| My activation.php is not activating my membership.
|
Scotty13
msg:4447145 | 7:30 am on Apr 29, 2012 (gmt 0) |
When I join, I receive the welcome message and to click on link to activate. When I click on the link, I get the message Essential data from the activation URL is missing! Close your browser (located on the bottom of this script). It worked before & I don't recall changing anything. What am I missing here?
I appreciate any help and please don't answer with to complicated replies. I'm only a rookie and as you can see this is all I could achieve.
<style type="text/css">
<!--
body
{
background-image:url('images/bgactivation.jpg');
background-position:center top;
background-repeat:no-repeat;
}
-->
</style>
<?php
// If the GET variable id is not empty, we run this script, if variable is empty we give message at bottom
// Force script errors and warnings to show on page in case php.ini file is set to not display them
error_reporting(E_ALL);
ini_set('display_errors', '1');
//---------------------------------------------------------------------------------------------------------------------
if (isset($_POST ['email']) && $_POST ['email'] !="") {
//Connect to the database through an include
include_once "scripts/connect_to_mysql.php";
$id = $_GET['id'];
$hashloca = $_GET['sequence'];
$id = mysql_real_escape_string($id );
$id = preg_replace("`", "", $id);
$hashloca = mysql_real_escape_string($hashloca);
$hashloca = preg_replace("`", "", $hashloca);
$sql = mysql_query("UPDATE myMembers SET email_activated='1' WHERE id='$id' AND locator='$hashloca'");
$sql_doublecheck = mysql_query("SELECT * FROM myMembers WHERE id='$id' AND locator='$hashloca' AND email_activated='1'");
$doublecheck = mysql_num_rows($sql_doublecheck);
if($doublecheck == 0){
$msgToUser = "<br /><br /><h3><strong><font color=red>Your RES could not be activated!</font></strong><h3><br />
<br />
Double check your entries & try again. If neither one of those work. Please eMail site administrator and request manual activation.
";
include 'msgToUser.php';
exit();
} elseif ($doublecheck > 0) {
$msgToUser = "<br /><br /><h3><font color=\"#0066CC\"><strong>Congratulations! Your reservation has been confirmed.<br /><br />
CHECK IN anytime up top.</strong></font></h3>";
include 'msgToUser.php';
exit();
}
} // close first if
print "Essential data from the activation URL is missing! Close your browser, go back to your eMail inbox, and please use the full URL supplied in the activation link we sent you.<br />
<br />
Sorry for any trouble. My Global PNR, LLC / admin@example.com
";
?>
Thank you, Scotty [edited by: bill at 10:14 am (utc) on Apr 29, 2012]
[edit reason] use example.com for e-mail address [/edit]
|
cffrost2
msg:4447205 | 3:07 pm on Apr 29, 2012 (gmt 0) |
Have you gone back to look at the email link and verified that the variables "id" and "sequence" are included in the URL? And verify that both values match the values in the db columns. If both those senerios are ok, then double check your update is working in look and see if the values are being updated in the db.
|
cffrost2
msg:4447208 | 3:15 pm on Apr 29, 2012 (gmt 0) |
Also
| if (isset($_POST ['email']) && $_POST ['email'] !="") { |
|
Is this looking for an email in the URL? Ie: http://www.example.com/index.php?email=me@example.com&id=123&sequence=HA$HVAR
If so, you shou use $_GET. Not $_POST.
If(isset($_GET['email']).....
|
Scotty13
msg:4447274 | 7:26 pm on Apr 29, 2012 (gmt 0) |
I checked my db, I changed $_Post to $_Get still no change.
If I test activation.php from Dreamweaver to my browser I get...
http://example.com/root/activation.php
If I click on the activation link that was emailed to me I get...
http://example.com/activation.php?id=9&sequence=23d1e10df85ef805b442a922b240ce25 [edited by: engine at 8:17 am (utc) on Apr 30, 2012]
[edit reason] please use example.com [/edit]
|
cffrost2
msg:4447317 | 1:06 am on Apr 30, 2012 (gmt 0) |
| http://www.example.com/activation.php?id=9&sequence=23d1e10df85ef805b442a922b240ce25 |
|
Should there be an email var in that URL?
| http://www.example.com/activation.php?email=me@example.com&id=9&sequence=23d1e10df85ef805b442a922b240ce25 |
|
(i just visited your link although you are not supposed to post actual url's here and added "&email=me@web.com" at the end and it seemed to do the trick) copy the url i just used above and give it a shot. (change www.example.com to your actual site)
the line if(isset($_GET['email']) && $_GET['email'] != "")
is looking for an email var or it fails and states
| Essential data from the activation URL is missing |
|
and lastly, it seems that the "essential data" part should be enclosed in an else statement
else
{
print "Essential data........";
}
|
Scotty13
msg:4447386 | 6:59 am on Apr 30, 2012 (gmt 0) |
Getting somewhere. I got these two errors...
Warning: preg_replace() [function.preg-replace]: No ending delimiter '`' found in /home/*******/public_html/activation.php on line 26
LINE 26: $id = preg_replace("`", "", $id);
Warning: preg_replace() [function.preg-replace]: No ending delimiter '`' found in /home/********/public_html/activation.php on line 29
Line 29: $hashloca = preg_replace("`", "", $hashloca);
@cffrost2 - thanks for help & time.
Scott
|
cffrost2
msg:4447463 | 12:26 pm on Apr 30, 2012 (gmt 0) |
preg_replace utilizes a starting and ending delimiter. / or #.
So
preg_replace("/`/", "", $hashloca);
that should clear up those errors.
BTW. You're welcome. :)
|
rocknbil
msg:4447547 | 3:49 pm on Apr 30, 2012 (gmt 0) |
As mentioned URL data (link in your email) is found in get, not post. This is not a try it and see, this has to be set. You might also change it like so (no big if you don't)
if (isset($_GET['email']) && ! empty($_GET['email']) {
Also as mentioned, "Essential data" would always fire. Look:
} // close first if
print "Essential data from the activation URL is missing! Close your browser, go back to your eMail inbox, and please use the full URL supplied in the activation link we sent you.<br />
You also need to exercise the same checks on $id that you do on email. Presuming it's numeric,
if (isset($_GET['id']) and is_numeric($_GET['id']) and ($_GET['id'] > 0)) {
$id = $_GET['id'];
} else { die("ID is not numeric"); }
if (isset($_GET['sequence']) and preg_match('/^[a-z\d]+$/i',$_GET['sequence'])) {
$hashloca = $_GET['sequence'];
} else { die("Hash contains invalid characters or is not set"); }
An aside, you have str_replace [php.net] syntax here, not preg_replace, which would work fine for what you're doing.
$hashloca = str_replace("`", "", $hashloca);
For the ID, you're looking for a numeric value, right? Sub out anything not a number. Actually you won't even need to do that if you use the error trap that checks for numeric data (IMO, there shouldn't even be a backtick in these links, I'd fix it so there aren't any.)
$id = preg_replace('/[^\d]/','',$id);
Those two bits all together,
if (isset($_GET['id']) and is_numeric($_GET['id']) and ($_GET['id'] > 0)) {
$id = $_GET['id'];
} else { die("ID is not numeric"); }
if (isset($_GET['sequence']) and preg_match('/^[a-z\d]+$/i',$_GET['sequence'])) {
$hashloca = str_replace("`", "", $hashloca);
$hashloca = $_GET['sequence'];
} else { die("Hash contains invalid characters or is not set"); }
|
Scotty13
msg:4447682 | 9:14 pm on Apr 30, 2012 (gmt 0) |
This is the activation link sent to my email.
http://example.com/activation.php?email=me@example.com&id&sequence=23d1e10df85ef805b442a922b240ce25
@rocknbil I tried your way and got... ID is not numeric. So I went with cffrost2 way and got the following...
Your RES could not be activated!
Double check your entries & try again. If neither one of those work. Please eMail site administrator and request manual activation.
I also got this error message...
Notice: Undefined variable: ckinOptions in /home/********/public_html/mgpheader_template.php on line 38
From mgpheader_template.php LINE 38: <td width="187"55"><div align="center" style="margin-bottom:14px; text-align: center;"><?php echo $ckinOptions; ?>
Thanks guys,
Scott
|
cffrost2
msg:4447726 | 11:49 pm on Apr 30, 2012 (gmt 0) |
scott, rocknbil showed you a different way of writing your code and a better way of validating your vars. By you stating you used his "way" and got the error "id is not numeric", it told me right where to look. Makes things easier to troubleshoot when your code is well written.
The reason both failed is because your id var is not being passed:
| http://example.com/activation.php?email=me@example.com&id&sequence=23d1e10df85ef805b442a922b240ce25 |
|
Most likely in the code that is building the URL.
This error is a perfect example of what rocknbil is teaching you:
| Notice: Undefined variable: ckinOptions in /home/********/public_html/mgpheader_template.php on line 38 |
|
This is from a var trying to be used but isn't set. Line 38 is showing where the var is being used/echoed. You have to find where it's being generated and correct that issue. So the problem lies before line 38.
You're doing good. Keep up trying. Learning never comes overnight. :)
|
rocknbil
msg:4448035 | 4:01 pm on May 1, 2012 (gmt 0) |
Perfect. Leave it in! :-) Do you see it? Look at your link. What is id equal to? :-)
|
Scotty13
msg:4448119 | 7:31 pm on May 1, 2012 (gmt 0) |
A. 23
23 What?
|
cffrost2
msg:4448214 | 2:09 am on May 2, 2012 (gmt 0) |
Scott.
What are you referring to?
|
Scotty13
msg:4448271 | 6:42 am on May 2, 2012 (gmt 0) |
You said look at your link. What is id equal to?
|
rocknbil
msg:4448536 | 4:20 pm on May 2, 2012 (gmt 0) |
No, that's sequence (and it's not just "23", it's 23d1e10df85ef805b442a922b240ce25). Look . . .
&id&
id doesn't even have an =, it's not even a string. It's set, but it can't be anything but null. What you should have there is
&id=12345& (or some other number)
The problem is in generating the email output. And the error trapping you added is telling you that. :-)
|
Scotty13
msg:4448707 | 11:25 pm on May 2, 2012 (gmt 0) |
I went back to an older script. Took what I had and what you all given me and now working just fine. End result (just showing the top half)....
<style type="text/css">
<!--
body
{
background-image:url('images/bgactivation.jpg');
background-position:center top;
background-repeat:no-repeat;
}
-->
</style>
<?php
// If the GET variable id is not empty, we run this script, if variable is empty we give message at bottom
if ($_GET['id'] != "") {
//Connect to the database through an include
include_once "scripts/connect_to_mysql.php";
$id = $_GET['id'];
$hashloca = $_GET['sequence'];
$id = mysql_real_escape_string($id );
$id = preg_replace("/`/", "", $id);
$hashloca = mysql_real_escape_string($hashloca);
$hashloca = preg_replace("/`/", "", $hashloca);
$sql = mysql_query("UPDATE myMembers SET email_activated='1' WHERE id='$id' AND locator='$hashloca'");
$sql_doublecheck = mysql_query("SELECT * FROM myMembers WHERE id='$id' AND locator='$hashloca' AND email_activated='1'");
$doublecheck = mysql_num_rows($sql_doublecheck);
if($doublecheck == 0){
Thanks again,
Scotty
|
cffrost2
msg:4448725 | 1:31 am on May 3, 2012 (gmt 0) |
Good to see you have it working again.
|
|
|
