Member Avatar for TheHaxx0r1215

The code I used isn't working with sql, and not sending a mail message, but it's perfectly formed(Or not)? Please help!

<?php
  require_once('recaptchalib.php');
  require_once('config.php');
  $privatekey = CAPTCHA_PRIVATE_KEY;
  $resp = recaptcha_check_answer ($privatekey,
                                $_SERVER["REMOTE_ADDR"],
                                $_POST["recaptcha_challenge_field"],
                                $_POST["recaptcha_response_field"]);

if (!$resp->is_valid) {
    // What happens when the CAPTCHA was entered incorrectly
    die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
         "(reCAPTCHA said: " . $resp->error . ")");
  } 
  else {
	//Start session
	session_start();
	
	//Include database connection details
	require_once('config.php');
	
	//Array to store validation errors
	$errmsg_arr = array();
	
	//Validation error flag
	$errflag = false;
	
	//Connect to mysql server
	$link = mysql_connect($DBHOST, $DBUSERNAME, $DBPASSWORD);
	if(!$link) {
		die('Failed to connect to server: ' . mysql_error());
	}
	
	//Select database
	$db = mysql_select_db($DBNAME);
	if(!$db) {
		die("Unable to select database");
	}
	
	//Function to sanitize values received from the form. Prevents SQL injection
	function clean($str) {
		$str = @trim($str);
		if(get_magic_quotes_gpc()) {
			$str = stripslashes($str);
		}
		return mysql_real_escape_string($str);
	}
	//Check for duplicate login ID
	//If there are input validations, redirect back to the registration form
	//Create INSERT query
	$email = $_POST['Email'];
	$username = $_POST['Username'];
	$password = $_POST['Password'];
	$code = rand(1000,9999);
	$qry = "INSERT INTO development(Username,Password,Email,activation_key,activated,userlevel) VALUES('$username','$password','$email','$code','No','1')";
	$result = mysql_query($qry);
	
	//Check whether the query was successful or not
	$qry1="SELECT * FROM members WHERE Username='$username' AND Password='$password'";
	$result1=mysql_query($qry1);
	$result3 = mysql_query("select * from members WHERE activation_key = '$code'");
while ($row = mysql_fetch_object($result3)) {
    $memberid = $row->MemberID;
}
	//Check whether the query was successful or not
	if($result) {
		if(mysql_num_rows($result1) == 1) {
			//Login Successful
			session_regenerate_id();
			$member = mysql_fetch_assoc($result);
		$to = $member['Email'];

// subject
$subject = 'Activate your Pastebin Account';
// message
$message = "
<html>
<head>
  <title>Activate your Pastebin Account</title>
</head>
<body>
  <h2 style=\"text-align: center; \">
	Activate your Pastebin Account!</h2>
<p>
	Now you can activate your account. Go to the link below.</p>" . "http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/activate.php?id=" . $memberid . "&code=" . $code . "
</body>
</html>
";

// To send HTML mail, the Content-type header must be set
$headers  = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";

// Additional headers
$headers .= "To: " . $email . "\r\n";
$headers .= 'From: Pastebin Account Activation <Pastebin@WikkedPaste.com>' . "\r\n";

// Mail it
mail($to, $subject, $message, $headers);
		header("location: rsuccess.php");
	}else {
		die("Query failed");
	}
	if(!$qry1) {
		die("Errorrrrrrr. Number one.");
	}
	if(!$qry2) {
		die("Error. Number two.");
	}
	}
}
?>
  • 2 Contributors
  • 1 Reply
  • 206 Views
  • 10 Hours Discussion Span
  • Latest Post Latest Post by chrishea
Member Avatar for chrishea

If you are running this in a local testing environment (e.g. Wamp Server), that normally isn't set up to handle mail. Let's clarify that before worrying about the code.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.