Activating account with php oop language

PHP
1

Hey guys!

I am new to php and would appreciate some assistance here. I have been following a tutorial by codecourse on php oop login and registration system, using the php oop language. Everything is going great but I can’t figure out how to do an email activation. I have some ideas and one of them is to insert a file in my form activation, to send the data into my activate.php file so that I can use it to verify the user’s input but the only problem is that my main registration page is not processed and hence information is not inserting into the database… I will be happy to share my code but not sure which codes to share first… thanks!

2

To activate a user account, you must send a hashed link to the user’s email. Once the link is sent, the user will then click on that link and get redirected back to the activation page. The activation page will change the user’s account to be activated.

I am strongly going to suggest you right now NOT to use the mail() functions to send any emails. This function is known to not “work” as many noobies put it. The simple reason behind it not “working” is because this function is simply not reliable. There is NO 100% guarantee that this function will send your emails 100% of the time. Even with a proper setup, this function will not send the email 100% of the time.

To avoid any inconvenience, use either PHPMailer or SwiftMailer. These two use something called SMTP. SMTP takes more steps to set up and gives you a way better chance of sending emails. Well, more like 100% chance of sending emails. The only time when they fail is when you use the wrong SMTP settings or you have something blocking it either a firewall or a spam filter.

5

Thanks for the reply… I have the following code so far in my registration page and can only manage to insert into my database if I leave the form action=“” blank in my html…

if($validation->passed()) {

  $user = new User();

  $salt = Hash::salt(32);


  $token = 'qwertrgfgdfgfgfgfgQWERSDGFGTRRTRTRTRTRTTRHG1234455667890><?+!@#$%%^&&';
    $token = str_shuffle($token);
    $token = substr($token, 0, 10);
  

  try {
     $user->create(array(
        'username' => Input::get('username'),
        'password' => Hash::make(Input::get('password'), $salt),
        'salt' => $salt,
        'name' => Input::get('name'),
        'joined' => date('Y-m-d H:i:s'),
        'group' => 0,
        'email' => Input::get('email'),
        'activated' => 0,
        'country' => Input::get('country'),
        'token' => Input::Get('token')
        
     ));

So, that seems to work but when I do add a file in my form action to go to my activate.php page, it doesn’t work anymore. From my understanding, if I do this, then I can access my $_POST in my activate.php file?

<form action="" method="post" id="simpleform">
	<div class ="field">      
       <label for="username">Username</label>
       <input type="text" name="username" id="username" value="<?php echo escape(Input::get('username')); ?>" autocomplete="off">
	</div>

   <br></br>
6

For some reason, it won’t let me add more information but here is my form code:

<form action="activate.php" method="post" id="simpleform">
	<div class ="field">      
       <label for="username">Username</label>
       <input type="text" name="username" id="username" value="<?php echo escape(Input::get('username')); ?>" autocomplete="off">
	</div>

Can I add some html code here because it won’t show my form code


but after doing this, I can’t get that same page to process my database…I hope that there is a way to process the same page and then get the form action to go to activate.php

7

To format your code on this forum, use either the </> icon above in the text area where you type or you can type three back ticks (`) and ending the code with three back ticks (`) to format your code respectively.

8

I am just wondering… is there a way to process the form on the same page and then to redirect them to activate.php? Should I insert the database in activate php instead of in register.php?

9

No. You should insert the user information in the register.php file. Then activate the user account in activate.php file. It is more logical to use the file names for their purpose rather than stuffing everything in one file.

10

I am new to this site, did you see my above replies? Just wondering if that was shown…

If I do that, how would I access $_POST? because everytime, it will say something about undefined index, when I don’t add anything to form action… For some reason, I can’t use the following code as well… $user = new User(); // to access my user class…

$user->data()->username; // It will say something about undefined object…

I have the following errors:

…Notice: Undefined index: email in C:\xampp\htdocs\pianocourse101\activate.php on line 6

Notice: Undefined index: token in C:\xampp\htdocs\pianocourse101\activate.php on line 7

Notice: Trying to get property of non-object in C:\xampp\htdocs\pianocourse101\activate.php on line 12

11

I saw it. But the codes you’ve posted doesn’t really help much. Also, are you using static methods? If you are, you shouldn’t be.

Undefined Indexes are typically shown when you are trying to reference a variable or indexed array that you have not created yet. It could also be due to typos.

Also, don’t rely on if(isset($_POST['...'])) or if(isset($_POST['submit'])) for form submission. This is a dirty and amateur hack that most noobies try to use because they see it from websites like w3schools and they use it not knowing what it really does. Those derivatives “try” to bypass form submission checking and form validation all in one go. This is bad because in certain Internet Explorer versions, this will fail. The correct and proper way of checking for form submission is if($_SERVER['REQUEST_METHOD'] == 'POST'). You would still have to do form validation afterwards.

12

I have tried something liked this…

if($_SERVER['email'] == 'POST' && $_SERVER['token'] == 'POST') {


$user = DB::getInstance()->insert('users', array(
  'activatetoken' => $user->data()->$token

));



}

but I am still getting the
Notice: Undefined index: email in C:\xampp\htdocs\pianocourse101\activate.php on line 6

13

This is wrong. $_SERVER variables can only contain things that are listed within the $_SERVER variables. email and token is not one of them. What you need to do is use the exact line that I gave you above. Just that. Nothing else. Don’t modify it. Don’t do anything with it. Just put all of your codes within the { }.

14

[off-topic]
@piano0011 when you post code in the forum, you need to format it. To do so you can either select all the code and click the </> button, or type 3 backticks ``` on a separate line both before and after the code block.
[/off-topic]

1 Like
15

Would I need to format all codes, php, css and html?

16

Is this correct?

require_once 'core/init.php';
$user = new User();

 if($_SERVER['REQUEST_METHOD'] == 'POST') {

$user = DB::getInstance()->insert('users', array(
  'activatetoken' => $user->data()->$token

));
}

I just hope my $user->data()->$token… is working… i better check to see if it is inserting the token…

This site is easier than stackflow in terms of formatting with the three backticks… The good news is that there is no error but I don’t why why I cant 'get my $user to work in activate php…

I can get it to work in my profile php though

?php
require_once 'core/init.php';

if(!$username = Input::get('user')) {
   Redirect::to('index.php');
} else {
     $user = new User($username);
     if(!$user->exists()) {
        Redirect::to(404);
     } else {
          $data = $user->data();
     }
     ?>

     <h3><?php echo escape($data->username); ?></h3>
     <p>Full name: <?php echo escape($data->name); ?></p>
     <p>Username: <?php echo escape($data->username); ?></p>
     <p>Joined date: <?php echo escape($data->joined); ?></p>
     <p>Email address: <?php echo escape($data->email); ?></p>
     <p>Group: <?php echo escape($data->group); ?></p>

     <ul>
      <li><a href="login.php">Log out</a></li>
      <li><a href="update.php">Update details</a></li>
      <li><a href="changepassword.php">Change password</a></li>
   </ul>


     <?php


 }
17

Yes!

18

Yes. That’s the correct way.

I don’t think you can call a method like that. It should be $user->data()->token() if anything.

19

But i manage to get that to work in my profile section… not sure if that is different…I have a database named “lr” with the “users” table and in my table, I have a name called checktoken… I am trying to insert this email link sent to the user who registered…As you can see, there is a token at the end of the link named $token but I can’t accessed this $token…

http://localhost/pianocourse101/activate.php?email=pian0011@hotmail.com&activatetoken=9G$4RH8QWd

My exact code for the link is :slight_smile:

http://localhost/pianocourse101/activate.php?email=$to&activatetoken=$token

I am still confused here because I thought I would need to use the $_post to find out if the user has click on the link or not but not sure how to use the $_server syntax…

20

So the backticks have to be before or after the code and not on the same line?

21

For in-line code like that you use one backtick either side, in-line.

For code blocks

`Three backticks must be on a line of their own before and after`

Or highlight and use the </> button.

22

I have included the following lines:


<?php

if($_SERVER['REQUEST_METHOD'] == 'POST');

$SERVER['email'];

$SERVER['token'];

but i got the following errors:

Notice: Undefined variable: SERVER in C:\xampp\htdocs\pianocourse101\activate.php on line 5

Notice: Undefined variable: SERVER in C:\xampp\htdocs\pianocourse101\activate.php on line 7