[英]email activation for registration form
i have registration form and i want user must be activated their email once user activated their then user can login in the their account else user can't be login? 我有注册表格,我希望用户一旦激活他们的帐户就必须激活他们的电子邮件,然后用户可以登录其帐户,否则用户无法登录?
Problem 问题
The problem is that the users can login without email activation? 问题是用户可以在不激活电子邮件的情况下登录?
Code 码
$email2=$_POST['email'];
$querycheck=mysql_query("select activation from students
where semail='$email2'") or die ("Query Activated Problem");
$rowcheck=mysql_fetch_array($querycheck);
$act=$rowcheck['activation'];
if($act=='activated')
{
$email=$_POST['email'];
$password=$_POST['password'];
$email = stripslashes($email);
$password= stripslashes($password);
$email = mysql_real_escape_string($email);
$password = mysql_real_escape_string($password);
$querymysql=mysql_query("select * from students where semail='$email'
and spassword='$password' ") or die ("query problem");
$row=mysql_fetch_array($querymysql);
if($row)
{
session_register("email");
session_register("password");
header('Location:index.php');
}
else {
$message="Please Check Your Login Details";
header('Location:login.php?login_error='.$message.'');
}
}
else if($act=='')
{
$actmsg="Your Email Is Not Activated Yet";
header('Location:login.php?actmsg='.$actmsg.'');
}
session_register : This function has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0. session_register :自PHP 5.3.0起已弃用此功能,自PHP 5.4.0起已取消此功能。
Use $_SESSION directly to set variables. 直接使用$ _SESSION设置变量。
Add a field tinyint field called activated. 添加一个名为tinyint字段的字段activated。 Then change your select to select * from students where semail='$email' and spassword='$password' " and activated=1
然后将选择更改为从* semail ='$ email'和spassword ='$ password'“且已激活= 1的学生中选择*
You activate link should set activated to 1 for the user. 您将用户的激活链接设置为激活。
Double check your activation
field in the students
table. 在
students
表中再次检查您的activation
字段。 Then, lets convert your code from MySQL to MySQLi . 然后,将您的代码从MySQL转换为MySQLi 。 MySQL is already deprecated.
MySQL已被弃用。
/* ESTABLISH CONNECTION FIRST */
<?php
$connection=mysqli_connect("YourHost","YourUsername","YourPassword","DatabaseName");
if(mysqli_connect_errno()){
echo "Error".mysqli_connect_error();
}
$email2=mysqli_real_escape_string($con,$_POST['email']); /* LETS USE REAL ESCAPE STRING TO PREVENT A BIT OF SQL INJECTION */
$querycheck=mysqli_query($connection,"SELECT activation FROM students
WHERE semail='$email2'");
while($rowcheck=mysqli_fetch_array($querycheck)){
$act=$rowcheck['activation'];
}
if($act=='activated')
{
$email=$_POST['email'];
$password=$_POST['password'];
$email = stripslashes($email);
$password= stripslashes($password);
$email = mysqli_real_escape_string($email);
$password = mysqli_real_escape_string($password);
$querymysql=mysqli_query("SELECT * FROM students WHERE semail='$email'
and spassword='$password'");
$row=mysqli_num_rows($querymysql); /* I CHANGED THIS PART OF YOUR CODE */
if($row!=0) /* SO THIS CONDITION ALSO CHANGES */
{
session_register("email");
session_register("password");
header('Location:index.php');
}
else {
$message="Please Check Your Login Details";
header('Location:login.php?login_error='.$message.'');
}
}
else if($act=='')
{
$actmsg="Your Email Is Not Activated Yet";
header('Location:login.php?actmsg='.$actmsg.'');
}
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.