config.php file, containing the SQL connection and the variables.
Code:
// Up to you to fill out the vars...
//=====================================================//
// Main Site Settings
//=====================================================//
$sitename = ''; //The name of youe website, self explanatory
$siteurl = ''; //The URL of your site. Must include http:// and trailing slash
//=====================================================//
// mySQL Stuff
//=====================================================//
$host = 'localhost'; //Your mySQL host. If unsure, leave it at localhost
$dbname = ''; //Your mySQL database name
$dbpass = ''; //Your mySQL database password
$dbuser = ''; //Your mySQL database user
//=====================================================//
// Global mySQL Connection
// DO NOT REMOVE!!
//=====================================================//
mysql_connect($host,$dbuser,$dbpass) or die(mysql_error());
mysql_select_db($dbname) or die(mysql_error());
register.php
Code:
<?
session_start();
require("config.php"); // Starts SQL connection and retriever config and vars.
if($_GET['do'] == "ver" && $_GET['email']) // This is the ver part.
{
$result = mysql_query('SELECT * FROM `users` WHERE `email` = "'.$_GET['email'].'"');
while ($row = mysql_fetch_assoc($result))
{
echo '<title>Registration Verification</title>';
echo 'Thanks for coming to the verification page, '.$row['username'].'';
echo '<br><br>Please enter your password below to continue.';
echo '<br>';
?>
<form action="register.php?do=ver&email=<?=$_GET['email']?>&pass=1" method="post">
Password: <input type="password" width="50" name="confpass" /><br />
<input type="Submit" value="Submit Confirmation!" />
</form>
<?
if($_POST['confpass'] && $_GET['email'] && $_GET['do'] == "ver" && $_GET['pass'] == "1") { // The pass ver part
$result = mysql_query('SELECT * FROM `users` WHERE `email` = "'.$_GET['email'].'"');
while ($row = mysql_fetch_assoc($result))
{
$verpass = md5($_POST['confpass']);
if($row['password'] == $verpass)
{
echo 'Confirmation Successful!';
mysql_query("UPDATE `users` SET `group` = 'SOME_VALIDATED_GROUP' WHERE `email` = ".$_GET['email']) or die(mysql_error());
}
else
{
echo 'Wrong Password!';
}
}
}
}
die();
}
?>
<script type="text/javascript" language="Javascript">
<!-- AJAX FUNCTIONS - LEAVE THIS ALONE -->
function createXMLHttpRequest() {
var ua;
if(window.XMLHttpRequest) {
try {
ua = new XMLHttpRequest();
} catch(e) {
ua = false;
}
} else if(window.ActiveXObject) {
try {
ua = new ActiveXObject("Microsoft.XMLHTTP");
} catch(e) {
ua = false;
}
}
return ua;
}
var req = createXMLHttpRequest();
function joinn(username, password, confpass, email) {
document.getElementById('join').innerHTML = '<img src="./admin/images/loading.gif" alt="Loading" /><br><br>';
req.open('get', 'regfunc.php?id=register&username=' + username + '&password=' + password + '&confpass=' + confpass + '&email=' + email);
req.onreadystatechange = handleResponse;
req.send(null);
}
function handleResponse() {
if(req.readyState == 4){
var response = req.responseText;
var update = new Array();
//document.getElementById('request').innerHTML = response; // DEBUG USE ONLY (PHP Debugging etc.)
if(response.indexOf('||' != -1)) {
update = response.split('||');
document.getElementById(update[0]).innerHTML = update[1];
}
}
}
</script>
<?
if(isset($_SESSION['member'])) // If a user is already logged in...
{
echo '<title>Error</title>Sorry, you are already logged in. <a href=java script:history.back(-1)>Please go back</a>.';
}
else
{
?>
<title>Register</title>
<span id="join">
<form action="java script:joinn(document.req.username.value, document.req.password.value, document.req.confpass.value, document.req.email.value);" name="req">
Username: <input type="text" width="50" name="username" /><br />
Password: <input type="password" width="50" name="password" /><br />
Confirm Password: <input type="password" width="50" name="confpass" /><br />
Email: <input type="text" width="50" name="email" /><br />
<input type="Submit" value="Submit Registration!" /></form>
</span>
<?
}
?>
regfunc.php
Code:
<?
switch($_REQUEST['id']) {
case 'register':
require("config.php"); // Once again start SQL
session_start(); // Start Session
$username = htmlentities($_GET['username']); // Get submitted name
$password = htmlentities($_GET['password']); // Get submitted pass
$conf = htmlentities($_GET['confpass']); // Get pass confirm
$email = $_GET['email']; // Get email
$ip = $_SERVER['REMOTE_ADDR']; // Get IP (security purposes)
// If any info is missing, give error!
if (!$username) {
echo "join||";
echo 'You must enter a username, <a href=java script:window.location=window.location>refresh</a> and try again.';
die();
}
if (!$password) {
echo "join||";
echo 'You must enter a password, <a href=java script:window.location=window.location>refresh</a> and try again.';
die();
}
if (!$conf) {
echo "join||";
echo 'You must confirm your password, <a href=java script:window.location=window.location>refresh</a> and try again.';
die();
}
if ($conf != $password) {
echo "join||";
echo 'Your passwords do not match, <a href=java script:window.location=window.location>refresh</a> and try again.';
die();
}
if (!$email) {
echo "join||";
echo 'You must enter an email, <a href=java script:window.location=window.location>refresh</a> and try again.';
die();
}
$insertpass = md5($password); // MD5 the submitted pass
$query = 'INSERT INTO `users` (`username`,`password`,`email`,`ip`,`group`) VALUES ("'.$username.'","'.$insertpass.'","'.$email.'","'.$ip.'","SOME_GROUP_THATS_NOT_YET_VALIDATED")';
mysql_query($query) or die(mysql_error()); // Insert Query
// Mail
$to = "$email"; // Grab submitted email
$subject = "Welcome to $sitename!"; // Email Subject
$message = "Welcome to $sitename, $username! You must click the link below to complete your registration. Please do so and then you may log in at $siteurl. The link you must go to is: $siteurl/register.php?do=ver&email=$email"; // Email message
$from = "admin@xportal.info"; // Email sender
mail($to,$subject,$message,"From: $from<$from>
X-Mailer: PHP/" . phpversion()); // Send Mail!
echo "join||"; // Some AJAX thing
echo "Thanks for registering $username! Your have been sent a confirmation E-Mail. Please click on the link to verify yourself. - <a href=java script:window.close()>Click here</a> to close this window.";
break;
}
?>
login.php
Code:
<?php
if(isset($_SESSION['member']))
{
// Your code if a member is logged in
}
else // If not
{
?>
<script type="text/javascript" language="Javascript">
<!-- AJAX FUNCTIONS - DO NOT TOUCH UNLESS YOU KNOW WHAT YOU'RE DOING -->
function createXMLHttpRequest() {
var ua;
if(window.XMLHttpRequest) {
try {
ua = new XMLHttpRequest();
} catch(e) {
ua = false;
}
} else if(window.ActiveXObject) {
try {
ua = new ActiveXObject("Microsoft.XMLHTTP");
} catch(e) {
ua = false;
}
}
return ua;
}
var req = createXMLHttpRequest();
function joinn(user, pass) {
document.getElementById('join').innerHTML = '<img src="./admin/images/loading.gif" alt="Loading" /><br><br>';
req.open('get', 'loginfunc.php?id=login&user=' + user + '&pass=' + pass);
req.onreadystatechange = handleResponse;
req.send(null);
}
function handleResponse() {
if(req.readyState == 4){
var response = req.responseText;
var update = new Array();
//document.getElementById('request').innerHTML = response; // DEBUG USE ONLY (PHP Debugging etc.)
if(response.indexOf('||' != -1)) {
update = response.split('||');
document.getElementById(update[0]).innerHTML = update[1];
}
}
}
</script>
<span id="join">
<form action="java script:joinn(document.req.user.value, document.req.pass.value);" name="req">
Username: <input type="text" name="user" /><br>
Password: <input type="password" name="pass" /><br>
<input type="Submit" value="Submit" /></form>
</span>
<?
}
?>
loginfunc.php
Code:
<?
switch($_REQUEST['id']) {
case 'login':
require("config.php"); // Refer to AJAX Reg Form
$result = mysql_query("SELECT * FROM `users` WHERE `username` = '".$_GET['user']."'"); // Find the user that's trying to log in
while ($row = mysql_fetch_assoc($result))
{
$name = $row['username']; // Set username
$passw = $row['password']; // Set correct password
}
$user = htmlentities($_GET['user']); // Set submitted Username
$pass = htmlentities($_GET['pass']); // Set submitted Password
// If anything missing... Error!
if (!$user) {
echo "join||";
echo 'You must enter a username, <a href=java script:window.location=window.location><font color=red>refresh</font></a> and try again.<br><br>';
die();
}
if (!$pass) {
echo "join||";
echo 'You must enter a password, <a href=java script:window.location=window.location><font color=red>refresh</font></a> and try again.<br><br>';
die();
}
if($user == $name && md5($pass) == $passw) // Verify U-Name/Pass
{
session_start(); // Start session
$_SESSION['member'] = $user; // Set session variable
echo "join||";
echo "Thanks for logging in $user! Please <a href=java script:window.location=window.location><font color=red>refresh</font></a> this page!<br><br>"; // Logged In!
}
else
{
echo "join||";
echo 'Wrong username or pass! Please <a href=java script:window.location=window.location><font color=red>refresh</font></a> and try again.<br><br>'; // Or not...
}
break;
}
?>
23-Feb-2007, 06:37 AM
Ajax Registration Form With E-mail Confirmation And Login Form
Linear Mode
