Member Avatar for Tehim

Basically I'm making a script that sends the user an email on register and they have to click a link in the email to activate their account.

But in my activate page their seems to be an error in my coding and I've checked it over but I can't find it. I'm sure I'm missing something.

There's no php error as such it's just echoing out the wrong thing and not executing the right thing.

Here's the code...

<?php

//start session
ob_start();
session_start();

//set variables from URL
$id = $_GET['id'];
$activationcode = $_GET['activationcode'];

//connect to the database
include_once"../../connect.php";

//if user already logged in, redirect to the members page
if(isset($_SESSION['username']) || isset($_SESSION['password'])){
	header("Location: /members");
}else{

//if variable(s) = NULL
if($id == NULL OR $activationcode == NULL){
$final_report.="Sorry there was an error in activating your account.";
}else{

//if the username doesn't exist, echo error
$check_id = mysql_query("SELECT * FROM `members` WHERE `id` = '$id'") or die(mysql_error());   
if(mysql_num_rows($check_id) != 1){
$final_report.="That user does not exist";
}else{

//if already activated, echo error
$get_user_data = mysql_fetch_array($check_id);
if($get_user_data['activated'] == 1){
$final_report.="It seems your account is already activated. Please <a href='/login'>Login</a>.";
}else{

//if activation code does not match, echo error

//THIS SEEMS TO BE WHERE THE ERROR IS
$get_user_data = mysql_fetch_array($check_id);
if($get_user_data['activationcode'] != $activationcode){
$final_report.="Sorry that activation code seems to be invaid.";
}else{
//THIS SEEMS TO BE WHERE THE ERROR IS^

//if activate user
$activate_user = mysql_query("UPDATE `members` SET activated='1' WHERE id='$id'");
$final_report.="Your account has been activated, now you may <a href='/login'>Login</a>.";
}}}}}
?>
<html>
<head>
<title>Activate account</title>
</head>

<body>

<?php
if(!isset($_GET['id']))
{
?>
Sorry there was an error in activating your account.
<?php
}
else
{
echo "".$final_report."";
}
?>
</body>
</html>

*Note I removed the unimportant html.
And I've checked the email send and the activation code does match the one in the database.


Hope you can help.

Thanks in advance,

- Tim.

  • 3 Contributors
  • 19 Replies
  • 368 Views
  • 2 Days Discussion Span
  • Latest Post Latest Post by Tehim
Member Avatar for kekkaishi

echo the actvtn code within the block to check.. u know just in case.

//THIS SEEMS TO BE WHERE THE ERROR IS
$get_user_data = mysql_fetch_array($check_id);

echo $get_user_data['activationcode'];
echo $activationcode;

if($get_user_data['activationcode'] != $activationcode){
$final_report.="Sorry that activation code seems to be invaid.";
}else{
//THIS SEEMS TO BE WHERE THE ERROR IS^
Member Avatar for Tehim

Ok I'll try that...

Member Avatar for Tehim

Yeah the activation code is right.

Member Avatar for kekkaishi

and yet the message is "Sorry that activation code seems to be invaid."?

Member Avatar for Tehim

Yep

Member Avatar for Tehim

I also tried

$get_user_data = mysql_fetch_array($check_id);
if($get_user_data['activationcode'] == $activationcode){

//if activate user
$activate_user = mysql_query("UPDATE `members` SET activated='1' WHERE id='$id'");
$final_report.="Your account has been activated, now you may <a href='/login'>Login</a>.";
}else{
$final_report.="Sorry that activation code seems to be invaid.";

But that didn't work either.

Member Avatar for kekkaishi

ok.... do something for me (sorry im also tryin to figure out the prob)

do this

if($get_user_data['activationcode'] == $activationcode){
echo 1;
}

if it does not echo 1 could u paste the two codes.
echo $get_user_data;
and
echo $activationcode;

Edited by kekkaishi because: n/a
Member Avatar for Tehim

It doesn't echo 1 but I checked in the database the activation code is correct.

Edited by Tehim because: n/a
Member Avatar for kekkaishi

u know what im trying to say here right.
say

$x = "123asd";
$y = "123asd";
if($x == $y){
echo 1; //it should echo one right
}

due to the fact that ur code does not do so, we could conclude that they are not equal, couldnt we? so i'm sorry to ask again, but do compare the two actvtn codes side by side. (maybe the lengths are not the same. i had an issue like this once and it turned out that i had allowed 200 characters to be stored in the db and i was comparing a 250 character string with a 200 one. the longer string was exactly the same up until the 200th character. u see what i mean?)

Member Avatar for Tehim

Oh right ok.

Member Avatar for Tehim

echo $get_user_data;

this doesn't echo anything, but is should I've double checked everything, and it should all work.

Member Avatar for d3rck

tehim, the email link that you send to the "registrant" email... what does it look like?

Since you are using a get method, it should look like this...

www.yourwebsite.com/verifierpage.php?id=something&activationcode=theactivationcodesent

.

Notice the & between id and activationcode. I would recommend for you to check the email sent to your test mail to verify if the link is correct.

If you think it is correct and it is still not working, please post the mailto script and a test email. So that we can doublecheck.

Hope this helps. :)

Edited by d3rck because: n/a
Member Avatar for Tehim

$get_user_data;

That echos nothing. Even though I check the database everything should work fine.

Member Avatar for Tehim

Yeah the activation link should work I've echo'd out the gets and they work fine.

Member Avatar for kekkaishi

ok since uve echoed the gets, althoughit should work, just check ur database to see if there is data (an activation code) for that id. the id in the link that is. if there is, try changing ur line 25 to the suggested.

//$check_id = mysql_query("SELECT * FROM `members` WHERE `id` = '$id'") or die(mysql_error()); 
$check_id = mysql_query("SELECT * FROM `members` WHERE `id` = '".$id."'") or die(mysql_error());
Member Avatar for kekkaishi

also, here is a little something for ur reference. this script is working and use this as ur reference.

//activatePage.php
<?php

//mysql connections and all...

if(array_key_exists('id', $_GET)){
    $id = $_GET['id'];
    $acCode = $_GET['actCode'];
    
    $sql = mysql_query("SELECT * FROM members WHERE userId={$id}");
    
    if(mysql_num_rows($sql)==0){
        echo "user does not exist";
    }else{
        $row = mysql_fetch_array($sql);
        if($row['activated']==1){
            echo "already activated";
        }else{
            if($row['actCode']!= $acCode){
                echo "act code mismatch";
            }else{
                mysql_query("UPDATE members SET activated=1 WHERE userId={$id}");
                echo "activated";
            }
        }
    }

}else{
    ?>
<a href="?actCode=aabbccdd&id=1">Activate user1</a>
<a href="?actCode=bbcceefd&id=2">Activate user2</a>
<?php
}

?>

//here is the db table to go with the above
CREATE TABLE IF NOT EXISTS `members` (
  `id` int(1) NOT NULL AUTO_INCREMENT,
  `activated` int(1) NOT NULL DEFAULT '0',
  `actCode` varchar(250) NOT NULL,
  `userId` int(1) NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=3 ;

INSERT INTO `members` (`id`, `activated`, `actCode`, `userId`) VALUES
(1, 1, 'aabbccdd', 1),
(2, 1, 'bbcceefd', 2);
commented: Really helpful thanks :) +1
Member Avatar for kekkaishi

btw, is $id a numeric value. if yes, then

$check_id = mysql_query("SELECT * FROM `members` WHERE `id` =".$id) or die(mysql_error()); //remove single quote

//OR
$check_id = mysql_query("SELECT * FROM `members` WHERE `id` ={$id}") or die(mysql_error());

could solve ur problem

Edited by kekkaishi because: n/a
Member Avatar for Tehim

Ok thanks trying that now...

Member Avatar for Tehim

Issue solved all thanks to kekkaishi! :)

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.