Hey guys…
I’m trying to figure out how to require admin approval for my members area. I followed this tutorial on setting it up: http://www.1stoptutorials.com/Membership_Course.html
It worked fine following the tutorial. I’ve spend this morning trying to modify - to the best of my knowledge - a way to approve the registrations before they can enter. My thought was to send the e-mail activation link to myself, approve it, and then have the activate.php send them an email saying they were approved and giving them their log in info.
I got the activation email to go to myself, but when clicking the activation link it displays “Your account could not be activated!” I would assume this is because the value are matching in the verification process?? But, I don’t know how to fix it IF that is the problem. PLEASE HELP!
Here’s some of my edited files. Let me know if you need anything else.
ACTIVATE.PHP
[php]<?
/* Account activation script */
// Get database connection
include ‘db.php’;
// Create variables from URL.
$userid = $_REQUEST[‘id’];
$code = $_REQUEST[‘code’];
$sql = mysql_query(“UPDATE users SET activated=‘1’ WHERE userid=’$userid’ AND password=’$code’”);
$sql_doublecheck = mysql_query(“SELECT * FROM users WHERE userid=’$userid’ AND password=’$code’ AND activated=‘1’”);
$doublecheck = mysql_num_rows($sql_doublecheck);
if($doublecheck == 0){
echo “Your account could not be activated!”;
} elseif ($doublecheck > 0) {
include ‘login_form2.html’;
}
else {
$userid = mysql_insert_id();
// Let’s mail the user!
$subject = “Dealer Access Approved at AgriGro.com”;
$message = "Dear $first_name $last_name,
Your request for access to the Dealer's area at mysite.com has been approved.
Your login information is below:
Username: $username
Password: $random_password
To log in, please click here: http://www.mysite.com/dealers2/login_form.html
Thanks!
The Webmaster
This is an automated response, please do not reply!";
mail($userid, $subject, $message, "From: Webmaster <[email protected]>\nX-Mailer: PHP/" . phpversion());
include 'registration-success.html';
}
?>[/php]
REGISTER.PHP
[php]<?
include ‘db.php’;
// Define post fields into simple variables
$first_name = $_POST[‘first_name’];
$last_name = $_POST[‘last_name’];
$email_address = $_POST[‘email_address’];
$username = $_POST[‘username’];
$info = $_POST[‘info’];
/* Let’s strip some slashes in case the user entered
any escaped characters. */
$first_name = stripslashes($first_name);
$last_name = stripslashes($last_name);
$email_address = stripslashes($email_address);
$username = stripslashes($username);
$info = stripslashes($info);
/* Do some error checking on the form posted fields */
if((!$first_name) || (!$last_name) || (!$email_address) || (!$username)){
echo 'You did not submit the following required information!
';
if(!$first_name){
echo “First Name is a required field. Please enter it below.
”;
}
if(!$last_name){
echo “Last Name is a required field. Please enter it below.
”;
}
if(!$email_address){
echo “Email Address is a required field. Please enter it below.
”;
}
if(!$username){
echo “Desired Username is a required field. Please enter it below.
”;
}
include ‘join_form.html’; // Show the form again!
/* End the error checking and if everything is ok, we’ll move on to
creating the user account */
exit(); // if the error checking has failed, we’ll exit the script!
}
/* Let’s do some checking and ensure that the user’s email address or username
does not exist in the database */
$sql_email_check = mysql_query(“SELECT email_address FROM users WHERE email_address=’$email_address’”);
$sql_username_check = mysql_query(“SELECT username FROM users WHERE username=’$username’”);
$email_check = mysql_num_rows($sql_email_check);
$username_check = mysql_num_rows($sql_username_check);
if(($email_check > 0) || ($username_check > 0)){
echo "Please fix the following errors:
";
if($email_check > 0){
echo “Your email address has already been used by another member in our database. Please submit a different Email address!
”;
unset($email_address);
}
if($username_check > 0){
echo “The username you have selected has already been used by another member in our database. Please choose a different Username!
”;
unset($username);
}
include ‘join_form.html’; // Show the form again!
exit(); // exit the script so that we do not create this account!
}
/* Everything has passed both error checks that we have done.
It’s time to create the account! */
/* Random Password generator.
http://www.phpfreaks.com/quickcode/Random_Password_Generator/56.php
We’ll generate a random password for the
user and encrypt it, email it and then enter it into the db.
*/
function makeRandomPassword() {
$salt = “abchefghjkmnpqrstuvwxyz0123456789”;
srand((double)microtime()*1000000);
$i = 0;
while ($i <= 7) {
$num = rand() % 33;
$tmp = substr($salt, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}
$random_password = makeRandomPassword();
$db_password = md5($random_password);
// Enter info into the Database.
$info2 = htmlspecialchars($info);
$sql = mysql_query(“INSERT INTO users (first_name, last_name, email_address, username, password, info, signup_date)
VALUES(’$first_name’, ‘$last_name’, ‘$email_address’, ‘$username’, ‘$db_password’, ‘$info2’, now())”) or die (mysql_error());
if(!$sql){
echo ‘There has been an error creating your account. Please contact the webmaster.’;
}
else {
$my_email = "[email protected]";
// Let’s mail the user!
$subject = “Dealer Access Approval Request at mysite.com”;
$message = "Dear Webmaster,
$first_name $last_name has request access to the Dealers area at mysite.com.
To approve their account, please click here: http://www.mysite.com/dealers2/activate.php?id=$userid&code=$db_password
Once you approve their memebership, an email will be sent to them with their username and password.
Thanks!
The Webmaster
This is an automated response, please do not reply!";
mail($my_email, $subject, $message, "From: Webmaster <[email protected]>\nX-Mailer: PHP/" . phpversion());
include 'registration-success.html';
}
?>[/php]