Tutorial Details
- Topic: PHP and mySQL
- Difficulty: Beginner
- Estimated Completion Time: 45 minutes
Final Product What You'll Be Creating
In this tutorial, we are going to be creating a user signup form that adds a user to a database, and then sends out a confirmation email that the user must click on before their account will be activated.
Step 1: The Template
I’ve included the basic site layout so we aren’t wasting time creating the form and making the site looks pretty. We are going to get right into coding which is what you came here for.
Open up the Site Template folder and copy it to either your localhost or web server.
Open up index.php and take a quick look. You’ll see a simple form with 3 inputs. These are the fields we are going to capture. We want the username, their password as well as their email. You can choose to capture other elements when users are signing up, but these are the 3 barebones elements we need.
Step 2: Setting up the MySQL Database
Open up PHPMyAdmin or whatever program you use to manage your MySQL database and create a new database. You can name this whatever you like. Now we want to create the rows that are going to hold our user information and confirmation information. For this we create two tables. Users and Confirm.
CREATE TABLE `users` ( `id` int(11) NOT NULL auto_increment, `username` varchar(50) NOT NULL default '', `password` varchar(128) NOT NULL default '', `email` varchar(250) NOT NULL default '', `active` binary(1) NOT NULL default '0', PRIMARY KEY (`id`) ) ENGINE=MyISAM AUTO_INCREMENT=27 DEFAULT CHARSET=utf8;
Our first table has 5 rows. The first is the ID that is given to the user when they signup. This is set to auto increment so that each user is given a unique ID. Next is the username, password and ID. The last row lets us set the users active state. When we first create the user row, the active state will default to 0. This means that the users account is currently inactive. Once the user confirms their account we will set this to 1. This will state that the account is active.
CREATE TABLE `confirm` ( `id` int(11) NOT NULL auto_increment, `userid` varchar(128) NOT NULL default '', `key` varchar(128) NOT NULL default '', `email` varchar(250) default NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM AUTO_INCREMENT=27 DEFAULT CHARSET=utf8;
Our second table is the confirm table. This holds the user’s ID and email as well as a randomly generated key that we will use to confirm the users account.
Step 3: Connecting to the MySQL Database
Open up inc/php/config.php.
First we need to make the connect to the database.
mysql_connect('localhost', 'username', 'password') or die("I couldn't connect to your database, please make sure your info is correct!");
Depending on your setup, we are going to need to change a few variables. So go ahead and fill in everything.
Next we need to tell MySQL which database we want to use.
mysql_select_db('your_database_name') or die("I couldn't find the database table make sure it's spelt right!");
Once everything has been edited to fit your database go ahead and point to the index.php file on your server.
If you don’t see any errors at the top, we are all connected.
Step 4: Submitting the Form
Ok, now that we are all connected to the database, we need to capture the form data so we can get the user signed up.
I’m going to give you the piece of code and then explain what’s going on. After that we are going to make changes and add functionality.
Here is the base; place this right after the first includes at the top of index.php
//check if the form has been submitted
if(isset($_POST['signup'])){
}
This if statement is checking to see if the form has been submitted.
Without this, our script would run every time the page is refreshed and we don’t want that.
Note: Depending on your application or just general style of coding this code may be placed in a separate file that is accessed when the form is submitted. I’ve placed the code all in one file to keep things simple and easy to follow along.
Step 5: Cleaning up and Checking the Variables
We want to make sure that the user has submitted actual content instead of just a blank form, so we are going to perform some quick checks.
The first part is to place the $_POST variables into simpler variables and clean them for the database. Place this inside our if statement.
$username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $email = mysql_real_escape_string($_POST['email']);
mysql_real_escapse_string() makes sure that the user isn’t trying to use apostrophes to access our database with MySQL injection. Whenever you want to put information into a database the the user has inputed, please run it through mysql_real_escape_string(). For more information on MySQL injection you can read this article on Wikipedia
So, we’ve cleaned up our variables, now let’s check to see if the user forgot any fields.
if(empty($username)){ //put code in me please }
if(empty($password)){ //put code in me please }
if(empty($email)){ //put code in me please }
Now we have three if statements that are checking if each field is empty. If the field is empty we are going to assign some variables.
To make things clean we are going to create an array that will hold the status of the signup process as well as any text we need to show the user.
Right above that piece of code, let’s create an array and a few variables.
$action = array(); $action['result'] = null; $text = array();
First we are creating a blank array called action and then setting an array value of result. Result is going to hold a value of either success or error. Next we create another blank array called text. This is going to hold any text we want to show the user during the signup.
Right now, our if statements that are checking our variables aren’t executing any code, so let’s go ahead and put some code inside the first if statement.
Put this code inside the username if statement.
$action['result'] = 'error'; array_push($text,'You forgot your username');
Let’s say the user submits the form without a username. Our statement is going to run the code above. First it’s going to set the result field of our action array to error.
Then we are going to use array_push() to put some text into our text array. We are going to be using this same piece of code for the final two “if” statements so copy and paste that code into the last two if statements. You’ll probably want to change the text to match the current if statement.
Note: We are using array_push() in case we have multiple errors in the form submission. If all if statements are executed, the text array will looks like:
Array( [0] => 'You forgot your username', [1] => 'You forgot your password', [2] => 'You forgot your email' )
We now need to check if we have any errors so we can continue on with the signup process.
Step 6: No Errors, Let’s Signup the User
We are going to check to see if our action array result value is set to error.
if($action['result'] != 'error'){
//no errors, continue signup
$password = md5($password);
}
$action['text'] = $text;
We are also running our password through the md5() function. This takes the password and returns a 32 character string that looks something like this: a3470ce826283eca7ce3360d0f26b230. It’s good practice to run the password through some sort of hashing function before putting it into the database. This prevents people from viewing the users passwords if your database is hacked.
A quick check of our action result value and we can continue on with the signup. If our result is error we will skip over all this code and output the errors to our user so they can make the necessary changes.
The last piece of this code we are putting the values of your text array into our action array.
Step 7: Adding the User to the Database
Place this code inside our last if statement.
...
If Statement checking for errors
...
//add to the database
$add = mysql_query("INSERT INTO `users` VALUES(NULL,'$username','$password','$email',0)");
if($add){
//the user was added to the database
}else{
$action['result'] = 'error';
array_push($text,'User could not be added to the database. Reason: ' . mysql_error());
=
}
We use mysql_query() and INSERT to insert the users information into the database. Next, we create another if statement checking to see if the user was added to the database. We do this by checking if the $add variable is true or false.
If the user is added we can continue on with the signup; if not we are going to assign some familiar variables and stop the signup.
When working with MySQL queries, we use the mysql_error() function if their are errors because it helps with debugging what is wrong with your queries. It will output text errors when something is wrong. This is good!
Step 8: Confirmation is Needed
The user has submitted the form, everything checks out and they’re now living in the database. We want the user to be able to use their account, so let’s setup the confirmation.
...
if added check
...
//get the new user id
$userid = mysql_insert_id();
//create a random key
$key = $username . $email . date('mY');
$key = md5($key);
//add confirm row
$confirm = mysql_query("INSERT INTO `confirm` VALUES(NULL,'$userid','$key','$email')");
if($confirm){
//let's send the email
}else{
$action['result'] = 'error';
array_push($text,'Confirm row was not added to the database. Reason: ' . mysql_error());
}
To make things easy, let’s assign the new user id to a variable so we can use it later. We do this by using mysql_insert_id(). This will set $userid to whatever the new user’s ID is.
Next we create the random key for that specific user. We create a variable named key and fill it with a value of the username, email and date. The string will look like mattmatt@email.com012009. After that we use the md5() function to convert it to a random string that is unique to that user.
Using mysql_query() and INSERT again, we put the new user ID, the key and the users email into the database.
Step 9: Setting up the Email Templates
We are going to take a break from the PHP coding and create two new files. For the sake of being quick and easy we are actually going to use two templates that I’ve included with this tutorial. The two files we’re going to be looking at are signup_template.html and signup_template.txt. Swift lets us assign an HTML as well as a TXT version of the email incase the users email client doesn’t support HTML emails.
Open up signup_template.html Note: You can read up on HTML in emails over at carsonified. We aren’t going to be editing this file, i’m just going to explain whats going on and then you can play around with it once the tutorial is complete. The most important part of this file is the tags that look like {USERNAME} and confirm.php?email={EMAIL}&key={KEY}. We are going to write a function that uses this template and replaces those tags with the variables from our form.
Step 10: The Template Function
Open up inc/php/functions.php and place this code inside.
function format_email($info, $format){
//set the root
$root = $_SERVER['DOCUMENT_ROOT'].'/dev/tutorials/email_signup';
//grab the template content
$template = file_get_contents($root.'/signup_template.'.$format);
//replace all the tags
$template = ereg_replace('{USERNAME}', $info['username'], $template);
$template = ereg_replace('{EMAIL}', $info['email'], $template);
$template = ereg_replace('{KEY}', $info['key'], $template);
$template = ereg_replace('{SITEPATH}','http://site-path.com', $template);
//return the html of the template
return $template;
}
format_email() is taking two variables which will be used in index.php. The first is our form information array and the second is format. We have a format variable so we can re-use this array for both the HTML and TXT versions of the template.
First we set the root. This points to the folder that the templates are hosted.
Next we open up the contents of our template and assign it to a variable.
Now we are going to use ereg_replace() to replace our {USERNAME} tags in our template with the content from our form. It’s basically just a super simple template system.
Lastly we return the template variable which holds all the html.
Explanation: In a nutshell, format_email() opens up our template files, takes the HTML and assigns it to our variable. This is just a cleaner way then assigning all the HTML in the function itself.
Step 11: Sending the Email
We are going to write another function to deal with Swift and sending the emails.
function send_email($info){
//format each email
$body = format_email($info,'html');
$body_plain_txt = format_email($info,'txt');
//setup the mailer
$transport = Swift_MailTransport::newInstance();
$mailer = Swift_Mailer::newInstance($transport);
$message = Swift_Message::newInstance();
$message ->setSubject('Welcome to Site Name');
$message ->setFrom(array('noreply@sitename.com' => 'Site Name'));
$message ->setTo(array($info['email'] => $info['username']));
$message ->setBody($body_plain_txt);
$message ->addPart($body, 'text/html');
$result = $mailer->send($message);
return $result;
}
Just like format_email(), send_email() takes our info array as a variable. The first part of the function we assign two variables, $body and $body_plain_text. We are using format_email() to assign the HTML values of our template to each variable. Now comes the good part. We have setup the swift instance using Swift_MailTransport:newInstance() and then setup the mailer using Swift_Mailer::newInstance($transport);
We create a new instance of the Swift message and start to assign some variables to this instance. We set the subject, from email and to email address and then use setBody() to assign out text version of the email to the mailer instance. To add the HTML version we use addPart(). The send() function takes care of the sending of the email and then we return the result. Alright, we have our email create and send functions written, let’s go back to index.php and start to wrap up the main signup.
Step 12: Did we Send? Shall we Confirm?
Our last bit should’ve been the if statement checking if the confirm row was created.
Let’s send the email and check if everything went though alright.
...
if confirm
...
//include the swift class
include_once 'inc/php/swift/swift_required.php';
//put info into an array to send to the function
$info = array(
'username' => $username,
'email' => $email,
'key' => $key
);
//send the email
if(send_email($info)){
//email sent
$action['result'] = 'success';
array_push($text,'Thanks for signing up. Please check your email for confirmation!');
}else{
$action['result'] = 'error';
array_push($text,'Could not send confirm email');
}
Without the Swift class we can’t send out any emails, so in our first line, we are including the swift class. We need to send our information to both of our new functions, so we create a new array and assign our variables to it. I know I know, more if statements, but we need to check for errors to make it easier for the users. You always have to assume that users will make every possible mistake imaginable.
We wrap our send_email() function in another if statement as well as passing the $info array. If the email is sent we assign a value of success and thank the user for signing up. If there are errors we use the familiar variables. So now, we are almost done with the signup, just one last function needs to be created. Even though we are assigning all these error/success variables and text we haven’t displayed this information to the user.
Move back to functions.php and paste this code.
//cleanup the errors
function show_errors($action){
$error = false;
if(!empty($action['result'])){
$error = "
- "."\n";
if(is_array($action['text'])){
//loop out each error
foreach($action['text'] as $text){
$error .= "
- $text "."\n"; } }else{ //single error $error .= "
- $action "; } $error .= "
This may seem confusing but it’s really just making our success/errors looks nice.
First it checks to see if the array is empty so we aren’t executing the code when it isn’t needed.
Next it creates a ul tag and applies the result as a class. This will either be success or error and is aesthetic only.
We then check to see if the text variable is an array or simply a string. If it’s a string, we wrap it in an li. If it’s an array we loop through each array item and wrap it in an li.
Lastly, we close the ul and return the entire string.
If we move back to index.php and place this code right after including header.php we can wrap up this section.
... header include ...
A quick little explanation. We are taking all the values of our action array and passing it to the show_errors() function. If there is any content it returns a nice unordered list.
Step 13: Confirming the User
We should have a good grip on how the script is functioning; so for this next script I’m going to give you the entire chunk of code and then go through it with you.
Open up confirm.php and paste this in-between the header include and your show_errors() function.
//setup some variables
$action = array();
$action['result'] = null;
//quick/simple validation
if(empty($_GET['email']) || empty($_GET['key'])){
$action['result'] = 'error';
$action['text'] = 'We are missing variables. Please double check your email.';
}
if($action['result'] != 'error'){
//cleanup the variables
$email = mysql_real_escape_string($_GET['email']);
$key = mysql_real_escape_string($_GET['key']);
//check if the key is in the database
$check_key = mysql_query("SELECT * FROM `confirm` WHERE `email` = '$email' AND `key` = '$key' LIMIT 1") or die(mysql_error());
if(mysql_num_rows($check_key) != 0){
//get the confirm info
$confirm_info = mysql_fetch_assoc($check_key);
//confirm the email and update the users database
$update_users = mysql_query("UPDATE `users` SET `active` = 1 WHERE `id` = '$confirm_info[userid]' LIMIT 1") or die(mysql_error());
//delete the confirm row
$delete = mysql_query("DELETE FROM `confirm` WHERE `id` = '$confirm_info[id]' LIMIT 1") or die(mysql_error());
if($update_users){
$action['result'] = 'success';
$action['text'] = 'User has been confirmed. Thank-You!';
}else{
$action['result'] = 'error';
$action['text'] = 'The user could not be updated Reason: '.mysql_error();;
}
}else{
$action['result'] = 'error';
$action['text'] = 'The key and email is not in our database.';
}
}
Most of this should look very familiar; so I’m going to skip ahead and check if the key is in the database section.
Again, we use mysql_query() to get any rows in the database where the email and key are equal to the keys provided by the users email.
We use mysql_num_rows() to check if the number of rows returned is greater than 0.
If the email and key are in the database we grab all the information from the database using mysql_fetch_assoc().
Now that the user has confirmed his account, we need to update the database and set the active row to 1.
We use mysql_query() again, but instead of INSERT we use UPDATE to update the active row to 1 where the user ID is the same as our current users ID.
To clean everything up we use mysql_query() and DELETE to remove the confirmation row from the database. This makes sure that the user can’t come back to this page and reconfirm. It also keeps the database nice and clean.
Conclusion
We’ve covered many different areas in this tutorial. We downloaded and included a 3rd party script to deal with sending the emails, implemented simple form validation as well as created a super simple template system to style our emails. If you’re new to MySQL we’ve touched on the three most common functions in MySQL so you should have no problem completing some more advanced tutorials.
Final Notes
- I’ve used Swift Mailer as our email deployment script which can be downloaded here: http://swiftmailer.org/
- I’ve also used button styles provided by Zurb. Be sure to check them out and give them some love. http://www.zurb.com/blog_uploads/0000/0485/buttons-02.html
Thanks for reading and be sure to visit me on Twitter if you have any questions!
Enjoyed this Post?
Subscribe to our RSS Feed, Follow us on Twitter or simply recommend us to friends and colleagues!
By Matt Vickers
Join our newsletter!
Create a Tutorial, Get Paid!
Have something to teach the world? Want to earn money doing it? Tutorials, screencasts, and articles published here on Nettuts+ are largely contributed by readers just like you! We'll pay you great money for good content. Find Out More
First.
What’s the point.. dumbass!
Stop doing that man, is so dumb!
u guys r so funny, lol
you deserve an award for being the first commenter :)
hi my name is anne i was trying to get on facebook earlier i wasnt allowed my usual password then when i changed it i was asked for a code i havent got one but there was no where to write to tell them can you help
Slick, easy to follow, very well done!
Stumbled this for you, great tutorial.
Really needed something like this for a project its much more of a daunting and time consuming when you havent got something to follow and this will certainly help.
Thanks matt.
Got to love those Zurb buttons.
Great tips, Matt!
Thank you!
Let me be the first to say thank you for this! I like the detailed explanations of each step… I learned more by reading this tutorial than I have in weeks of trying out others.
Thanx! I’m going to try thid in CodeIgniter!
Here’s a good start : http://net.tutsplus.com/videos/screencasts/codeigniter-from-scratch-day-6-login/
Learning very much of this :) thanks!
Good article…but the ‘rows’ you’re talking about in Step 2 are really called ‘fields’.
I haven’t read the tutorial yet however I noticed you use these thingys “ around table and column names, I do too but I don’t know why. Theres nothing about it on w3schools, do you know what the reason for this is?
Hey,
Are you talking about inside the mysql_query() function?
I mean in step 2 in your SQL you use these ` things.
I was also wondering what these ` things were
Matt, you’re becoming one of my fav tut writers. Keep them coming!
Thanks, I’ve got a few ideas bouncing around inside my head for some new tutorials.
very hot. thank you
Hey nice article thanks :)
Don’t forget that ereg is deprecated and that you’ll get an error with PHP version 5.3 and greater. You should use preg instead which is by the way much faster.
Anyway, thanks again !
Hey,
Thanks for the tip, i didn’t know that.
You learn something new every day!
You’re welcome, more info on php.net:
“Warning
This function has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 6.0.0. Relying on this feature is highly discouraged.”
More info about preg_replace here: http://fr.php.net/manual/en/function.preg-replace.php
And I learned something about email confirmation, nice ;)
I think we just established a learning circle, let’s keep this bad boy rolling.
I also didn’t know we were up to PHP 6. Must read into this.
Thanks again!
Well then let’s continue ;)
In fact PHP 6 is still in developpement. That’s why most of the new features of PHP 6 have been implemented in PHP 5.3, making it a sort of a must-have (performance, bugfixes, namespaces, etc.).
I tried to find your website but it redirects to your twitter account :p I would have been interesed in knowing what kind of studies or jobs you did, but that’s maybe waaaay of topic !
Yeah,
My personal site has been in development for the 3 years i’ve had my webspace, you know how it is :P
You can check out http://vantagestudios.ca which is the company I currently work at for a look at some projects I’ve worked on.
i wish you included jQuery verification.
Me too! Excellent article nonetheless.
Thanks, Matt. Great tutorial! I have one question if you don’t mind…
In signup_template.html, your href for the confirmation link is “{KEY}
That throws off an error because it doesn’t know what domain to find “confirm.php” at. Shouldn’t the {SITEPATH} variable be set there? I got mine to work by hardcoding my url into the href. Maybe I’m missing something. If you could clarify, I’d appreciate it.
Thnx!
Hey,
You are correct, i forgot the {SITEPATH} variable.
I’ve submitted new source code, for now you can download it here:
http://envexlabs.com/_files/email_tut_source_revised.zip
Thanks!
Been playing around with signup form and noticed one other issue that I hope others might be able to expand on. The form validation for “password” is ignored. If you submit without anything in the password field, you just get a blank page. However, I discovered that if you remove the md5 variable ($password = md5($password);) from index.php, it works fine. Obviously, the md5 won’t work then. Any thoughts?
Hello,
What’s happening is that even if password is blank, the md5() function is creating a string before we validate, so because of this the password validation is actually passing when it shouldn’t.
I’m making the changes and will submit an updated source code.
For the time being, if you move:
$password = md5($password);
inside:
if($action['result'] != ‘error’){
Then everything will work properly.
Thanks for pointing this out!
Hello ncovil !
I am new to php mysql
According this tuts i copy all source code & change some setting only in config.php file
then i copy all file to my website folder “http://www.makemycreative.in/source/index.php”
now it showing error like…
“I couldn’t connect to your database, please make sure your info is correct!”
I fill instead of required….these…
“mysql_connect(‘localhost-10′, ‘makemycr’, ‘samson01′) or die(“I couldn’t connect to your database, please make sure your info is correct!”);
mysql_select_db(‘user1′) or die(“I couldn’t find the database table ($table) make sure it’s spelt right!”);”
——————————————————————————————————————-
I am not sure what to write instead of localhost.. i am very confused abt localhost..
rest of i know.. i think it’s a problem of localhost…
I almost have it all up and running but when I put my details in the email sends I get the email but it is blank.
Any reasons why this happens?
Cheers peewee1002. (Peter Sawyer)
Hey Peter,
If the email is sending but it’s blank it sounds like something is messing up with the template area.
Make sure that php is finding the template file alright. Make sure the paths are correct.
I can help you debug, just send me a DM on twitter. @envex.
hm… didn’t we have a tut on this already?
http://net.tutsplus.com/tutorials/php/how-to-implement-email-verification-for-new-members/
LOVE these types of tuts – I’d love to see more of working with functionality and databases in PHP, RoR and even ASP.net MVC
Great tutorial, I am not sure if I missed this in the tutorial. How would you check a username to make sure it is not used more than once.
Nice tut, very usefull. Thanks
I have seen variants of this tutorial all over the net and they all share a common design flaw – two database tables. This can be accomplished with one database table in a much simpler fashion.
define(‘SECRET’, ‘something secret’);
// now make your key
$key = md5($email . SECRET);
// there is no need to save this key! No extra table is needed!
// now to verify key
if (md5($_GET['email'] . SECRET) == $_GET['key']) {
echo “Yes you good.”;
else {
echo “oh no!;
}
See how much easier that was?
This is true, i’ve never thought of it that way. I’ve always just been used to creating multiple tables.
Thanks for the tip!
NP its a common mistake. For some reason everyone does it the other way. Hashes can be great for lots of things like this. I would consider a better hash though like SHA rather than the old and kind of broken MD5.
You made a few other kind of big mistakes as well. First you just MD5′d the password. This is not secure as MD5 has been broken for some time now. What you should do is:
1 (easy) – sha1($password . SECRET). This way they have to hack your database and your web server.
2 (harder) add another column to your table that stores a unique salt per row and fill this with a random MD5 hash and then do $password = sha1($password . SECRET . $salt). Now they have to hack your database server, hack your web server, and try every combination on every row (rather than the dataset as a whole).
3) Either 1 or 2 plus encryption at the DB level plus forcing SSL otherwise someone will just sniff passwords in the middle.
There are also built in function for validating an email and username (with regular expressions) google will tell you them.
Also PDO is much better than the mysql_ stuff. But that’s a rant/maybe a tutorial for another day.
Thanks for all the tips!
Just like everyone else i’m always learning and refining my methods. I’ve moved onto working with cakephp, so a few things get lost in the translation back to custom php.
Again, thanks for pointing everything out, I appreciate it.
Me to. CakePHP rocks. Most of what I write is in CakePHP now as well. We need more CakePHP tutorials here! Ironicaly CakePHP makes the same security mistake on not double salting user tables. I haven’t checked CakePHP 2 yet otherwise I should patch it.
Your password hash = a3470ce826283eca7ce3360d0f26b230 = md5(‘usernamepassword42.52.56.24′)
Google told me… So do what David Singer sais. Much more unlikely that
Great Design…
Learned some great wee bits from this tutorial.
I build forms generally in a similar manner, but without much effort on the ‘error reporting’. Going to give this a good lookover later.
Many thanks Matt!
Backticks, only so you can use forbidden field names? Bad practice.
One essential thing to add is a check for duplicate usernames. We wouldn’t to create a new account with the same username as someone else.
My head is spinning. Why must you use a mailer framework? Major turn down of the tutorial. All is good though because I just skipped those steps and implemented my personal code :D Good stuff!
I was gearing this more towards beginners/moderate users and didn’t really want to go into using mail() and dealing with headers and everything, especially when sending out HTML emails.
Unless i’m missing something and it’s a lot easier than i expect.
I’m having a lot of trouble getting the e-mail to be sent out. Figured out and improved everything else but I can’t for the sake of hell get the thing to actually send me a mail:
$var = send_Email($info);
var_dump($var);
The code above gives me int(0). I don’t know if that’s what I’m supposed to get although I doubt it. But it still doesn’t make a difference. I’m not getting any mails.
So my question is, Could you speciffy any resources or links to your e-mail sending code if you are providing any somewhere? thanks a million
Hello
See following portion of script from your article,
// replace all the tags
$template = ereg_replace(‘{USERNAME}’, $info['username'], $template);
// … etc …
Try using str_replace( … ) which is quicker for simple, non regular expression string replacement :)
Other than that, good article for those learning PHP, etc.
I agree with this. We don’t need to use regex at all in this tutorial, because it’s just a simple string replacement. And one more thing, don’t you ereg_replace, use preg_replace instead of (but here, use str_replace).
Very well written tutorial. Loved to see someone using Swift! I just didn’t like the ereg_ and mysql_ based functions, it’s not a good practice to use’em. ;)
Thanks,
I’ve already heard about ereg, but what other method would you use instead of mysql_?
I didn’t know what mysql_ was bad practice. I guess old habits die hard :D
you should use mysqli_ instead of mysql_. If you want to go further you can check some database abstraction libriries, like PDO or MDB2(from PEAR) ;)
Thanks,
I will look into these!
Tnxs for this tut, but i need to do a question, when i try to use, it not send me a confirmation mail. however i think that the config fields are perfect.
Hey,
Are you using it on a local server.
Try running the mail() function with your email address and a generic subject/body.
If it sends then the script is bugged, otherwise it may be a problem with your server.
Contact me @envex if you still have problems.
muy buen tutorial, esta muy bien explicado
Nice one, but i think using mysqli would have been better :)
I don’t understand part 4 to rest ;x..achive until mysql, rest not work for me;x
I got an error with:
$action['result'] = ‘error’;
array_push($text,’User could not be added to the database. Reason: ‘ . mysql_error());
=
}
I get a parse error on the line with the ‘=’. Any idea what’s wrong?
Hey,
I’m not sure if this would have anything to do with it but maybe these characters have something to do with it: use ‘ instead of ‘
I know sometimes when copy and pasting text from the web it screws up the apostrophes.
Ok, the text converted my apostrophe making it look like i told you to use the same. Try re-entering the apostrophes.
This guy ROCKs !! That’s all :p
Best from france ;)
R.
Login Fool !!!!
o_0
o_0
thanks for the source code :)
helps me a LOT !!
excellent tutorial..
it is nice tuts ……….
but it ll be more helpful if u add session and cookies to it …….
I’m interesting in sessions/cookies too.
Great tut. One question –
How would i check to see if a username already exists before creating the account and where i would add it to the script?
Thank you.
Another quick question –
I added some info to the create a database -
CREATE TABLE `users` (
`id` int(11) NOT NULL auto_increment,
`username` varchar(50) NOT NULL default ”,
`password` varchar(128) NOT NULL default ”,
`email` varchar(250) NOT NULL default ”,
`group` binary(1) NOT NULL default ’1′,
`active` binary(1) NOT NULL default ’0′,
`usr_salt` varchar(255) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM AUTO_INCREMENT=27 DEFAULT CHARSET=utf8;
Do i also need to edit the confirm table with the new values or can i leave it how it is?
Also, people are saying to use Mysqli. Does this mean i change every instance of Mysql to Mysqli?
For example –
$add = mysql_query(“INSERT INTO `users` VALUES(NULL,’$username’,'$password’,'$email’,0)”);
Would this now be
$add = mysqli_query(“INSERT INTO `users` VALUES(NULL,’$username’,'$password’,'$email’,0)”);
Thanks for the support!
My code will probably screw up (when I post this, hopefully not) but no, you wouldn’t change mysql to mysqli, it entails a bit more.
You would have something like this:
//check connection
$mysql = new mysqli(‘localhost’, ‘username’, ‘password’, ‘database’) or die(‘Could not connect to the database);
//prepare the query (in this case, we’re going to take everything from the database, that rhymed… cool)
$qry = $mysql->prepare(‘SELECT * FROM users’);
//execute the query
$qry->execute();
Now, the * determines that you’re selecting ‘all’ fields from the table. If you would like to select individual fields from the table you would write them out (which is better practice):
$qry = $mysql->prepare(‘SELECT id,name,password,email FROM users’);
Note that the variable $qry can be called anything you’d like.
The prepare statement goes SELECT (fields) FROM `tablename`.
A perfect tutorial for PHP noobs like me. :)
I done !
But one problem
Why problem is showing like !
“Could not send confirm email”
Here ”
poorly managed code snippets……..
Pitty about the css3…
Everything works great until I click the confirmation in the email which send me back to my site with all css disabled. I’m super new to all things html css php etc… Anyone else have this problem?
Nice tutorial. I’ve used the one found here:
http://www.roscripts.com/PHP_login_script-143.html
for several projects. Obviously not verbatim, but the thought process helps when you need to develop things for clients.
I done !
But one problem
Why problem is showing like !
“Could not send confirm email”
Here ” http://makemycreative.in/source/index.php“
nice tutorial for a new boy like me. And interesting reading all these comments by you people who know your stuff…
cheers(helping my quest to become unaddicted to cms’)
I have a problem with Swift inclusion .
“Parse error: syntax error, unexpected T_CLASS in /homez.116/wayfarer/apericlub/inc/php/swift/classes/Swift.php on line 28″
Anybody have an idea?
By the way, great tut ;)
I’m having the same problem here, it stocks the user in the user database but chokes on the mailer. Haven’t got a clue on how to debug this.
Cheers.
Great Tutorial.
I’m having the same problem too. Di someone figured it out?
I can’t seem to get the error messages or user feedback to display. If all data is entered correctly, the database is updated and the email is sent – and the confirm works. Also, I can’t find any reference to the “<?=" part of the function call: Is it PHP or HTML? I’ve Googled both and can’t find an explanation.
Thanks for the great tutorial.
I know this comment is a bit dated. But mabye it will help someone who is doing the tutorial and has the same problem. What I did was I changed the <?= in index.php to <?php and then in functions.php instead of return $error I did print $error and it worked.