开发者

How to connect all page to my database in PHP

I have created 4 files

  1. signup.php
  2. signup_ac.php
  3. confirmation.php
  4. config.php

Also, i have created 2 databases:

  1. temp_members_db
  2. registered_members

I want to do this:

  1. When users sign up. Random a set of confirmation code.

  2. Keep their informations and confirmation code in table "temp_members_db". This is temporary table, we have to move this informations to table "registered_members" after email address has been verified.

  3. After sucessfully inserted data into table "temp_membes_db", send confirmation link to email that users used to sign up, if email is invalid they will not receive our email.

  4. They have to click on confirmation link to activate their account. (move data from table "temp_member_db" to table "registered_members" and delete data from table "temp_members_db" in this step)

Signup Form:

<table width="350" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td><form name="form1" method="post" action="signup_ac.php">
<table width="100%" border="0" cellspacing="4" cellpadding="0">
<tr>
<td colspan="3"><strong>Sign up</strong></td>
</tr>
<tr>
<td width="76">Name</td>
<td width="3">:</td>
<td width="305"><input name="name" type="text" id="name" size="30"></td>
</tr>
<tr>
<td>E-mail</td>
<td>:</td>
<td><input name="email" type="text" id="email" size="30"></td>
</tr>
<tr>
<td>pa开发者_如何学编程ssword</td>
<td>:</td>
<td><input name="password" type="password" id="password" size="30"></td>
</tr>
<tr>
<td>Country</td>
<td>:</td>
<td><input name="country" type="text" id="country" size="30"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Submit"> &nbsp;
<input type="reset" name="Reset" value="Reset"></td>
</tr>
</table>
</form></td>
</tr>
</table>

SIGNUP_AC Form:

<?
include('config.php');

// table name 
$tbl_name=temp_members_db;

// Random confirmation code 
$confirm_code=md5(uniqid(rand())); 

// values sent from form 
$name=$_POST['name'];
$email=$_POST['email'];
$country=$_POST['country'];

// Insert data into database 
$sql="INSERT INTO $tbl_name(confirm_code, name, email, password, country)VALUES('$confirm_code', '$name', '$email', '$password', '$country')";
$result=mysql_query($sql);

// if suceesfully inserted data into database, send confirmation link to email 
if($result){

// ---------------- SEND MAIL FORM ----------------

// send e-mail to ...
$to=$email;

// Your subject
$subject="Your confirmation link here";

// From
$header="from: your name <your email>";

// Your message
$message="Your Comfirmation link \r\n";
$message.="Click on this link to activate your account \r\n";
$message.="http://www.yourweb.com/confirmation.php?passkey=$confirm_code";

// send email
$sentmail = mail($to,$subject,$message,$header);

}

// if not found 
else {
echo "Not found your email in our database";
}

// if your email succesfully sent
if($sentmail){
echo "Your Confirmation link Has Been Sent To Your Email Address.";
}
else {
echo "Cannot send Confirmation link to your e-mail address";
}

?>

**CONFIRMATION FORM**

<?
include('config.php');

// Passkey that got from link 
$passkey=$_GET['passkey'];

$tbl_name1="temp_members_db";

// Retrieve data from table where row that match this passkey 
$sql1="SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'";
$result1=mysql_query($sql1);

// If successfully queried 
if($result1){

// Count how many row has this passkey
$count=mysql_num_rows($result1);

// if found this passkey in our database, retrieve data from table "temp_members_db"
if($count==1){

$rows=mysql_fetch_array($result1);
$name=$rows['name'];
$email=$rows['email'];
$password=$rows['password']; 
$country=$rows['country']; 

$tbl_name2="registered_members";

// Insert data that retrieves from "temp_members_db" into table "registered_members" 
$sql2="INSERT INTO $tbl_name2(name, email, password, country)VALUES('$name', '$email', '$password', '$country')";
$result2=mysql_query($sql2);
}

// if not found passkey, display message "Wrong Confirmation code" 
else {
echo "Wrong Confirmation code";
}

// if successfully moved data from table"temp_members_db" to table "registered_members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db"
if($result2){

echo "Your account has been activated";

// Delete information of this user from table "temp_members_db" that has this passkey 
$sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'";
$result3=mysql_query($sql3);

}

}
?>

**CONFIG**

<?

$host="localhost"; // Host name 
$username="root"; // Mysql username 
$password="abhijits"; // Mysql password 
$db_name="temp_members_db"; // Database name 


//Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect to server"); 
mysql_select_db("$db_name")or die("cannot select DB");

?>

Table "temp_members_db"

CREATE TABLE `temp_members_db` (
`confirm_code` varchar(65) NOT NULL default '',
`name` varchar(65) NOT NULL default '',
`email` varchar(65) NOT NULL default '',
`password` varchar(15) NOT NULL default '',
`country` varchar(65) NOT NULL default ''
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

Table "registered_members"

CREATE TABLE `registered_members` (
`id` int(4) NOT NULL auto_increment,
`name` varchar(65) NOT NULL default '',
`email` varchar(65) NOT NULL default '',
`password` varchar(65) NOT NULL default '',
`country` varchar(65) NOT NULL default '',
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;


Yeah, don't do that. Add another field to the members table that indicates whether or not their address has been verified.


Have you thought about potentially taking a different approach? You could have a single 'users' table, with a field indicating whether they are 'authorized'. When a user registers, their info is added to the 'users' table, and the 'authorized' field is set to 'no' or left blank. At the same time, take a subset of the data the user entered, such as their email address and their id in the 'users' table, and add it to an array, i.e.:

$user[email]=user@domain.com;
$user[id]=1;

Then encrypt this- you could simply serialize it then base64 encode the result.

base64_encode(serialize($user));

This will give you an 'authorization code'. Email the user (you could use PHPMailer) the url to the activation page, with this encrypted link assigned to a variable called 'authorization'. When the user clicks the link and goes to the authorization page, use GET to grab this variable, base 64 decode then unserialize to get the underlying array.

unserialize(base64_decode($user));

Then take the users[id] variable and update the 'authorized' field in the 'users' table.

Its a different approach for sure, but it may help to reduce some of the back end infrastructure.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜