#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    167
    Rep Power
    1

    Question Php 7 Acting Weird - Failing To Send Email, Failing To Send Link With Random Numbers


    Hi,

    I'm a beginner in php. Starting my learning at php 7 and not 5 or earlier.
    I don't understand why php 7 is acting weird. It give different result at different time. Do you guy mind checking if I got the coding wrong or if I've come across a php 7 bug ?
    It is a basic member registration & login script.

    How It Works:
    1. When you register (username, password, email), it dumps the data onto a myql table "pending_users" and inserts "0" on "account activation" row. It will replace the "0" with "1" after you click the account activation link that gets emailed to you.
    It sends you email with your account activation link that contains your account activation code (GET METHOD).
    (Problem is, on the "account activation code" row, it always gives your code as: 2147483647 while it emails you a different activation code. It never did this the 1st night but doing it the 2nd & 3rd night now and driving me crazy. Coded a variety of ways but no luck. Same bad result!).

    2. When you click the account activation link, your email gets verified and a new table in mysql gets created under your username. That table will contain data of your account activities.
    Script replaces the "0" (table: pending_users, row: account activation) with "1" after you click the account activation link that gets emailed to you. If you click the link anytime, anyday after that then you get alerted a message asking you why you trying to activate an account you already activated.

    That's about it.

    Pages: register.php AND account_activation.php.

    The problems are in the account_activation.php. When you click the account activation link in your email then that page takes over. So far, so good. Now, notice the error file for the errors.

    PROBLEM 2: You will see you get different errors at different times without changing the code! I'd appreciate it if you guys reveal what errors you get yourselves and whether the results were different or not on each occasion.
    Latest irrelevant error I am getting:

    [09-Mar-2017 13:01:59 UTC] PHP Parse error: syntax error, unexpected end of file in activate_account.php on line 142

    NOTE: My line 42 does not end unexpectedly.

    PROBLEM 3: Sometimes, you get the activation link emailed and sometimes you don't.

    OTHER ISSUE:
    I am trying to learn php starting from php 7. Getting these codes atching youtube php channels. I update as much as I can to customise according to my needs. I fear the code may contain php 5 yntaxes and so if you spot any then kindly show me a php 7 syntax example and get a thumbs-up from here.

    PS - Why don't you guys open a php 7 tutorial channel and teach how to build Social Network like facebook, twitter and youtube etc. ? There are channels in youtube that teach these but they don't regularly upload videos and and I hate the waiting.

    Thanks


    -----------------------
    register.php
    PHP Code:
    <!DOCTYPE html>
    <html>
    <head>
    <title>Signup Page</title>
      <meta charset="utf-8">
      <meta name="viewport" content="width=device-width, initial-scale=1">
      <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
      <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script>
      <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
    </head>
    <body>
    <div class = "container">
    <center><h2>Loud Gobs Browser Signup Form</h2></center>
    <form method="post" action="">
    <div class="form-group">
    <center><label for="username">Username:</label>
    <input type="text" class="form-control" id="user" placeholder="Enter a unique Username" name="member_registration_username"></center>
    </div>
    <div class="form-group">
    <center><label for="password">Password:</label>
    <input type="password" class="form-control" id="pwd" placeholder="Enter new Password" name="member_registration_password"></center>
    </div>
    <div class="form-group">
    <center><label for="password">Repeat Password:</label>
    <input type="password" class="form-control" id="member_registration_repeat_pwd" placeholder="Repeat new Password" name="member_registration_password_confirmation"></center>
    </div>
    <div class="form-group">
    <center><label for="forename">First Name:</label>
    <input type="text" class="form-control" id="member_registration_first_name" placeholder="Enter your First Name" name="member_registration_forename"></center>
    </div>
    <div class="form-group">
    <center><label for="surname">Surname:</label>
    <input type="text" class="form-control" id="member_registration_last_name" placeholder="Enter your Surname" name="member_registration_surname"></center>
    </div>
    <div class="form-group">
    <center><label for="email">Email:</label>
    <input type="email" class="form-control" id="member_registration_email" placeholder="Enter your Email" name="member_registration_email"></center>
    </div>
    <div class="form-group">
    <center><label for="email">Repeat Email:</label>
    <input type="email" class="form-control" id="member_registration_repeat_email" placeholder="Repeat your Email" name="member_registration_email_confirmation"></center>
    </div>
    <center><button type="submit" class="btn btn-default" name="submit">Register!</button></center>
    <center><font color="red" size="3"><b>Already have an account ?</b><br><a href="login.php">Login here!</a></font></center>
    </form>
    </div>
    </body>
    </html>
    <?php
    require "conn.php";
    if  (isset(
    $_POST['submit']))
    {
        if(!empty(
    $_POST["member_registration_username"]) && !empty($_POST["member_registration_password"])&& !empty($_POST["member_registration_password_confirmation"])&& !empty($_POST["member_registration_email"])&& !empty($_POST["member_registration_email_confirmation"])&& !empty($_POST["member_registration_forename"])&& !empty($_POST["member_registration_surname"]))
        {
            
    $member_registration_account_activation 0;
            
    $member_registration_random_numbers random_int(09999999999);
            
            
            
    $member_registration_username trim($_POST["member_registration_username"]);
            
    $member_registration_forename trim($_POST["member_registration_forename"]);
            
    $member_registration_surname trim($_POST["member_registration_surname"]);
            
    $member_registration_password trim($_POST["member_registration_password"]);
            
    $member_registration_password_confirmation trim($_POST["member_registration_password_confirmation"]);
            
    $member_registration_email trim($_POST["member_registration_email"]);
            
    $member_registration_email_confirmation trim($_POST["member_registration_email_confirmation"]);
            
    $member_registration_account_activation_code trim("$member_registration_random_numbers");       
            
            
    $member_registration_username mysqli_real_escape_string($conn,$_POST["member_registration_username"]);
            
    $member_registration_forename mysqli_real_escape_string($conn,$_POST["member_registration_forename"]);
            
    $member_registration_surname mysqli_real_escape_string($conn,$_POST["member_registration_surname"]);
            
    $member_registration_password mysqli_real_escape_string($conn,$_POST["member_registration_password"]);
            
    $member_registration_password_confirmation mysqli_real_escape_string($conn,$_POST["member_registration_password_confirmation"]);
            
    $member_registration_email mysqli_real_escape_string($conn,$_POST["member_registration_email"]);
            
    $member_registration_email_confirmation mysqli_real_escape_string($conn,$_POST["member_registration_email_confirmation"]);        
            
    $member_registration_account_activation_code mysqli_real_escape_string($conn,$member_registration_account_activation_code);     
            
            if(
    $member_registration_email != $member_registration_email_confirmation)
            {
                echo 
    "<center>Your email inputs do not match! Try inputting again and then re-submit.</center>";
                
    $conn->close();
                exit();
            }
            else
            {
            }
            if(
    $member_registration_password != $member_registration_password_confirmation)
            {
                echo 
    "<center>Your password inputs do not match! Try inputting again and then re-submit.</center>";
                
    $conn->close();
                exit();
            }
            else
            {
            }
            
            
    $sql_check_username_in_pending_users "SELECT * FROM pending_users WHERE Username='".$member_registration_username."'";
            
    $result_username_in_pending_users mysqli_query($conn,$sql_check_username_in_pending_users);
            if(
    mysqli_num_rows($result_username_in_pending_users)>0)
            {
                echo 
    "<script>alert('That Username $member_registration_username is pending registration!')</script>";
                exit();
            }
                    
            
    $sql_check_username_in_users "SELECT * FROM users WHERE Username='".$member_registration_username."'";
            
    $result_username_in_users mysqli_query($conn,$sql_check_username_in_users);
            if(
    mysqli_num_rows($result_username_in_users)>0)
            {
                echo 
    "<script>alert('That Username $member_registration_username is already registered!')</script>";
                exit();
            }

            
    $sql_check_email_in_pending_users "SELECT * FROM pending_users WHERE Email='".$member_registration_email."'";
            
    $result_email_in_pending_users mysqli_query($conn,$sql_check_email_in_pending_users);
            if(
    mysqli_num_rows($result_email_in_pending_users)>0)
            {
                echo 
    "<script>alert('That Email $member_registration_email is pending registration!')</script>";
                exit();
            }
            
            
    $sql_check_email_in_users "SELECT * FROM users WHERE Email='".$member_registration_email."'";
            
    $result_email_in_users mysqli_query($conn,$sql_check_email_in_users);
            if(
    mysqli_num_rows($result_email_in_users)>0)
            {
                echo 
    "<script>alert('That Email $member_registration_email is already registered!')</script>";
                exit();
            }

            
    $sql "INSERT INTO pending_users(Username,Password,Email,Forename,Surname,Account_Activation_Code,Account_Activation) VALUES('".$member_registration_username."','".$member_registration_password."','".$member_registration_email."','".$member_registration_forename."','".$member_registration_surname."','".$member_registration_account_activation_code."','".$member_registration_account_activation."')";
            if(
    $conn->query($sql)===TRUE)
            {
                echo 
    "Data insertion into table success!";
            }
            else    
            {
                echo 
    "Data insertion into table failure!";
                
    $conn->close();
                exit();
            }
        
            
    $to "$member_registration_email";
            
    $subject "lAccount Activation!";
            
    $body "$member_registration_forename $member_registration_surname,\n\n You need to click the following link to confirm your email address and activate your account.\n\n\
            http://www.YOURDOMAIN/activate_account.php?email=
    $member_registration_email&&member_registration_account_activation_code=$member_registration_account_activation_code";
            
    $from "YOUR EMAIL GOES HERE";
            
    $message "from: $from";
        
            
    mail($to,$subject,$body,$message);
            echo 
    "<script>alert('Check your email for further instructions!')</script>";
            
    $conn->close();
        }
        else
        {
            echo 
    "<script>alert('You must fill-in all input fields!')</script>";
            
    $conn->close();
        }
    }

    ?>
    -----------------------

    account_activation.php
    PHP Code:
    <?php
    session_start
    ();
    require 
    "conn.php";

        
    //Grab account activator's email and account activation code from account activation link's url.
        
    if(!isset($_GET["email"], $_GET["member_registration_account_activation_code"]) === TRUE
    {
        echo 
    "<script>alert('Invalid Email Address! Invalid Account Activation Link! This email is not registered! Try registering an account!')</script>";
        
    $conn->close();    
        
    header("location:register.php");
        exit();
    }
    else
    {
        
    $confirmed_email trim($_GET["email"]);
        
    $member_registration_account_activation_code trim($_GET["member_registration_account_activation_code"]);
        
        
    $confirmed_email mysqli_real_escape_string($conn,$confirmed_email);
        
    $member_registration_account_activation_code mysqli_real_escape_string($conn,$member_registration_account_activation_code);
        
        
        
    //Check User's Username (against users tbl) if it has already been taken or not whilst User was in midst of activating his/her account.    
        
        
    $query "SELECT * FROM users WHERE Email = '".$confirmed_email."'";
        
    $result mysqli_query($conn,$query);
        
    $numrows mysqli_num_rows($result);
        if(
    $numrows != 0)
        {    
            echo 
    "<script>alert('That email '".$confirmed_email."' is already registered!')</script>";
            
    $conn->close();
            exit();
        }
        else
        {
            
    //Grab User details from table "pending_users". Search data with confirmed Email Address.
                
            
    $query "SELECT * FROM pending_users WHERE Email = '".$confirmed_email."'";
            
    $result mysqli_query($conn,$query);
            
    $numrows mysqli_num_rows($result);
            if(
    $numrows 0)
            {        
                echo 
    "<script>alert('Invalid Email Address! Invalid Account Activation Link! This email is not registered! Try registering an account!')</script>";
                
    $conn->close();
                exit();
            }
            else 
            {
                while(
    $row mysqli_fetch_assoc($result)) 
                {      
                    
    $db_id $row["Id"];
                    
    $db_username $row["Username"];
                    
    $db_password $row["Password"];
                    
    $db_email $row["Email"];
                    
    $db_forename $row["Forename"];
                    
    $db_surname $row["Surname"];
                    
    $db_account_activation_code $row["Account_Activation_Code"];
                    
    $db_account_activation $row["Account_Activation"];            
            
                    if(
    $db_account_activation != 0)    
                    {
                        echo 
    "<script>alert('Since your account is already activated, why are you trying to activate it again ?')</script>";
                        
    $conn->close();
                        exit();
                    }
                    else
                    {
                        
    $conn->query("UPDATE pending_users SET Account_Activation 1 WHERE Email = '".$confirmed_email."'");        
                        echo 
    "Activating your account! Wait to be auto-logged-in to your account as that will be the sign that your account has been activated.";
                        echo 
    "Your email '".$confirmed_email."' has now been confirmed!";
                        echo 
    "Activating your account! Wait to be auto-logged-in to your account as that will be the sign that your account has been activated.";
            
            
                        
    //Create table under $username to hold user account activity data.

                        
    $sql_1 "CREATE TABLE $db_username (
                        Id INT(6) UNSIGNED AUTO_INCREMENT, PRIMARY KEY, 
                        Username varchar(30) NOT NULL,
                        Email varchar(50) NOT NULL,
                        Forename varchar(30) NOT NULL,
                        Surname varchar(30) NOT NULL,
                        Password varchar(32) NOT NULL,
                        Profile_Pic (longblob) NOT NULL,
                        Bio varchar(250) NOT NULL,
                        Status varchar(100) NOT NULL)"
    ;
         
                        if (
    $conn->$query($sql_1) != TRUE) {
                            echo 
    "Error creating table: " mysqli_error($conn);
                            
    $conn->close();
                        } 
                        else 
                        {
                            echo 
    "Table $db_username created successfully";
                                        
                
                            
    //Copy $user's registration data from table "pending_users" to table user.
        
                            
    $sql_2 "INSERT INTO $db_username(Username,Password,Email,Forename,Surname,Account_Activation_Code) VALUES('$db_username','$db_password','$db_email','$db_forename','$db_surname','$db_account_activation_code')";

                            if(
    $conn->$query($sql_2) != TRUE)
                            {
                                echo 
    "inserting data into table $db_username failed! " mysqli_error($conn);
                                
    $conn->close();
                                
                            }
                            else
                            {    
                                echo 
    "inserted data into table $db_username!";
                        
                    
                                
    //Copy $user's registration data from table "pending_users" to table users.
        
                                
    $sql_3 "INSERT INTO users (Username,Password,Email,Forename,Surname,Account_Activation_Code) VALUES('$db_username','$db_password','$db_email','$db_forename','$db_surname','$db_account_activation_code')";

                                if(
    $conn->query($sql_3) != TRUE)
                                {
                                    echo 
    "inserting data into table users failed! " mysqli_error($conn);
                                    
    $conn->close();
                                    
                                }
                                else
                                {    
                                    echo 
    "inserted data into table users!";
                            
                            
                                    
    //Redirect newly activated user to his/her account homepage.
                                    
                                    
    $user $db_username;
                                    
    $userid $db_id;
                                    
    $_SESSION["user"] = $user;
                                    
                                    
    header("location:home.php");
                                }
                            }    
                        }    
                    }
                }
            }
        }    


    ?>
    --------------------
  2. #2
  3. Wiser? Not exactly.
    Devshed God 2nd Plane (6000 - 6499 posts)

    Join Date
    May 2001
    Location
    Bonita Springs, FL
    Posts
    6,001
    Rep Power
    4084
    2147483647 is the maximum value of a signed 32-bit integer. You're attempting to generate a code larger than can be handled as an integer type so it's getting truncated to the maximum value when inserted into the database.

    Either expand the size of your column (use BIGINT) so the values fit or change your code to generate values that fit in the INT range.

    Also, why are you creating a table for each user? That is absolutely the wrong thing to be doing. You should also be using parameter binding, not sticking variables directly into your SQL. Use PDO to connect to your database as it's much easier to work with and do things properly compared to mysqli.


    Comments on this post

    • UniqueIdeaMan agrees : I want to give thumbs-up to thi reply but this forum does not allow it!
    Recycle your old CD's



    If I helped you out, show some love with some reputation, or tip with Bitcoins to 1N645HfYf63UbcvxajLKiSKpYHAq2Zxud
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    167
    Rep Power
    1
    Originally Posted by kicken
    2147483647 is the maximum value of a signed 32-bit integer. You're attempting to generate a code larger than can be handled as an integer type so it's getting truncated to the maximum value when inserted into the database.

    Either expand the size of your column (use BIGINT) so the values fit or change your code to generate values that fit in the INT range.

    Also, why are you creating a table for each user? That is absolutely the wrong thing to be doing. You should also be using parameter binding, not sticking variables directly into your SQL. Use PDO to connect to your database as it's much easier to work with and do things properly compared to mysqli.


    Thank you!
    I can try the BIGINT or lower my range to:
    $member_registration_random_numbers = random_int(0, 9999999);

    Can I ask if my code is a mixture of php 5 and 7 syntaxes etc. ?
    Well, I saw youtube vids on php that teach you how to build member reg & login sites and they never mention which php version they use. I copied them while watching the vids then made a few adaptations as much as I could.
    Getting confused now as originally I thought I was learning php 7 from those tut vids but few days ago started suspecting they were teaching php 5.
    I guess codes like the following is php 5. Correct ?
    PHP Code:
    $sql "SELECT * FROM users WHERE Username='".$member_login_username_or_email."' OR Email='".$member_login_username_or_email."' AND Password='".$member_login_password."'";
    $result mysqli_query($conn,$sql);
    $numrows mysqli_num_rows($result); 
    While code like the following is php 7. Right ?
    PHP Code:
    $conn->query("UPDATE pending_users SET Account_Activation 1 WHERE Email = '".$confirmed_email."'"); 
    In php 5, they do it like this, correct ?
    PHP Code:
    mysqli_query($conn,$sql); 
    While in 7 like this:
    PHP Code:
    $conn->query 
    Am I right about the "->" part ?

    Thanks for the link pal! just one question, is the tut on php 7 ? Hard finding tuts on php 7 and so I just find bits of pieces on youtube.
    I'm a complete beginner. Is not mysqli simple to learn than pdo ? Do you recommend latter over former ?
    Which ones you recommend and which ones not ? Not interested in frameworks as of now while a complete beginner. But for my future, which frameworks too do you recommend and which ones not ?
    I wanted to give your reply a thumbs-up/vote but unfortunately this forum does not have the feature. Anyway, here is the best I could do. :thumbsup:

    I'd appreciate any php 7 tuts for complete beginners you can recommend. That php.net manual is really not for beginners. More like a reference handbook for the pros. So, I'm struggling to learn from that. Frankly, I haven't found any proper tut yet on php 7 for beginners who do not know previous php versions.

IMN logo majestic logo threadwatch logo seochat tools logo