Jump to content
Larry Ullman's Book Forums


  • Content Count

  • Joined

  • Last visited

Community Reputation

3 Neutral

About Marie

  • Rank
    Advanced Member
  1. How do we easily get rid of people who register but do not activate their account? I just found out that I cannot schedule an event in the database because I am on a shared web hosting plan. I am seemingly getting a lot of "fake" registrants that are taking up space.
  2. Figured out what was going on with my Login problem. I took out a few pieces of code that didn't need to be there and I believe I had an extra session call in there. Anyway, just sloppy work on my part.
  3. Just want to re-word what I have said above - Also, every ONE of my user's can enter the same password as all other users so I suppose the coding would allow this to happen but in reality it would not matter if someone else has the same password. Also,there are many sites that force people to reset their password with one that they have not used before. Does it really matter if a user wants to enter the same password?
  4. If my user types in passwords that don't match, the error message pops up that says they don't match. They ALSO get a message saying that the email has already been registered. I know that the email has not been used before. Also, every ones of my user's technically can have the same password as all other user so I suppose that it something that would be allowed under normal circumstances but not likely to happen. Does it really matter if someone has used the same password before? // Check for an email address: if (filter_var($trimmed['email'], FILTER_VALIDATE_EMAIL)) { $e =
  5. Yes, that was the problem. I tried several different variations and it was continually entering the user's password in an unencrypted manner SO I left it out. I also took out $a = $_POST['active']; The information is now going into the database and the password is hashed. I am now wondering about the significance of the last part of the prepared statement where one assigns the values to the variables if one can simply remove some of them? $q = "INSERT INTO users (username, email, pass, first_name, middle_name, last_name, active, agree, date_expires) VALUES (?, ?, ?, ?,
  6. I am trying to adapt code on my registration page to Script 13.6, however am getting and undefined index error for "pass" which represents the password. Otherwise, the remainder of the code follows the Registration code that is in the book. if ($u && $e && $p && $fn && $mi && $ln) { // If everything's OK... // Make sure the email address is available: $q = "SELECT id FROM users WHERE email='$e'"; $r = mysqli_query($db, $q) or trigger_error("Query: $q\n<br>MySQL Error: " . mysqli_error($db)); if (mysqli_num_rows($r) == 0) { // Av
  7. I believe it is working now. It was a database problem. I changed the way the website handled passwords but forgot to change the structure of the database column. So it was truncating the password. Thanks for your help.
  8. Where does the code sit that actually prevents someone from logging in if they are not set to accept cookies? I would like to remove that and see if that is the differece? I have been using your code for years and have older sites with the login.inc.php coding in the includes folder. They always worked. i guess I could go back to that but I would like to use the most updated coding available.
  9. This part of the login code does not seem to be working. I know the information is in the database and the activation field says NULL. I believe that the browser - Firefox on a Mac - is accepting cookies. I have tried this with several users and they all have the same password. I am getting the error message that indicates that the Email and Password does not match those on file. I am set up to use PHP 7. // Query the database: $q = "SELECT user_id, first_name, user_level, pass FROM users WHERE email='$e' AND active IS NULL"; $r = mysqli_query($dbc, $q) or tri
  10. I believe that I have followed the code to create a "Forget Password" link. However, I am getting an error that seems to indicate that I am asking for a password hash twice - Fatal error: Cannot redeclare get_password_hash() (previously declared in /hermes/bosnacweb04/bosnacweb04aj/b717/nf.xxxxxxxxxxxx/public_html/xxxxxxxxxxxx/TBRMobile/mysqli.inc.php:28) in /hermes/bosnacweb04/bosnacweb04aj/b717/nf.xxxxxxxxxx/public_html/xxxxxxx/TBRMobile/mysqli.inc.php on line 33 ---- I have x'd out certain areas of this error on purpose. My config file and mysqli file are almost exact. I do not u
  11. I am also having a similar type of problem but not in all instances. I am testing on a live site. MOST of the time the email will get the activation link but when I click the link I get the message saying that the account could not be activated. BUT the information is in the database and the column says, "NULL".
  12. Hello Larry, Thanks for replying so quickly. I know you are very busy. I went back through all the files and rechecked everything and then made sure that it matched up exactly to your coding. So NOW it is working but I really don't know what went wrong. I had VARCHAR256 in the password column but would that have made any difference? I had also gone to another source for some help and they continually tell me that my coding is old and is being depreciated. Also, I know my hosting company is using PHP 5.6. At this point I am not sure how PHP is handling password encrypti
  13. I am having the exact same problem or so it seems. So I have tried several different things and I think now I have done exactly what was suggested above. However, I am still getting the same error message - "The email address and password entered do not match those on file." My fake registrants all have the same password but I have truncated the table and started again. My website is based on the code in Chapter 18 but does not require a person to activate their account so this is the code. Thanks for your help. if ($e && $p) { // If everything's OK. // Query the database:
  14. Sorry about the double posting above. I was hoping to delete my original post so I could correct it. The error message refers to line 137 not 37. Anyway, the original code I used came from the first edition of the eCommerce book which uses "rows". So the original code would have written <p><h2>Hello $row[1]!</p>.
  • Create New...