I created a registration verification system where the user gets an email with a link to verify their account. When the link is clicked it takes them to a PHP page below:
<?php
$passkey = trim(mysqli_real_escape_string($connection, $_GET['passkey']));
$query = "UPDATE pims SET com_code=NULL WHERE com_code='$passkey' UNION ALL UPDATE dms SET com_code=NULL WHERE com_code='$passkey' UNION ALL UPDATE users SET com_code='$passkey'";
$result = mysqli_query($connection, $query);
if (!result) {
die("Database query failed: " . mysqli_error($result));
}
if (mysqli_num_rows($result) == 0) {
echo '<div>Sorry. Something went wrong! Please contact the site admin at <a href="mailto:support@domain.com">support@domain.com</a> for assistance.</div>';
} else {
echo '<div>Your account is now active. You may now <a href="login.php">Log in</a></div>';
}
?>
I want to set the com_code
to NULL, but first I need to find the user in 1 of 3 tables (pims, dms, and users) by matching the $passkey variable.
This is not working. Any suggestions?
UPDATE:
I fixed the code as Sean pointed out:
$query = "UPDATE pims SET com_code=NULL WHERE com_code='$passkey'
UNION ALL UPDATE dms SET com_code=NULL WHERE com_code='$passkey'
UNION ALL UPDATE users SET com_code=NULL WHERE com_code='$passkey'";
But, it's still not working.
UPDATE:
I updated the code again like so:
<?php
$passkey = mysqli_real_escape_string($connection, $_GET['passkey']);
$query = "UPDATE pims, dms, users SET pims.com_code=NULL, dms.com_code=NULL, users.com_code=NULL WHERE pims.com_code='$passkey' AND dms.com_code='$passkey' AND users.com_code='$passkey'";
$result = mysqli_query($connection, $query);
if (mysqli_affected_rows ($connection) > 0) {
echo '<div>Your account is now active. You may now <a href="login.php">Log in</a></div>';
} else {
echo '<div>ERROR MESSAGE<br><br>Sorry, something went wrong!<br><br>Please contact the site admin at <a href="mailto:support@domain.com">support@domain.com</a> for assistance.</div>';
}
mysqli_close($connection);
?>
But for some reason it just won't connect.
UPDATE:
So, I decided to go with 3 queries like this:
<?php
$passkey = mysqli_real_escape_string($connection, $_GET['passkey']);
$query = "UPDATE pims SET com_code=NULL WHERE com_code='{$passkey}'";
$result = mysqli_query($connection, $query);
if (mysqli_affected_rows ($connection) <= 0) {
$query = "UPDATE dms SET com_code=NULL WHERE com_code='{$passkey}'";
$result = mysqli_query($connection, $query);
if (mysqli_affected_rows ($connection) <= 0) {
$query = "UPDATE users SET com_code=NULL WHERE com_code='{$passkey}'";
$result = mysqli_query($connection, $query);
if (mysqli_affected_rows ($connection) <= 0) {
echo '<div> ERROR MESSAGE<br><br>Sorry, something went wrong!<br><br>Please contact the site admin at <a href="mailto:support@domain.com">support@domain.com</a> for assistance.</div>';
} else {
echo '<div>Your account is now active. You may now <a href="login.php">Log in</a></div>';
}
} else {
echo '<div>Your account is now active. You may now <a href="login.php">Log in</a></div>';
}
} else {
echo '<div>Your account is now active. You may now <a href="login.php">Log in</a></div>';
}
mysqli_close($connection);
?>
It works, but it seems very slow. Any suggestions for improvements would be appreciated.
Try doing it all in 1 query, instead of doing a UNION ALL
UPDATE
pims,dms,users
SET
pims.com_code=NULL, dms.com_code=NULL, users.com_code=NULL
WHERE
pims.com_code='$passkey'
AND
dms.com_code='$passkey'
AND
users.com_code='$passkey'
SQL Fiddle example - http://sqlfiddle.com/#!2/d0464d/1
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.