Php Folkies,
Look at this account activation script. It gets triggered when a new member clicks an account activation link he gets emailed.
[code]
<?php
//Required PHP Files.
include ‘configurations_site.php’; //Required on all webpages of the site. Must include here too. Else, conn.php data would not be found. conn.php residing in site_configurations.php.
include ‘header_site.php’; //Required on all webpages of the site.
include ‘header_account.php’; //Required on all webpages of the account.
include ‘sessions.php’; //Required on all webpages of the site.
?>
<?php
//Step 1: Check whether URL is in the GET method or not.
//Perform following actions if URL is not in the GET Method and does not contain user Email and Account Activation Code.
if(!isset($_GET[“primary_website_email”],$_GET[“account_activation_code”]) === TRUE)
{
//Give the User Alert that the Account Activation Link is Invalid.
echo “Invalid Account Activation Link! Try registering for an account if you do not already have one! <a href=””register.php”>Register here!</a>”; </p>
exit();
}
else
{
//Step 2: Check User submitted details.
$primary_website_email = htmlspecialchars($_GET[‘primary_website_email’]);
$account_activation_code = htmlspecialchars($_GET[‘account_activation_code’]);
//2A. Check User Inputs against Mysql Database.
//Select Username, Primary Domain and Primary Domain Email to check against Mysql Database if they are pending registration or not.
$stmt = mysqli_prepare($conn, “SELECT username, account_activation_status FROM users WHERE primary_website_email = ? AND account_activation_code = ?”);
mysqli_stmt_bind_param($stmt,’si’,$primary_website_email,$account_activation_code);
mysqli_stmt_bind_result($stmt,$username,$account_activation_status);
//Perform the following if Account Activation Link was valid (the “Primary Website Email” and “Account Activation Code” match that were found via the GET Method).
if(mysqli_stmt_execute($stmt)) && mysqli_stmt_fetch($stmt))
{
//Perform the following if the “Account Activation Status is not found to be “0” (Account Activation Pending) on Mysql Database.
if($account_activation_status = 1)
{
//Give the User Alert that their Account is already active.
echo “Since you have already activated your account then why are you trying to activate it again ? Simply <a href=””login.php”>log-in here</a>! “;
exit();
}
else
{
//Set Account Activation Status to 1 (1 = “Account Activated”; And 0 = “Activation Pending”) on Tbl.
$account_activation_status = 1;
$stmt = mysqli_prepare($conn,”UPDATE users SET account_activation_status = ? WHERE username = ?”);
mysqli_stmt_bind_param($stmt,’is’,$account_activation_status,$username);
if(mysqli_stmt_execute($stmt))
{
//Give user Alert that their Account has now been Activated.
echo <h3 style=’text-align:center’>Thank you for your confirming your email and activating your account. <br>
Redirecting you to your Home Page …</h3>
$_SESSION[“user”] = $username;
//Redirecting the newly Account Activated User to their Account Home Page by identifying the User by their Session Name (Username).
header(“location:home.php”);
}
}
}
else
{
//Perform following if Primary Website Email and/or Account Activation Code is not Pending Registration.
$primary_website_email = htmlspecialchars($_GET[‘primary_website_email’]);
$account_activation_code = htmlspecialchars($_GET[‘account_activation_code’]);
//Give the User Alert their Email and/or Account Activation Code in the Account Activation Link is Invalid or the Account Activation Link is out of date (Email no longer registered in the Tbl).
echo “Either this Email Address $primary_website_email was not pending registration with this Account Activation Code $account_activation_code or one or both of them are invalid!
Or, the Account Activation Link is out of date (Email no longer registered in the Tbl).
Try registering an account if you have not already done so! <a href=”register.php”>Register here!</a>”; </p>
exit();
}
}
?>
[/php]
Shall I change this:
[php]
//2A. Check User Inputs against Mysql Database.
//Select Username, Primary Domain and Primary Domain Email to check against Mysql Database if they are pending registration or not.
$stmt = mysqli_prepare($conn, “SELECT username, account_activation_status FROM users WHERE primary_website_email = ? AND account_activation_code = ?”);
mysqli_stmt_bind_param($stmt,’si’,$primary_website_email,$account_activation_code);
mysqli_stmt_bind_result($stmt,$username,$account_activation_status);
//Perform the following if Account Activation Link was valid (the “Primary Website Email” and “Account Activation Code” match that were found via the GET Method).
if(mysqli_stmt_execute($stmt)) && mysqli_stmt_fetch($stmt))
{
//Perform the following if the “Account Activation Status is not found to be “0” (Account Activation Pending) on Mysql Database.
if($account_activation_status = 1)
{
//Give the User Alert that their Account is already active.
echo “Since you have already activated your account then why are you trying to activate it again ? Simply <a href=””login.php”>log-in here</a>! “;
exit();
}
[/php]
to this where the mysqli_stmt_bind_result($stmt,$username,$account_activation_status) has been switched to a new spot:
[php]
//2A. Check User Inputs against Mysql Database.
//Select Username, Primary Domain and Primary Domain Email to check against Mysql Database if they are pending registration or not.
$stmt = mysqli_prepare($conn, “SELECT username, account_activation_status FROM users WHERE primary_website_email = ? AND account_activation_code = ?”);
mysqli_stmt_bind_param($stmt,’si’,$primary_website_email,$account_activation_code);
//Perform the following if Account Activation Link was valid (the “Primary Website Email” and “Account Activation Code” match that were found via the GET Method).
if(mysqli_stmt_execute($stmt)) && mysqli_stmt_fetch($stmt))
{
//Perform the following if the “Account Activation Status is not found to be “0” (Account Activation Pending) on Mysql Database.
mysqli_stmt_bind_result($stmt,$username,$account_activation_status);
if($account_activation_status = 1)
{
//Give the User Alert that their Account is already active.
echo “Since you have already activated your account then why are you trying to activate it again ? Simply <a href=””login.php”>log-in here</a>! “;
exit();
}