I am developing the site, using Ch16 code. But I can't login. The error message is "Either the email address or password entered does not match those on file or you have not yet activated your account." Register.php and activate.php seem to work. I received the register confirmation email and am activated because the "active" value of the database got NULL. Below is the code.
<?php
require_once ('includes/config.inc.php');
$page_title = 'Login';
include ('includes/header.html');
if (isset($_POST['submitted'])) {
require_once (MYSQL);
// Validate the email address:
if (!empty($_POST['emailm'])) {
$e = mysqli_real_escape_string ($dbc, $_POST['emailm']);
} else {
$e = FALSE;
echo '<p class="error">You forgot to enter your email address!</p>';
}
// Validate the password:
if (!empty($_POST['passwordm'])) {
$p = mysqli_real_escape_string ($dbc, $_POST['passwordm']);
} else {
$p = FALSE;
echo '<p class="error">You forgot to enter your password!</p>';
}
if ($e && $p) {
$q = "SELECT user_id, user_level FROM users WHERE (emailr='$e' AND passwordr=SHA1('$p')) AND active IS NULL";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
if (@mysqli_num_rows($r) == 1) { // A match was made.
// Register the values & redirect:
$_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC);
mysqli_free_result($r);
mysqli_close($dbc);
$url = BASE_URL . 'home.html';
ob_end_clean();
header("Location: $url");
exit();
} else {
echo '<p class="error">Either the email address or password entered do not match those on file or you have not yet activated your account.</p>';
}
} else {
echo '<p class="error">Please try again.</p>';
}
mysqli_close($dbc);
}
include ('includes/footer.html');
?>
The database structure is:
user_id int(11) unsigned not null auto_increment
emailr varchar(80) ascii_bin not null
passwordr char(40) utf8_genaral_ci not null
user_level tinyint(1) unsigned not null default 0
active char(32) utf8_genaral_ci null default null
registration_date timestamp not null default current_timestamp
The website is www.7850givenrd.com
Please help me.
Thanks,