Jump to content

Hello guys, i need help with a script

djfadeout

By djfadeout
in PHP Coding Help

 Share

Recommended Posts

djfadeout Newbie

djfadeout

Posted
Posted

I have a script on my website, freestudentcloud.com.

 

But i want:

1) that new users must activate there account.

2)If the user lose his pass that he can Change/renew his password.

 

I hope someone can help me with my problems.

 

I have no knowledge of php, but i have tried many thinks. like http://www.learnphponline.com/scripts/email-activation-for-php-forms

 

This is the users.php

<?php
if( ! defined( '_AppPath' ) ) { exit( 'Direct access to this script is not permitted' ); }

class Users
{
var $app;
function __construct( $app )
{
  $this->app = $app;
}
//******************************
// Insert new user
//******************************
function create($return = false)
{
  //Data validation
  $error;
  if(empty($_POST['password']))
   $error = 'Please enter a password';
  if(!empty($_POST['maxupload']) && !ctype_digit($_POST['maxupload']))
   $error = 'Please enter numeric values only for max. upload limit';
  if(empty($_POST['name']))
   $error = 'Please enter a username';   
  //Check for errors 
  if($error)
  {
   return array("error" => $error);
  }
  $user = array();
  $user['name']  = $this->app->db->real_escape_string($_POST['name']);  
  $user['password'] 	= md5('_password_'.$_POST['password']);
  $user['maxupload'] = $_POST['maxupload'] ? $_POST['maxupload'] : '';
  $user['admin']     = $_POST['admin'];
  
  //remove white space from username
  $user['name'] = str_replace(" ","",$user['name']);
  //Check for illegal characters
  $valid = array('-', '_');
  if(!ctype_alnum(str_replace($valid,'',$user['name'])))
   return array("error" => 'Only alphanumeric characters and "-" or "_" are allowed');
  if(strlen($user['name']) > 30)
   return array("error" => 'Username is too big (30 characters allowed)');
  
   
  //Insert user into database
  $query = "INSERT INTO users VALUES (NULL,
                                     '".$user['name']."',
                                     '".$user['password']."',
                                     '".$user['admin']."',
                                     '0',
                                     '".($user['maxupload']*1000)."')";
  if(!$user['maxupload'])		
   $query = "INSERT INTO users VALUES (NULL,
                                     '".$user['name']."',
                                     '".$user['password']."',
                                     '".$user['admin']."',
                                     '0',
                                     NULL)";																											
      
  //Save user record in database
  $result = $this->app->db->query($query);
  if(!$result)
   return array("error" => "The username you chose is taken already");
   
  //Set user id   																																			
  $user['id'] = sprintf("%011d", $this->app->db->insert_id); 
   
  //Create meta entries for new user
  $this->app->meta->create("downloads_".$user['id'],0,$user['id']); //downloads entry
  $this->app->meta->create("uploads_".$user['id'],0,$user['id']); //uplodads entry
  
  
  
  $user['password'] = '';
  //If is ajax call return upload data
  if($return == true) {
   return $user;
  }
}
//******************************
// Get users
//******************************
function get()
{
  $user = $this->app->session->get_var( 'id' );
  $query = "SELECT id,name, admin, space, maxspace FROM users WHERE id != '$user'";
  $response = $this->app->db->query($query);
  //Check if database has records
  if ($response->num_rows > 0)
  {
   //Records were found
   $users = array();
   while($row = $response->fetch_array())
   {
    //Change bytes to kylobytes if maxspace is set
    if($row['maxspace']) $row['maxspace'] = $row['maxspace'] / 1000;
    $users[] = $row;   	
   }
   return $users;
  }
  else return false;
}
function getinfo($user)
{
  $query = "SELECT id,name, admin, space, maxspace FROM users WHERE name = '$user' LIMIT 1";
  $response = $this->app->db->query($query);
  if ($response && $row = $response->fetch_assoc())
  {
   return $row;
  }
}
//******************************
// Delete user
//******************************
function delete($user)
{
  $query = "DELETE FROM users WHERE id = '$user'";
  $this->app->db->query($query);
  
  //Remove user meta entries
  $this->app->meta->delete("uploads_".$user); //uplodads entry
  $this->app->meta->delete("downloads_".$user); //uplodads entry
}
//******************************
// Change user password
//******************************
function updatepassword()
{
  //Data validation
  $error;
  if(empty($_POST['password']))
   $error = 'Please enter a password';
  //Check for errors 
  if($error)
  {
   return array("error" => $error);
  } 
  $password = md5('_password_'.$_POST['password']);  
  $user = $this->app->session->get_var( 'id' );  
  
  $query = "UPDATE users SET password = '$password' WHERE id = '$user'";                             
  $response = $this->app->db->query($query);
  
  return $response;
} 
//******************************
// Update user info
//******************************
function update($return = false)
{
  //Data validation
  $error;
  if(!empty($_POST['maxupload']) && !ctype_digit($_POST['maxupload']))
   $error = 'Please enter numeric values only for max. upload limit';   
  //Check for errors 
  if($error)
  {
   return array("error" => $error);
  }
  $user = array();
  $user['id']        = $_POST['value'];
  $user['maxupload'] = $_POST['maxupload'] ? $_POST['maxupload'] : NULL;
  $user['admin']     = $_POST['admin'];  
  //Update user in database
  $query = "UPDATE users SET maxspace = '".($user['maxupload']*1000)."',
                             admin    = '".$user['admin']."'  																											
                             WHERE id = '".$user['id']."'";
  
  if(is_null($user['maxupload']))
   $query = "UPDATE users SET maxspace = NULL,
                             admin    = '".$user['admin']."'  																											
                             WHERE id = '".$user['id']."'";   
  

  
  $response = $this->app->db->query($query);
  
  //If is ajax call return upload data
  if($return == true)
   return $user;

}
//******************************
// Update user used space
//******************************
function updatespace($space)
{
  $user = $this->app->session->get_var( 'username' );
  $query = "UPDATE users SET space = '$space' WHERE name = '$user' LIMIT 1";
  $response = $this->app->db->query($query);
  if($response)
   return $response;
}
//******************************
// Login user
//******************************
function login($user,$password)
{
  $user = $this->app->db->real_escape_string($user);
  $password = md5('_password_'.$password);
  
  $query = "SELECT * FROM users WHERE name = '$user' AND password = '$password'";
  $response = $this->app->db->query($query);
  if ($response && $row = $response->fetch_assoc())
  {
   // Credentials matched
   $this->app->session->add_var( array( 'username' => $row['name'],'id' => $row['id'] ));
   
   if( $_SESSION ) { session_regenerate_id( true ); }
   # Redirect to dashboard
   $path = $this->app->path."manage/";
   header ("Location: $path");
  }
  else
  {
   return "Incorrect";
  }
}
//******************************
// Logout user
//******************************
function logout()
{
  $path = $this->app->path."manage/";
  session_destroy();
  header("Location: $path");
}
}
?>

 

Register.php

<?php
if( ! defined( '_AppPath' ) ) { exit( 'Direct access to this script is not permitted' ); }

?>

<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8" />
<title>Login</title>	
<!--STYLES-->
<link rel="stylesheet" href="<?php echo $viewsdir ?>views/css/reset.css" type="text/css">
<link rel="stylesheet" href="<?php echo $viewsdir ?>views/css/styles.css" type="text/css">
<!--SRIPTS-->
<script src="<?php echo $viewsdir ?>views/plugins/jquery.js" type="text/javascript"></script>
<script src="<?php echo $viewsdir ?>views/plugins/jquery.form.js" type="text/javascript"></script>
<script src="<?php echo $viewsdir ?>views/plugins/core.js" type="text/javascript"></script>
<script>
 path = '';
</script>
</head>

<body>



<div id="main" class="notice container">
 <!--Wrapper-->
 <div id="wrapper" class="notice">
  
  <!--Content-->
  <div id="content" class="padding">
  
  <?php if($error) : ?>
  	<div id="message" class="one message invalid clearfix" style="display: block;">	  	
  	<?php echo $error ?>
  	</div>	  	
  <?php endif ?>
  
   <form id="on-login" method="post">
   	<!--Username-->
    <p class="placeholders">
    	<label for="user">Username</label>
    	<input name="name" type="text" autocomplete="off" value="<?php echo $_POST['name'] ?>">
    </p>
    <!--Password-->
    <p class="placeholders">
    	<label for="password">Password</label>
    	<input name="password" type="password" autocomplete="off">
    </p>	 		 
    <p>
    	<label for="robot">Are you human ? <span class="help">- how much is 2 + 3 ?</span></label>
    	<input type="text" name="robot" value="<?php echo $_POST['robot'] ?>">
    </p>
    
    
    <input type="submit" class="submit" name="action" value="register">	
    <a class="help one" href="<?php echo $path."manage/"; ?>">Log in</a>   
   </form>
   
  <!--End #content-->
  </div>   
 <!--End #wrapper-->
 </div>
<!--End .container-->
</div>
</body>
</html>

 

The database is:

table: users

Column: | id | name | email | password | admin | space | maxspace |

 

What can i do? i do not ask to make the whole sript :), i wanna learn, but i don't get it at all.

 

Thank you,

Tim

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.