Jump to content

Password Generation

enyeheri

By enyeheri
in PHP Coding Help

 Share

Recommended Posts

enyeheri Newbie

enyeheri

Posted
Posted

Dear All,

Below is a php file for my website invitacoach.com

 

I need to issue passwords myself to members who have already paid up for my services...of which they will then be able to access the advantages of a members area which include Videos, Audios and other publications.

 

Which part of my code am i to edit

 

Below is the SQL and register.php code.

 

SQL

 

CREATE TABLE users (

  userid int(25) NOT NULL auto_increment,

  first_name varchar(25) NOT NULL default '',

  last_name varchar(25) NOT NULL default '',

  email_address varchar(25) NOT NULL default '',

  username varchar(25) NOT NULL default '',

  password varchar(255) NOT NULL default '',

  info text NOT NULL,

  user_level enum('0','1','2','3') NOT NULL default '0',

  signup_date datetime NOT NULL default '0000-00-00 00:00:00',

  last_login datetime NOT NULL default '0000-00-00 00:00:00',

  activated enum('0','1') NOT NULL default '0',

  PRIMARY KEY  (userid)

) TYPE=MyISAM COMMENT='Membership Information';

 

 

 

REGISTER.PHP

 

 

<?

 

include 'db.php';

 

// Define post fields into simple variables

$first_name = $_POST['first_name'];

$last_name = $_POST['last_name'];

$email_address = $_POST['email_address'];

$username = $_POST['username'];

$info = $_POST['info'];

 

/* Let's strip some slashes in case the user entered

any escaped characters. */

 

$first_name = stripslashes($first_name);

$last_name = stripslashes($last_name);

$email_address = stripslashes($email_address);

$username = stripslashes($username);

$info = stripslashes($info);

 

 

/* Do some error checking on the form posted fields */

 

if((!$first_name) || (!$last_name) || (!$email_address) || (!$username)){

echo 'You did not submit the following required information! <br />';

if(!$first_name){

echo "First Name is a required field. Please enter it below.<br />";

}

if(!$last_name){

echo "Last Name is a required field. Please enter it below.<br />";

}

if(!$email_address){

echo "Email Address is a required field. Please enter it below.<br />";

}

if(!$username){

echo "Desired Username is a required field. Please enter it below.<br />";

}

include 'join_form.html'; // Show the form again!

/* End the error checking and if everything is ok, we'll move on to

creating the user account */

exit(); // if the error checking has failed, we'll exit the script!

}

 

/* Let's do some checking and ensure that the user's email address or username

does not exist in the database */

 

$sql_email_check = mysql_query("SELECT email_address FROM users WHERE email_address='$email_address'");

$sql_username_check = mysql_query("SELECT username FROM users WHERE username='$username'");

 

$email_check = mysql_num_rows($sql_email_check);

$username_check = mysql_num_rows($sql_username_check);

 

if(($email_check > 0) || ($username_check > 0)){

echo "Please fix the following errors: <br />";

if($email_check > 0){

echo "<strong>Your email address has already been used by another member in our database. Please submit a different Email address!<br />";

unset($email_address);

}

if($username_check > 0){

echo "The username you have selected has already been used by another member in our database. Please choose a different Username!<br />";

unset($username);

}

include 'join_form.html'; // Show the form again!

exit();  // exit the script so that we do not create this account!

}

 

/* Everything has passed both error checks that we have done.

It's time to create the account! */

 

/* Random Password generator.

http://www.phpfreaks.com/quickcode/Random_Password_Generator/56.php

 

We'll generate a random password for the

user and encrypt it, email it and then enter it into the db.

*/

 

function makeRandomPassword() {

  $salt = "abchefghjkmnpqrstuvwxyz0123456789";

  srand((double)microtime()*1000000);

  $i = 0;

  while ($i <= 7) {

    $num = rand() % 33;

    $tmp = substr($salt, $num, 1);

    $pass = $pass . $tmp;

    $i++;

  }

  return $pass;

}

 

$random_password = makeRandomPassword();

 

$db_password = md5($random_password);

 

// Enter info into the Database.

$info2 = htmlspecialchars($info);

$sql = mysql_query("INSERT INTO users (first_name, last_name, email_address, username, password, info, signup_date)

VALUES('$first_name', '$last_name', '$email_address', '$username', '$db_password', '$info2', now())") or die (mysql_error());

 

if(!$sql){

echo 'There has been an error creating your account. Please contact the webmaster.';

} else {

$userid = mysql_insert_id();

// Let's mail the user!

$subject = "Your Membership at invitacoach.com!";

$message = "Dear $first_name,

Thank you for registering at our website, http://www.invitacoach.com

 

You are two steps away from logging in and accessing our exclusive members area.

 

To activate your membership, please click here: http://www.invitacoach.com/test/activate.php?id=$userid&code=$db_password

 

Once you activate your membership, you will be able to login with the following information:

Username: $username

Password: $random_password

 

Thanks!

Invita Coach

Link to comment
Share on other sites
enyeheri Newbie

enyeheri

Posted
  • Author
Posted

voip03

I need to issue passwords myself to members who have already paid up for my services. after which they will then be able to access the  members area.

 

Which part of my code am i to edit<?

 

include 'db.php';

 

// Define post fields into simple variables

$first_name = $_POST['first_name'];

$last_name = $_POST['last_name'];

$email_address = $_POST['email_address'];

$username = $_POST['username'];

$info = $_POST['info'];

 

/* Let's strip some slashes in case the user entered

any escaped characters. */

 

$first_name = stripslashes($first_name);

$last_name = stripslashes($last_name);

$email_address = stripslashes($email_address);

$username = stripslashes($username);

$info = stripslashes($info);

 

 

/* Do some error checking on the form posted fields */

 

if((!$first_name) || (!$last_name) || (!$email_address) || (!$username)){

echo 'You did not submit the following required information! <br />';

if(!$first_name){

echo "First Name is a required field. Please enter it below.<br />";

}

if(!$last_name){

echo "Last Name is a required field. Please enter it below.<br />";

}

if(!$email_address){

echo "Email Address is a required field. Please enter it below.<br />";

}

if(!$username){

echo "Desired Username is a required field. Please enter it below.<br />";

}

include 'join_form.html'; // Show the form again!

/* End the error checking and if everything is ok, we'll move on to

creating the user account */

exit(); // if the error checking has failed, we'll exit the script!

}

 

/* Let's do some checking and ensure that the user's email address or username

does not exist in the database */

 

$sql_email_check = mysql_query("SELECT email_address FROM users WHERE email_address='$email_address'");

$sql_username_check = mysql_query("SELECT username FROM users WHERE username='$username'");

 

$email_check = mysql_num_rows($sql_email_check);

$username_check = mysql_num_rows($sql_username_check);

 

if(($email_check > 0) || ($username_check > 0)){

echo "Please fix the following errors: <br />";

if($email_check > 0){

echo "<strong>Your email address has already been used by another member in our database. Please submit a different Email address!<br />";

unset($email_address);

}

if($username_check > 0){

echo "The username you have selected has already been used by another member in our database. Please choose a different Username!<br />";

unset($username);

}

include 'join_form.html'; // Show the form again!

exit();  // exit the script so that we do not create this account!

}

 

/* Everything has passed both error checks that we have done.

It's time to create the account! */

 

/* Random Password generator.

http://www.phpfreaks.com/quickcode/Random_Password_Generator/56.php

 

We'll generate a random password for the

user and encrypt it, email it and then enter it into the db.

*/

 

function makeRandomPassword() {

  $salt = "abchefghjkmnpqrstuvwxyz0123456789";

  srand((double)microtime()*1000000);

  $i = 0;

  while ($i <= 7) {

    $num = rand() % 33;

    $tmp = substr($salt, $num, 1);

    $pass = $pass . $tmp;

    $i++;

  }

  return $pass;

}

 

$random_password = makeRandomPassword();

 

$db_password = md5($random_password);

 

// Enter info into the Database.

$info2 = htmlspecialchars($info);

$sql = mysql_query("INSERT INTO users (first_name, last_name, email_address, username, password, info, signup_date)

VALUES('$first_name', '$last_name', '$email_address', '$username', '$db_password', '$info2', now())") or die (mysql_error());

 

if(!$sql){

echo 'There has been an error creating your account. Please contact the webmaster.';

} else {

$userid = mysql_insert_id();

// Let's mail the user!

$subject = "Your Membership at invitacoach.com!";

$message = "Dear $first_name,

Thank you for registering at our website, http://www.invitacoach.com

 

You are two steps away from logging in and accessing our exclusive members area.

 

To activate your membership, please click here: http://www.invitacoach.com/test/activate.php?id=$userid&code=$db_password

 

Once you activate your membership, you will be able to login with the following information:

Username: $username

Password: $random_password

 

Thanks!

Invita Coach

 

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.