSION['errormessage']);
}
?>
<html>
<head>
<title>Registration Form</title>
</head>
<body>
<form name="newForm" method="post" action="createaccount.php">UserName:
<input type="text" name="newUserName" size="15" maxlength="15">
<br>Password:
<input type="password" name="newPass1" size="15">
<br>Confirm Password:
<input type="password" name="newPass2" size="15">
<br>Email:
<input type="email" name="newEmail" size="15">
<br>
<input type="submit" name="newSubmit">
<input type="reset" name="newReset">
</p>
</form>
<hr>
<form name="newForm" method="post" action="login.php">
<strong>Already Registered? Login Here:</strong>
<br>
UserName:
<input type="text" name="UserName" size="15" maxlength="15">
<br>Password:
<input type="password" name="Pass1" size="15">
<br>
<input type=submit name=SubmitButton value=Submit>
<input type=reset name=ResetButton value=Clear>
</form>
</body>
</html>
createaccount.php
<?php
include ('sessions.php');
include ('database_connection.php');
//function to test password
function passwordStrength($pwd) {
//test for at least 8 characters
if (strlen($pwd) < 8) {
return false;
}
//test for max length
if (strlen($pwd) > 16) {
return false;
}
//test to see if password contains number
if(!preg_match("#[0-9]+#", $pwd)) {
return false;
}
//test to see if password has capital letter
if(!preg_match("#[A-Z]+#", $pwd)) {
return false;
}
//test to see if password has a lowercase letter
if(!preg_match("#[a-z]+#", $pwd)) {
return false;
}
//test to see if password has special character
if(!preg_match("#[^0-9A-Za-z]#", $pwd)) {
return false;
}
//test to see if password contains a space
if (strpos($pwd, ' ') > 0) {
return false;
}
else {
return true;
}
return true;
}
if(isset($_POST['newSubmit'])){
if(empty($_POST['newUserName'])) {
$_SESSION['errormessage'] = "Please enter a username!";
header("Location: index.php");
}
else if (strlen($_POST['newUserName']) < 4) {
$_SESSION['errormessage'] = "Username is too short!";
header("Location: index.php");
} else if(strlen($_POST['newUserName']) > 16) {
$_SESSION['errormessage'] = "Username is too long!";
header("Location: index.php");
} else if(empty($_POST['newPass1'])) {
$_SESSION['errormessage'] = "You must enter a password!";
header("Location: index.php");
} else if(empty($_POST['newPass2'])) {
$_SESSION['errormessage'] = "You must confirm your password!";
header("Location: index.php");
} else if($_POST['newPass1'] !== $_POST['newPass2']) {
$_SESSION['errormessage'] = "Passwords do not match!";
header("Location: index.php");
} else if(!passwordStrength($_POST['newPass1'])) {
$_SESSION['errormessage'] = "Password does not meet requirements!";
header("Location: index.php");
} else if(empty($_POST['newEmail'])) {
$_SESSION['errormessage'] = "Must enter an email address!";
header("Location: index.php");
} else {
$Email = $_POST['newEmail'];
$name = $_POST['newUserName'];
$Password = $_POST['newPass1'];
//echo "All fields accepted!";
//$pwd = $_POST['newPass1'];
//echo hash("sha256", $pwd);
// Make sure the email address is available:
$query_verify_email = "SELECT * FROM userDB WHERE email ='$Email'";
$result_verify_email = mysqli_query($db, $query_verify_email);
if (!$result_verify_email) {//if the Query Failed ,similar to if($result_verify_email==false)
$_SESSION['errormessage'] = "Sorry, that email address has already been registered!<br />If you already have an account, login below.<br /><br />";
header("Location: index.php");
}
if (mysqli_num_rows($result_verify_email) == 0) { // IF no previous user is using this email .
// Create a unique activation code:
$activation = md5(uniqid(rand(), true));
$query_insert_user = "INSERT INTO `userDB` ( `username`, `email`, `password`, `activation`) VALUES ( '$name', '$Email', '$Password', '$activation')";
$result_insert_user = mysqli_query($db, $query_insert_user);
if (!$result_insert_user) {
echo 'Query Failed ';
}
if (mysqli_affected_rows($db) == 1) { //If the Insert Query was successfull.
//send the email
$to = $_POST['newEmail']; // this is your Email address
$from = "mtshort87#gmail.com"; // this is the sender's Email address
$subject = "Account Succesfully Created";
$message = "Thank you for creating an account. Please activate it now using the link below!";
$message2 = "http://cts.gruv.org/short/form/activate.php?username=".$_POST['newUserName']."\n";
$headers = "From:" . $from;
$headers2 = "From:" . $to;
mail($to,$subject,$message2,$message,$headers);
mail($from,$subject,$message2,$message,$headers); // sends a copy of the message to the sender
$_SESSION['errormessage'] = "A confirmation e-mail has been sent to you. Please activate your account to login.";
header("Location: index.php");
}
mysqli_close($db);//Close the DB Connection
}
}
}
activate.php
<?php
include 'sessions.php';
include 'database_connection.php';
if (isset($_GET['Email']) && preg_match('/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*#([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/', $_GET['Email']))
{
$email = $_GET['Email'];
}
if (isset($_GET['key']) && (strlen($_GET['key']) == 32))//The Activation key will always be 32 since it is MD5 Hash
{
$key = $_GET['key'];
}
if (isset($Email) && isset($key))
{
// Update the database to set the "activation" field to null
$query_activate_account = "UPDATE userDB SET activation=NULL WHERE(email ='$Email' AND activation='$key')LIMIT 1";
$result_activate_account = mysqli_query($db, $query_activate_account) ;
// Print a customized message:
if (mysqli_affected_rows($db) == 1)//if update query was successfull
{
echo '<div class="success">Your account is now active. You may now Log in</div>';
} else
{
echo '<div class="errormsgbox">Oops !Your account could not be activated. Please recheck the link or contact the system administrator.</div>';
}
mysqli_close($db);
} else {
echo '<div class="errormsgbox">Error Occured .</div>';
}
?>
If any more information is requested I will edit this post.
$query_verify_email = "SELECT * FROM userDB WHERE email ='$Email'";
$result_verify_email = mysqli_query($db, $query_verify_email);
if (!$result_verify_email) {//if the Query Failed ,similar to if($result_verify_email==false)
$_SESSION['errormessage'] = "Sorry, that email address has already been registered!<br />If you already have an account, login below.<br /><br />";
header("Location: index.php");
}
http://php.net/manual/en/mysqli.query.php
Returns FALSE on failure. For successful SELECT, SHOW, DESCRIBE or
EXPLAIN queries mysqli_query() will return a mysqli_result object. For
other successful queries mysqli_query() will return TRUE.
Since you are using a correct SQL select statement, mysqli_query will return a mysqli_result object.
There is a num_rows attribute in mysqli_result that indicates the number of rows found. You can use it to check if there is a record with that email.
Always use LIMIT 1 when you expect 1 result.
FIX:
$query_verify_email = "SELECT * FROM userDB WHERE email ='$Email' LIMIT 1";
$result_verify_email = mysqli_query($mysqli, $query_verify_email);
if (is_object($result_verify_email) && $result_verify_email->num_rows > 0) {
echo "Email already exists";
}
Hello Guys i am new to php, So please be gentle. I have admin login page. When i try to login its get executed but shows a message "Couldn't Execute the select query". Please tell me where is the mistake here. . below are the codes
<?php
require_once("config.php");
$err = array();
foreach($_GET as $key => $value) {
$get[$key] = filter($value); //get variables are filtered.
}
if ($_POST['doLogin']=='Sign In') {
foreach($_POST as $key => $value) {
$data[$key] = filter($value); // post variables are filtered
}
$user_name = $data['adminuser'];
$pass = $data['adminpass'];
if($user_name != "" && $pass != ""){
$query = sprintf("SELECT id, username, password, status FROM user WHERE username = '%s'", mysql_real_escape_string($user_name));
$sql = mysql_query($query) or die("Couldn't Execute the select query");
$num = mysql_num_rows($sql);
// Match row found with more than 1 results - the user is authenticated.
if ( $num > 0 ) {
list($id,$username,$pwd,$status) = mysql_fetch_row($sql);
if(!$status) {
//check against salt
if ($pwd === PwdHash($pass,substr($pwd,0,9))) {
if(empty($err)){
// this sets session and logs user in
//session_start();
//session_regenerate_id (true); //prevent against session fixation attacks.
// this sets variables in the session
$_SESSION['user_id']= $id;
$_SESSION['user_name'] = $username;
$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
//update the timestamp and key for cookie
$stamp = time();
$ckey = GenKey();
mysql_query("update user set `ctime`='$stamp', `ckey` = '$ckey' where id='$id'") or die(mysql_error());
//set a cookie
if(isset($_POST['rememberme'])){
setcookie("user_id", $_SESSION['user_id'], time()+60*60*24*COOKIE_TIME_OUT, "/");
setcookie("user_key", sha1($ckey), time()+60*60*24*COOKIE_TIME_OUT, "/");
setcookie("user_name",$_SESSION['user_name'], time()+60*60*24*COOKIE_TIME_OUT, "/");
}
header("Location:career.php");
}
} else {
//$msg = urlencode("Invalid Login. Please try again with correct user email and password. ");
$err[] = "Invalid Login. Please try again with correct user name and password.";
//header("Location: login.php?msg=$msg");
}
} else {
$err[] = "Account not activated. Please check with Admin";
}
} else {
$err[] = "Error - Invalid login. No such user exists";
}
} else {
$err[] = "Error - All fields are required";
}
}
?>
I am trying to input a check-box for terms and conditions in a form, but when I registered the form without ticking the box the registration went through , (which was not suppose to be). Please help have a look.
<?php
echo "<h2>Register</h2>";
$submit = $_POST['register'];
//form data
$fullname = mysql_real_escape_string(htmlentities(strip_tags($_POST['fullname'])));
$username = strtolower(mysql_real_escape_string(htmlentities(strip_tags($_POST['username']))));
$password = mysql_real_escape_string(htmlentities(strip_tags($_POST['password'])));
$repeatpassword = mysql_real_escape_string(htmlentities(strip_tags($_POST['repeatpassword'])));
$email = mysql_real_escape_string(htmlentities(strip_tags($_POST['email'])));
$houseno = mysql_real_escape_string(htmlentities(strip_tags($_POST['houseno'])));
$addressa = mysql_real_escape_string(htmlentities(strip_tags($_POST['addressa'])));
$addressb = mysql_real_escape_string(htmlentities(strip_tags($_POST['addressb'])));
$addressc = mysql_real_escape_string(htmlentities(strip_tags($_POST['addressc'])));
$county = mysql_real_escape_string(htmlentities(strip_tags($_POST['county'])));
$state = mysql_real_escape_string(htmlentities(strip_tags($_POST['state'])));
$country = mysql_real_escape_string(htmlentities(strip_tags($_POST['country'])));
$accept = mysql_real_escape_string(htmlentities(strip_tags($_POST['accept'])));
if ($submit)
{
$namecheck = mysql_query("SELECT username FROM reusers WHERE username='$username'");
$count = mysql_num_rows($namecheck);
if($count!=0)
{
die("Username already taken!");
}
//check for registration form details
if ($fullname&&$username&&$password&&$repeatpassword&&$email&&$houseno&&$addressa&&$county&&$state&&$country)
{
if($accept!= 1)
{
if ($password==$repeatpassword)
{
//check char lenght of username and fullname
if (strlen($username)>25||strlen($fullname)>25)
{
echo "Lenght of username or fullname is too long";
}
else
{
//check password length
if(strlen($password)>25||strlen($password)<6)
{
echo"Password must be between 6 and 25 characters";
}
else
{
//check password length
$emailcheck = mysql_query("SELECT email FROM reusers WHERE email='$email'");
$ecount = mysql_num_rows($emailcheck);
if($ecount!=0)
{
echo"email already registered Please sign in into your account to continue";
}
else
{
//generate random code
$code = rand(11111111,99999999);
//send activation email
$to = $email;
$subject = "Activate your account";
$headers = "From: donotreply#reacheasy.co.uk";
$body = " Hello $fullname,\n\nUsername $username,\n\n Password $password ,\n\nYou registered `and need to activate your account. Click the link below or paste it into the URL bar of your browser\n\nhttp://reach.co.uk/activate.php?code=$code\n\nThanks!";
if (!mail($to,$subject,$body,$headers))
echo "We couldn't sign you up at this time. Please try again later.";
else
{
//register the user!
//encript password
$password = md5($password);
$repeatpassword = md5($repeatpassword);
$queryreg = mysql_query("
INSERT INTO reusers VALUES ('','$fullname','$username','$password','$email','$code','0','houseno','addressa','addressb','addressc','county','state','country')
");
die("You have been registered successfully! Please check your email ($email) to activate your account<a href='index.php'>Return to login page</a>");
}
}
}
}
}
else
echo"Your passwords do not match!";
}
else
echo"Please read and accept Terms and Conditions before registering!";
}
else
echo "Please fill in <b>all</> fields!";
}
?>
$accept = ($_POST['accept'] ? 1:0);
You must use
if($accept == 1)
because $_POST['accept'] = 1 when you check the checkbox.
Now return Please read and accept Terms and Conditions before registering! when checkbox is checked and register the user when checkbox is not checked.