Question For Forget password and resent activation link

[luqmanhensem]

Bug :
i testing at forget.php page and reset using email that not approve on database .. then i check my email and received new password .. how to check user email follow by approve '1' and if '0' the account not active yet so it not sent to the email ..

Resent Activation :

New form resent current activation .
check user email because if user has been active then he/she tried to field that form

[Wombat76]

You're right. The script should check that the user account has been approved. Add the red lines to forgot.php:

Code:

$user_email = $data['user_email'];

//check if activ code and user is valid as precaution
$rs_check = mysql_query("select approved from users where user_email='$user_email'") or die (mysql_error()); 
$num = mysql_num_rows($rs_check);
  // Match row found with more than 1 results  - the user is authenticated. 
    if ( $num <= 0 ) { 
	$err[] = "Error - Sorry no such account exists or registered.";
	//header("Location: forgot.php?msg=$msg");
	//exit();
	} else {
list($approved) = mysql_fetch_row($rs_check);
if ($approved != 1) $err[] = "Error - Sorry your account is awaiting approval.";
}
if(empty($err)) {

[luqmanhensem]

thanks for fix forget.php

ResentActivation.php ( new form )

how to resent the current activation code and md5 id to user_email
when user submit the form and the code check if has been approved ( will not sent to email )

------------------
edit
-------------------
i found the thread .. sorry not search first before posting

[luqmanhensem]

PHP Code:

<?php 
include 'dbc.php';




/******************* ACTIVATION BY FORM**************************/
if ($_POST['doResend']=='Resend')
{
$err = array();
$msg = array();

foreach($_POST as $key => $value) {
    $data[$key] = filter($value);
}
if(!isEmail($data['user_email'])) {
$err[] = "ERROR - Please enter a valid email"; 
}

$usr_email = $data['user_email'];

//check for activ code and if user is valid as precaution
$rs_check = mysql_query("select approved, banned, md5_id, activation_code,user_name from users where user_email='$usr_email'") or die (mysql_error()); 
$num = mysql_num_rows($rs_check);
  // Match row found with more than 1 results  - the user is authenticated. 
    if ( $num <= 0 ) { 
    $err[] = "Sorry no such account exists or activation code invalid.";
    //header("Location: resend.php?msg=$msg");
    //exit();
    }else {
list($approved,$banned) = mysql_fetch_row($rs_check);
if ($approved != 1) $err[] = "Error - Sorry your account is has been activated.";
}
if(!$banned !=1) 
    $err[] = "Your Account Has Been Banned"; 
}

if(empty($err)) {
list($md5_id,$activ_code,$user_name) = mysql_fetch_row($rs_check);
if($user_registration)  {
$a_link = "
*****ACTIVATION LINK*****\n
h**p://$host$path/activate.php?user=$md5_id&activ_code=$activ_code
"; 
} else {
$a_link = 
"Your account is *PENDING APPROVAL* and will be soon activated the administrator.
";
}
                         
$host  = $_SERVER['HTTP_HOST'];
$host_upper = strtoupper($host);                         
             
//send email

$message = 
"Hello \n
Thank you for registering with us. Here are your login details...\n

User ID: $user_name
Email: $usr_email \n 
Passwd: $data[pwd] \n

$a_link

Thank You

Administrator
$host_upper
______________________________________________________
THIS IS AN AUTOMATED RESPONSE. 
***DO NOT RESPOND TO THIS EMAIL****
";

    mail($usr_email, "Login Details", $message,
    "From: \"Member Registration\" <auto-reply@$host>\r\n" .
     "X-Mailer: PHP/" . phpversion());
                         
$msg[] = "Your activation code has been resent to your email address.";                         
                         
//$msg = urlencode();
//header("Location: forgot.php?msg=$msg");                         
//exit();
 }
}
}
?>
<html>
<head>
<title>Resend Activation Code</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="JavaScript" type="text/javascript" src="js/jquery-1.3.2.min.js"></script>
<script language="JavaScript" type="text/javascript" src="js/jquery.validate.js"></script>
  <script>
  $(document).ready(function(){
    $("#actForm").validate();
  });
  </script>
<link href="styles.css" rel="stylesheet" type="text/css">
</head>

<body>
<table width="100%" border="0" cellspacing="0" cellpadding="5" class="main">
  <tr> 
    <td colspan="3">&nbsp;</td>
  </tr>
  <tr> 
    <td width="160" valign="top"><p>&nbsp;</p>
      <p>&nbsp; </p>
      <p>&nbsp;</p>
      <p>&nbsp;</p>
      <p>&nbsp;</p></td>
    <td width="732" valign="top">
<h3 class="titlehdr">Resend Activation Code</h3>

      <p> 
        <?php
      /******************** ERROR MESSAGES*************************************************
      This code is to show error messages 
      **************************************************************************/
    if(!empty($err))  {
       echo "<div class=\"msg\">";
      foreach ($err as $e) {
        echo "* $e <br>";
        }
      echo "</div>";    
       }
       if(!empty($msg))  {
        echo "<div class=\"msg\">" . $msg[0] . "</div>";

       }
      /******************************* END ********************************/      
      ?>
      </p>
      <p>If you have not received your activation email you can resend it to your email address.</p>
     
      <form action="resend.php" method="post" name="actForm" id="actForm" >
        <table width="65%" border="0" cellpadding="4" cellspacing="4" class="loginform">
          <tr> 
            <td colspan="2">&nbsp;</td>
          </tr>
          <tr> 
            <td width="36%">Your Email</td>
            <td width="64%"><input name="user_email" type="text" class="required email" id="txtboxn" size="25"></td>
          </tr>
          <tr> 
            <td colspan="2"> <div align="center"> 
                <p> 
                  <input name="doResend" type="submit" id="doLogin3" value="Resend">
                </p>
              </div></td>
          </tr>
        </table>
        <div align="center"></div>
        <p align="center">&nbsp; </p>
      </form>
      
      <p>&nbsp;</p>
       
      <p align="left">&nbsp; </p></td>
    <td width="196" valign="top">&nbsp;</td>
  </tr>
  <tr> 
    <td colspan="3">&nbsp;</td>
  </tr>
</table>

</body>
</html>

i checking banned and approved .. is that correct ?

PHP Code:

else { 
list($approved,$banned) = mysql_fetch_row($rs_check); 
if ($approved != 1) $err[] = "Error - Sorry your account is has been activated."; 
} 
if(!$banned !=1)  
    $err[] = "Your Account Has Been Banned";  
} 


[Wombat76]

Quote:

i checking banned and approved .. is that correct ?

You can't split your list statement. You have to say:

PHP Code:

list($approved,$banned,$md5_id,$activ_code,$user_name) = mysql_fetch_row($rs_check); 


and

PHP Code:

if(!$banned !=1) 


is a bit complicated. Probably better to say:

PHP Code:

if($banned == 1) 


And do you need an open brace { after that statement?

Apart from that, I think it's OK.

[luqmanhensem]

Hello

Code:

Thank you for registering with us. Here are your login details...


User ID:
Email: cutecandy1@gmail.com

Passwd:



*****ACTIVATION LINK*****

h**p:///activate.php?user=&activ_code=


Thank You

Administrator
WWW.random.COM
______________________________________________________
THIS IS AN AUTOMATED RESPONSE.
***DO NOT RESPOND TO THIS EMAIL****

my account has already activate but still sending the into my email


i don't have any error log on resent.php

PHP Code:

<?php 
include 'dbc.php';




/******************* ACTIVATION BY FORM**************************/
if ($_POST['doResend']=='Resend')
{
$err = array();
$msg = array();

foreach($_POST as $key => $value) {
    $data[$key] = filter($value);
}
if(!isEmail($data['user_email'])) {
$err[] = "ERROR - Please enter a valid email"; 
}

$usr_email = $data['user_email'];

//check for activ code and if user is valid as precaution
$rs_check = mysql_query("select approved, md5_id, activation_code,user_name from users where user_email='$usr_email'") or die (mysql_error()); 
$num = mysql_num_rows($rs_check);
  // Match row found with more than 1 results  - the user is authenticated. 
    if ( $num <= 0 ) { 
    $err[] = "Sorry no such account exists or activation code invalid.";
    //header("Location: resend.php?msg=$msg");
    //exit();
    }else {
list($approved,$md5_id,$activ_code,$user_name) = mysql_fetch_row($rs_check);

if ($approved != 1) 
$err[] = "Error - Sorry your account is has been activated.";
}


if(empty($err)) {
list($md5_id,$activ_code,$user_name) = mysql_fetch_row($rs_check);
if($user_registration)  {
$a_link = "
*****ACTIVATION LINK*****\n
h**p://$host$path/activate.php?user=$md5_id&activ_code=$activ_code
"; 
} else {
$a_link = 
"Your account is *PENDING APPROVAL* and will be soon activated the administrator.
";
}
                         
$host  = $_SERVER['HTTP_HOST'];
$host_upper = strtoupper($host);                         
             
//send email

$message = 
"Hello \n
Thank you for registering with us. Here are your login details...\n

User ID: $user_name
Email: $usr_email \n 
Passwd: $data[pwd] \n

$a_link

Thank You

Administrator
$host_upper
______________________________________________________
THIS IS AN AUTOMATED RESPONSE. 
***DO NOT RESPOND TO THIS EMAIL****
";

    mail($usr_email, "Login Details", $message,
    "From: \"Member Registration\" <auto-reply@$host>\r\n" .
     "X-Mailer: PHP/" . phpversion());
                         
$msg[] = "Your activation code has been resent to your email address.";                         
                         
//$msg = urlencode();
//header("Location: forgot.php?msg=$msg");                         
//exit();
 }
}
?>
<html>
<head>
<title>Resend Activation Code</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="JavaScript" type="text/javascript" src="js/jquery-1.3.2.min.js"></script>
<script language="JavaScript" type="text/javascript" src="js/jquery.validate.js"></script>
  <script>
  $(document).ready(function(){
    $("#actForm").validate();
  });
  </script>
<link href="styles.css" rel="stylesheet" type="text/css">
</head>

<body>
<table width="100%" border="0" cellspacing="0" cellpadding="5" class="main">
  <tr> 
    <td colspan="3">&nbsp;</td>
  </tr>
  <tr> 
    <td width="160" valign="top"><p>&nbsp;</p>
      <p>&nbsp; </p>
      <p>&nbsp;</p>
      <p>&nbsp;</p>
      <p>&nbsp;</p></td>
    <td width="732" valign="top">
<h3 class="titlehdr">Resend Activation Code</h3>

      <p> 
        <?php
      /******************** ERROR MESSAGES*************************************************
      This code is to show error messages 
      **************************************************************************/
    if(!empty($err))  {
       echo "<div class=\"msg\">";
      foreach ($err as $e) {
        echo "* $e <br>";
        }
      echo "</div>";    
       }
       if(!empty($msg))  {
        echo "<div class=\"msg\">" . $msg[0] . "</div>";

       }
      /******************************* END ********************************/      
      ?>
      </p>
      <p>If you have not received your activation email you can resend it to your email address.</p>
     
      <form action="resend.php" method="post" name="actForm" id="actForm" >
        <table width="65%" border="0" cellpadding="4" cellspacing="4" class="loginform">
          <tr> 
            <td colspan="2">&nbsp;</td>
          </tr>
          <tr> 
            <td width="36%">Your Email</td>
            <td width="64%"><input name="user_email" type="text" class="required email" id="txtboxn" size="25"></td>
          </tr>
          <tr> 
            <td colspan="2"> <div align="center"> 
                <p> 
                  <input name="doResend" type="submit" id="doLogin3" value="Resend">
                </p>
              </div></td>
          </tr>
        </table>
        <div align="center"></div>
        <p align="center">&nbsp; </p>
      </form>
      
      <p>&nbsp;</p>
       
      <p align="left">&nbsp; </p></td>
    <td width="196" valign="top">&nbsp;</td>
  </tr>
  <tr> 
    <td colspan="3">&nbsp;</td>
  </tr>
</table>

</body>
</html>

i also remove banned row because it keep show the notice error ..
can someone fix it .. sorry i newbie in php