Need Help with 3rd Party Script from ljscripts.com

I need help with the email verification on this script, because i get no email verification after test sign up. The verification mail was first send, because i tried to sign in without verification and my sender email is also not the same, instead came the verification email from my host inmotionhosting.

And also the support from ljscripts does`t answer my questions.
I hope anybody here can help me out. I can also send the files over!

hope anybody can help
have nice day
Christian H.

Not enough information. Are you not receiving the email? Or is there an issue with the script itself?

i think it is the script itself, not right coded or so. the verification is not send after the sign up, but if i try to sign up without verifcation, then first is the mail send to me but not from my support mail i have entered in script ( vars.php ) instead from the hosting email address.

I need help with the email verification on this script

What script? I don’t see any code.

I have not added any code, i just wanted to know if someone can help me with that. The problem is i don`t know exactly where this problem is.Is it in the signup.php file, the vars.php ( where i have added my email and dbname and so on ) or on another file!

if somebody thinks he can help out i can send the files that probably are causing the problem!

The signup should trigger an email, if it is suppose to send out a confirmation.

Yeah, but it doesnt happen and i dont know why! I don`t have a clue from php. I can only HTML and CSS ( self learned )

So post the php

This is the signup.php

hope you find the error here!

[php]

<?php /* * © 2014 LJScripts.com and iTechDev - All Rights Reserved */ @session_start(); require("vars.php"); require("vars_array.php"); require("functions.php"); $sql = db_conn(); $ref = get_ref(); if (strcmp(strtolower($_SERVER['QUERY_STRING']), 'terms') == 0) { header("Location: terms.php?ref=$ref"); do_exit(); } $error_msg = ''; if (isset($_POST['form']) and strcmp($_POST['form'], 'sent') == 0) { $email = post_var('email1'); $name = preg_replace('/[^0-9a-zA-Z_ ]/i', '', post_var('name')); $passwd = post_var('passwd'); if (!in_array($lang, $site_langs)) $lang = $site_langs[0]; if (preg_match('/,/', $email)) { $recon = explode(',', $email); $email = trim($recon[0]); } $checkpass = true; $error = 'There were errors in your submission, please correct the following:

'; if (empty($name)) { $error .= '
• You must enter your name
'; $checkpass = false; } $qs = sprintf("SELECT COUNT(*) FROM `user` WHERE `email`='%s'", sql_var($email)); $res = @mysql_query($qs); $exists = (@mysql_result($res, 0) > 0); @mysql_free_result($res); if ($exists) { $error .= '
• Your e-mail address is already registered
'; $checkpass = false; } elseif (!valid_email($email)) { $error .= '
• Your e-mail address is invalid
'; $checkpass = false; } elseif (strcmp($email, $_POST['email2']) != 0) { $error .= '
• Your e-mail addresses do not match
'; $checkpass = false; } if (empty($passwd) or strlen($passwd) < 6) { $error .= '
• Your password must be at least 6 characters long
'; $checkpass = false; } if ($checkpass) { $ac = md5(time().mt_rand(10000, 1000000)); $inibon = get_admin_var('adminprops', 'inibon'); if (!isset($ref) or !is_numeric($ref)) $ref = 0; date_default_timezone_set('UTC'); $qs = sprintf("INSERT INTO `user` (`name`, `email`, `passwd`, `ref`, `acctype`, `credits`, `joindate`, `minmax`, `lastaccess`, `lastmonbon`, `ac`) ". "VALUES ('%s', '%s', '%s', '%d', '1', '%f', '%s', '1', '%s', '%s', '%s');", sql_var($name), sql_var($email), sql_var($passwd), $ref, $inibon, $date, $date, date('Y-m-d'), $ac); @mysql_query($qs, $sql) or die (@mysql_error()); $usrid = @mysql_insert_id($sql); if ($usrid > 0) { $qs = sprintf("INSERT INTO `site` (`usrid`, `name`, `url`, `lang`, `state`, `credits`) ". "VALUES ('%d', '%s', '%s', '%s', 'Waiting', '0');", $usrid, sql_var($sitename), sql_var($url), sql_var($lang)); @mysql_query($qs, $sql) or die (@mysql_error()); @mysql_query("INSERT INTO user_stat (usrid) VALUES ('$usrid');", $sql) or die (@mysql_error()); @mysql_query("UPDATE `adminprops` SET value=value-$inibon WHERE field='surplu';", $sql); $admail = get_admin_var('admin', 'email'); $title = SITE_TITLE; @mail($email, "Thank you for registering at $title!", "$name, thank you for registration!\n\n". "Your $title login is: $email\n". "Your $title password is: $passwd\n\n". "To activate your account you have to open the following link:\n\n". SITE_URL."activate.php?c=$ac&u=$usrid\n\n". "Click or copy and paste into your browser to complete the activation process.\n\n". "Your $title referral link is:\n".SITE_URL."?ref=$usrid\n\n". "Regards\n\n".SITE_TITLE." Admin\n".SITE_URL."\n$admail", EMAIL_HEADERS); show_html_content('head1'); echo("

Thank you for registering!

Please check your email for your account activation link."); echo("

The activation link for your account was sent to ".htmlentities($email)."

"); show_html_content('foot1'); do_exit(); } else $error .= "
• A CRITICAL ERROR has occurred. Please re-install this traffic exchange script.
"; } $error_msg = $error . '

'; } if (!isset($url) or empty($url)) $url = 'http://'; show_html_content('head1'); include("signup_template.php"); show_html_content('foot1'); do_exit(); ?>

[/php]

I see a number of issues actually. The biggest being out of date code and lack of exception handling. The logic works, but is iffy.

all other things are working on this script ( lucky )

but can you do something that it works?

That is some SERIOUSLY bad code! It uses obsolete insecure code that has been completely removed from PHP. This code is not fixable.

I hope you didn’t pay for it. If you did, get your money back.

Yes i paid for it but not much, i thought that i need to do something on this script, but if it is really so bad coding, thats bad!!!

but thanks for your opinion! than i test a little bit with this script. It can`t be any worse than that. thanks