How to check for user and email match..?

luvrockz · July 3, 2010, 6:15am

hey buddy it still doesnt work… so what u mean is that i have to paste the code to liklokurl.php on line 893… here is how it looks like… am i right…
[php]// If required check turing code (unless called from the manual entry form
if (($RequireTuring==1) && ($manualentryused==false))
{
$sql = mysql_query(“SELECT user_id, email FROM " . SECURE_TABLE_PREFIX . “users WHERE email=’$email’ AND user_id=’”.$_SESSION[SECURE_SESSION_PREFIX.“userId”].”’ ")or die(mysql_error());
$n = mysql_num_rows($sql);
if($n != 0){
linklokShowMessage($ErrorTemplate,“The email address provided does not match the one we have on file.

Click your browsers BACK button and try again.”);
exit;
} [/php]

but still after pasting the code and when i use that mailing form… it jux mail it to any email entered,…,.,. like the same before…
i also tired including the globals.php file above the code u provided… but its not helping at all…

daveismyname · July 3, 2010, 9:26am

okay take out the code I provided and try the following:

put session_start(); at the top of your file right after ?> so it looks like:

[php]

<?php session_start(); // *********************************************************** // Linklok URL V2.01 // Copyright (c) 2003-2008 Vibralogix // www.vibralogix.com // [email protected] // You are licensed to use this product on one domain only. // Please contact us for extra licenses if required. // ********************************************************** [/php] then on line 866 put the code in so it looks like: [php] // See if called from the manual entry form $manualentryused=false; if (($auth==$ManualPassword) && ($ManualPassword!="")) { $manualentryused=true; } require('globals.php'); $sql = mysql_query("SELECT user_id, email FROM " . SECURE_TABLE_PREFIX . "users WHERE email='$clientemail' AND user_id='".$_SESSION[SECURE_SESSION_PREFIX."userId"]."' ")or die(mysql_error()); $n = mysql_num_rows($sql); if($n != 0){ linklokShowMessage($ErrorTemplate,"The email address provided does not match the one we have on file.

Click your browsers BACK button and try again."); exit; [/php]

luvrockz · July 3, 2010, 12:57pm

still the same bro… it still mails the link… to any email… dnt u think that we have to change some things on the form.php file… … so what do u think is happening… am i doing something wrong…??

luvrockz · July 4, 2010, 12:41am

hey what happen… no reply from you long time… pls let me knw wat to do… plssss…

daveismyname · July 4, 2010, 10:41am

I work full time, as a result I like to take breaks from being on the computer from time to time as sure you can understand that.

putting anything further in the form would not make any difference I don’t think as the form is passed to another page for processing.

try changing this code:

[php]// See if called from the manual entry form
$manualentryused=false;
if (($auth==$ManualPassword) && ($ManualPassword!=""))
{
$manualentryused=true;
}

require(‘globals.php’);

$sql = mysql_query(“SELECT user_id, email FROM " . SECURE_TABLE_PREFIX . “users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[SECURE_SESSION_PREFIX.“userId”].”’ ")or die(mysql_error());
$n = mysql_num_rows($sql);
if($n != 0){
linklokShowMessage($ErrorTemplate,“The email address provided does not match the one we have on file.

Click your browsers BACK button and try again.”);
exit;[/php]

to this:

[php]// See if called from the manual entry form
$manualentryused=false;
if (($auth==$ManualPassword) && ($ManualPassword!=""))
{
$manualentryused=true;
}

//stop script and display email address from form
die($clientemail);

require(‘globals.php’);

$sql = mysql_query(“SELECT user_id, email FROM " . SECURE_TABLE_PREFIX . “users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[SECURE_SESSION_PREFIX.“userId”].”’ ")or die(mysql_error());
$n = mysql_num_rows($sql);
if($n != 0){
linklokShowMessage($ErrorTemplate,“The email address provided does not match the one we have on file.

Click your browsers BACK button and try again.”);
exit;[/php]

that will not solve the problem but will show the email address from the form to see if it’s being passed correctly let me know the results for this.

luvrockz · July 4, 2010, 3:20pm

hey bro… when i paste the code this is how it looks like…

[php] $goto=$_REQUEST[‘g’];
if (isset($_REQUEST[‘a’]))
$auth=$_REQUEST[‘a’];
// See if called from the manual entry form
$manualentryused=false;
if (($auth==$ManualPassword) && ($ManualPassword!=""))
{
$manualentryused=true;
}

//stop script and display email address from form
die($clientemail);

require(’/var/chroot/home/content/86/5984986/html/secure/globals.php’);

$sql = mysql_query(“SELECT user_id, email FROM " . SECURE_TABLE_PREFIX . “users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[SECURE_SESSION_PREFIX.“userId”].”’ ")or die(mysql_error());
$n = mysql_num_rows($sql);
if($n != 0){
linklokShowMessage($ErrorTemplate,“The email address provided does not match the one we have on file.

Click your browsers BACK button and try again.”);
exit;

// Check email address entered is valid
if (!linklokvalidemail($clientemail))
{[/php]

is that correct… i mean did i paste it to the right place…

anyway here is what i get when i paste the code and load the from.php
the page doesnt even load… it get this error…

Parse error: syntax error, unexpected $end in /home/content/86/5984986/html/new/Alink/Alink/linklokurl.php on line 1794

luvrockz · July 4, 2010, 3:22pm

and bro i understand how hard you are working and really appreciate what you are doingg… thankz…

daveismyname · July 4, 2010, 3:32pm

oops I forgot to put the closing bracket for the if statement:

[php]$sql = mysql_query(“SELECT user_id, email FROM " . SECURE_TABLE_PREFIX . “users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[SECURE_SESSION_PREFIX.“userId”].”’ ")or die(mysql_error());
$n = mysql_num_rows($sql);
if($n != 0){
linklokShowMessage($ErrorTemplate,“The email address provided does not match the one we have on file.

Click your browsers BACK button and try again.”);
exit;
}[/php]

luvrockz · July 4, 2010, 3:45pm

ok bro… it shows the email entered when i press submit button… but it even shows the samething if i enter the correct email… i mean the email of the logged in user…

daveismyname · July 4, 2010, 3:55pm

right so we now know the email address is getting passed correctly.

replace :

[php]//stop script and display email address from form
die($clientemail);

require(’/var/chroot/home/content/86/5984986/html/secure/globals.php’);

$sql = mysql_query(“SELECT user_id, email FROM " . SECURE_TABLE_PREFIX . “users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[SECURE_SESSION_PREFIX.“userId”].”’ ")or die(mysql_error());
$n = mysql_num_rows($sql);
if($n != 0){
linklokShowMessage($ErrorTemplate,“The email address provided does not match the one we have on file.

Click your browsers BACK button and try again.”);
exit;
}[/php]

with:

[php]require(’/var/chroot/home/content/86/5984986/html/secure/globals.php’);

$sql = mysql_query(“SELECT user_id, email FROM " . SECURE_TABLE_PREFIX . “users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[SECURE_SESSION_PREFIX.“userId”].”’ ")or die(mysql_error());
$n = mysql_num_rows($sql);
if($n != 0){
linklokShowMessage($ErrorTemplate,“The email address provided does not match the one we have on file.

Click your browsers BACK button and try again.”);
exit;
}

//stop script and display number of rows and userid
die($n.’ '.$_SESSION[SECURE_SESSION_PREFIX.“userId”]); [/php]

luvrockz · July 4, 2010, 4:30pm

ok bro now if the email matches… i get this… “” The email address provided does not match the one we have on file.

Click your browsers BACK button and try again.""

and if the email does not match then it gives sometime 01 and sometimes 05…

daveismyname · July 4, 2010, 4:46pm

okay my logic was backwards it should only show the message if there is a match but if your seeing sometime 01, o5 then it’s showing the message when there is no match.

Easy to fix change

if($n != 0){

to

if($n != 1){

01 what is being shown is the number if rows 0 and the userid 1 if the user id is 5 that’s when you’ll see 05.

so if you make the change above then you should always get the message is it’s not the same.

luvrockz · July 4, 2010, 4:56pm

ya bro… u are right… it now shows the same thing if i enter the correct email or wrong one… says that the mail doesnt match… so wats next…

daveismyname · July 4, 2010, 5:06pm

change:

[php]require(’/var/chroot/home/content/86/5984986/html/secure/globals.php’);

$sql = mysql_query(“SELECT user_id, email FROM " . SECURE_TABLE_PREFIX . “users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[SECURE_SESSION_PREFIX.“userId”].”’ ")or die(mysql_error());
$n = mysql_num_rows($sql);
if($n != 0){
linklokShowMessage($ErrorTemplate,“The email address provided does not match the one we have on file.

Click your browsers BACK button and try again.”);
exit;
}

//stop script and display number of rows and userid
die($n.’ '.$_SESSION[SECURE_SESSION_PREFIX.“userId”]);[/php]

with this:

[php]require(’/var/chroot/home/content/86/5984986/html/secure/globals.php’);

$sql = mysql_query(“SELECT user_id, email FROM " . SECURE_TABLE_PREFIX . “users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[SECURE_SESSION_PREFIX.“userId”].”’ ")or die(mysql_error());
$n = mysql_num_rows($sql);
if($n == 1){} else {
linklokShowMessage($ErrorTemplate,“The email address provided does not match the one we have on file.

Click your browsers BACK button and try again.”);
exit;
}

//stop script and display number of rows and userid
die(“number :$n”);[/php]

then if you enter a matching email you should see “number 1” otherwise you should see “number 0”

luvrockz · July 4, 2010, 5:17pm

no bro its still the same… if i enter the correct email or wrong one… says that the mail doesnt match…

daveismyname · July 4, 2010, 5:27pm

what number do you see for the two tests?

luvrockz · July 4, 2010, 5:32pm

i dnt see any number bro… i see the same thin as before ""The email address provided does not match the one we have on file.

Click your browsers BACK button and try again."""
thats what i see if i enter the correct email or wrong email…

daveismyname · July 4, 2010, 5:34pm

did you copy the die statement?

in fact can you post your code for that section

luvrockz · July 4, 2010, 5:52pm

here is hw it looks like…

[php]$manualentryused=true;
}

require(’/var/chroot/home/content/86/5984986/html/secure/globals.php’);

$sql = mysql_query(“SELECT user_id, email FROM " . SECURE_TABLE_PREFIX . “users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[SECURE_SESSION_PREFIX.“userId”].”’ ")or die(mysql_error());
$n = mysql_num_rows($sql);
if($n == 1){} else {
linklokShowMessage($ErrorTemplate,“The email address provided does not match the one we have on file.

Click your browsers BACK button and try again.”);
exit;
}

//stop script and display number of rows and userid
die(“number :$n”);

// Check email address entered is valid
if (!linklokvalidemail($clientemail))[/php]

daveismyname · July 4, 2010, 5:59pm

[font=monospace]oh right it’s since there is a exit; in the code comment it out //

[/font][php]//exit;[/php]