Hey everyone,

So this is sort of complicated but I will try to make things as clear as possible. I have a registration page that processes all of the information and sends an automated email to the user with their username and password and a link to activate the account and includes the login page. However when user's click the link the message says "Your account has been activated" but when I log in using the log in credentials the email gives me, It gives me the message "Your account could not be activated!" How is this happening?

(in the activate.php, I have the variable being passed as "$doublecheck" which equals the query to UPDATE the table in my database and that variable is the integer of "1". However that integer is changed to "0" when passed through the if/else statement
checking if $doublecheck is == 0 or if $doublecheck > 0 ..)

<?php
session_start();

/* Account activation script */

// Get database connection
include 'membership_db.php';

// Create variables from URL.

$userid = $_REQUEST['id'];
$code = $_REQUEST['code'];

$sql = mysql_query("UPDATE users SET activated='1' WHERE userid='$userid' AND password='$code'");

$sql_doublecheck = mysql_query("SELECT * FROM users WHERE userid='$userid' AND password='$code' AND activated='1'") or die (mysql_error());
$doublecheck = mysql_num_rows($sql_doublecheck);

echo $doublecheck;

if($doublecheck == 0){
	echo "<strong><font color=red>Your account could not be activated!</font></strong>";
} elseif ($doublecheck > 0) {
	echo "<strong>Your account has been activated!</strong> You may login below!<br />";
	include 'logIn.php';
}

?>

Firstly (not related to your problem) but you shouldn't use $_REQUEST, use $_POST or $_GET (in you case $_GET) - read why.

I cannot see a reason why your code isn't working as it should but I see you are echoing $doublecheck - what value does that return.

In you if/else statement you don't need to use elseif, just if (and remove the ($doublecheck > 0).

@simplypixie, the first time $doublecheck is passed When I click the activation link in the automated email..$doublecheck == '1' but when I go to the login page that is included in the activate.php file, in the last part of the script, the variable $doublecheck is '0' ..I'm trying to figure out why it changes from a 1 to a 0, because that's what's causing the message "Your account could not be activated" to appear.

and I did as you suggested and I still get the same result :/

Are you absolutely sure that the database is being updated to activated=1 when the link in the email is clicked? It may be echoing pout but doesn't mean that the database is being updated as it should.

@simplepixie- yep, when I checked the database..the activated field is set to one..the database set me to one but it still out puts that message of "Your account could not be activated!"..

what I'm wondering is why when I click the link it outputs the first message of "Your account has been activated! You may login below!" and then when I log in with the credentials it the email gives me..it outputs the second message of "Your account could not be activated!"..I'm still on the activate.php through out the whole process by the way

What you say would possibly make sense so why not change your set up to have the activate.php as it is with a link underneath the message to a login page and start afresh (clearing out all submitted data from the email) and see if that works.

sorry, can you explain what you mean? by the way, I already have a log in script to redirect me to specific areas depending on user level

Rather than sending the user to activate.php from the email and displaying a login form there, just have a link to your normal login page.

@simplypixie, nope..still doesn't work..the variable still changes from a one to a 0 in the activate page.. :/

In which case I can only think that there is something else going on in the page, can you post all the code for the page.

@simplypixie, Do you mean the whole membership file process? including the database info?

Just all the php and html from the activate.php page

@simplepixie, ..that is all that is in the activate.php file...now the things that I "include" is the database connection and the login.php script..do you need that?

OK, as it stands you load in the login.php page. When people reach the activate page from the email, all is fine and works as expected. However when they login the whole page will be reloaded again and as there is no information being sent through to activate the user as in the first instance to populate the data in your query then no results are returned and you get your message about not being activated.

You either need to forward them to a separate login page after activation (as I have said before) or contain your activation code in an if statement so that the code only runs if the data has been sent through to the page from the email. Something like :

if (isset($_GET['userid']) && isset($_GET['code'])) {
$userid = $_GET['id'];
$code = $_GET['code'];

$sql = mysql_query("UPDATE users SET activated='1' WHERE userid='$userid' AND password='$code'");

$sql_doublecheck = mysql_query("SELECT * FROM users WHERE userid='$userid' AND password='$code' AND activated='1'") or die (mysql_error());
$doublecheck = mysql_num_rows($sql_doublecheck);

echo $doublecheck;

if($doublecheck == 0){
	echo "<strong><font color=red>Your account could not be activated!</font></strong>";
} elseif ($doublecheck > 0) {
	echo "<strong>Your account has been activated!</strong> You may login below!<br />";
}
if ($doublecheck > 0 || (!isset($_GET['id']) && !isset($_GET['code'])) {
include 'logIn.php';
}
}

This is not tested but hopefully you now understand what is causing your problem and a way to work around it.

..I understand the concept, however, it still doesn't work..now it just shows a blank page..activate.php

<?php

session_start();

if (isset($_GET['userid']) && isset($_GET['code'])) {
$userid = $_GET['id'];
$code = $_GET['code'];
 
$sql = mysql_query("UPDATE users SET activated='1' WHERE userid='$userid' AND password='$code'");
 
$sql_doublecheck = mysql_query("SELECT * FROM users WHERE userid='$userid' AND password='$code' AND activated='1'") or die (mysql_error());
$doublecheck = mysql_num_rows($sql_doublecheck);
 
echo $doublecheck;
 
if ($doublecheck > 0 || (!isset($_GET['id']) && !isset($_GET['code']))){
	echo "<strong><font color=red>Your account could not be activated!</font></strong>";
} elseif ($doublecheck > 0 || (isset($_GET['id']) && isset($_GET['code']))){
	echo "<strong>Your account has been activated!</strong> You may login below!<br />";
	include 'logIn.php';
}
}

?>

In your code lines 16 onwards are incorrect, please look at my code example from line 12 and you will see what I mean and change your code to match.

@simplypixie, ok, I did what you said and I changed my code to match and now it uploads to a blank activate.php page..

You need to look at the code more closely (and get into the habit) as I have just seen an error in my code in checking for $_GET when it should be $_GET.
Regardless of that, try the other way I suggested in just linking to the login page instead (not sure what your login page is called):

<?php
if (isset($_GET['id']) && isset($_GET['code'])) {
	
	$userid = $_GET['id'];
	$code = $_GET['code'];
	
	$sql = mysql_query("UPDATE users SET activated='1' WHERE userid='$userid' AND password='$code'");
	
	$sql_doublecheck = mysql_query("SELECT * FROM users WHERE userid='$userid' AND password='$code' AND activated='1'") or die (mysql_error());
	$doublecheck = mysql_num_rows($sql_doublecheck);
	
	if($doublecheck == 0){
		echo "<strong><font color=red>Your account could not be activated!</font></strong>";
	} else {
		echo "<strong>Your account has been activated!</strong> <a href \"login.php\">Please login</a>";
	}
	
}
?>

I haven't included the session_start(); as you aren't setting or using any session variables in the page as far as I can tell so it isn't required.

@simplypixie, ok, so when I get the automated email..with the link and my credentials to log in..I clicked the link and it told me my account was activated..and it included the logIn.php like it is supposed to but when I log in..it goes to a blank activate.php file..and it never leaves the php file to begin with when I click the link..just fyi

Sorry I don't know what you mean

@simplepixie, It's ok, I mean when I click the activation link..it reads the message the I have been activated as well as shows the login page..but when I "log in" with the credentials that the automated email gives me from registration..and when I click submit..the page goes blank..

You obviously aren't reading my replies and to be honest I now give up. I have given you the exact script to activate the user at your activate.php with a link to your login page to resolve your problem (what I have done is not including your login form which you apparently are still trying to do).

@simplypixie, actually I have listened to what you had advised me to do..I've used your script that you gave me..and at first I did redirect it to the login page that IS separate from the activate page but it won't do that..this is the error that shows under the text that says my account has been activated
"Warning: Cannot modify header information - headers already sent by (output started at /home/content/98/8447998/html/activate.php:19) in /home/content/98/8447998/html/activate.php on line 20"

<?php

include 'membership_db.php';
session_start();

if (isset($_GET['id']) && isset($_GET['code'])) {
 
	$userid = $_GET['id'];
	$code = $_GET['code'];
 
	$sql = mysql_query("UPDATE users SET activated='1' WHERE userid='$userid' AND password='$code'");
 
	$sql_doublecheck = mysql_query("SELECT * FROM users WHERE userid='$userid' AND password='$code' AND activated='1'") or die (mysql_error());
	$doublecheck = mysql_num_rows($sql_doublecheck);
 
	if($doublecheck == 0){
		echo "<strong><font color=red>Your account could not be activated!</font></strong>";
	} else {
		echo "<strong>Your account has been activated! Please login below</strong>";
		header('Location: logIn.php');
		exit;
	}
 
}
?>

so because it gave me that error, I tried to include it like I had before and it gave me the message that my account had been activated and included the login page..which is what I ultimately want..but when I try to log in..the error that I had at the beginning still occurs and also, I had taken the session_start out like you had said but I got an error telling me that I needed it..so I re added it..

@simplypixie, Ok, my apologies..I accidentally overlooked what you had put when you said link to the login page..I have done what you had suggested and now I get a wrong username and password error..should I post the login page script?

nevermind, problem solved!..thanks for all of the help @simplypixie!

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.