A Flash Developer Resource Site

Results 1 to 7 of 7

Thread: PHP Quandry - Oh the joys..

  1. #1
    the friendly canadian DaVulf's Avatar
    Join Date
    Feb 2004
    Location
    Singapore
    Posts
    2,017

    PHP Quandry - Oh the joys..

    Alright, so I'm still struggling with PHP, and I haven't had time to really dive into it since I've been working full-time with summer school at night, and I've run into this issue.

    What I want to do is have a hybrid page, HTML, with Flash navbar. Now, on my navbar, I want to have a login/password box (with forgot password? register). Now, when you click on register, I want it to appear in the HTML portion as a sign up ala phpBB. The issue I want to do is have it so that I manually give out confirmation numbers to people when they register. They put this number in, and can sign up. Without it, no signup.

    I am trying to prevent just anyone from signing up, this is for a club at my university, and I only want members to be able to access the members area. When they pay their membership fee, I will give them a unique code that they will enter when signing up. This will allow them to create an account.

    Is this possible to do, if so, how? Also, how can I have it so those same usernames get registered on the forum and are active there aswell.

    This is the current code in Flash:

    Submit button
    Code:
    on (release) 
    {
    	if(userName.length > 0 && userPassword.length > 0)
    	{
    		myVars = new LoadVars();
    		myVars.username = userName.text
    		myVars.pass = userPassword.text
    		myVars.action = 'login';
    		myVars.sendAndLoad(php_file, myVars, 'POST');
    		myVars.onLoad = function()
    		{
    			if(!this.error && this.user > 0)
    			{
    				_root.gotoAndStop('registered');
    			} else {
    				_root.gotoAndStop('no_registered');
    			}
    			userName.selectable = true;
    			userPassword.selectable = true;
    			loginButton.enabled = true;
    		}
    		userName.selectable = false;
    		userPassword.selectable = false;
    		loginButton.enabled = false;
    	}
    }
    This is the backend code:

    user.php
    PHP Code:
    <?
    require_once('conf.inc.php');
    require_once('functions.php');
    // ---
    // register new user
    // ---
    function register($username,$pass,$email,$question,$answer)
    {
       GLOBAL $db, $table;
       $username = trim($username);
       $pass = trim($pass);
       $email = trim($email);
       $question = addslashes(trim($question));
       $answer = addslashes(trim($answer));
       $validEmail = valid_email($email);
       $validName = valid_userName($username);
       $validPass = valid_password($pass);
       if(!$validName) return "error=invalid name";
       if(!$validPass) return "error=invalid password";
       if(!$validEmail) return "error=invalid email";
       $pass = md5(trim($pass));
       // all checks ok
       $query = @mysql_query("INSERT INTO $table (userName,userPassword,userMail,userQuestion,userAnswer) VALUES "
       ."('$username','$pass','$email','$question','$answer')");
       if(!$query)
       {
          return "error=" . mysql_error();
       } else {
          return "user=ok";
       }
    }

    // ---
    // login, check user
    // ---
    function login($username,$pass)
    {
       GLOBAL $db,$table;
       $username = trim($username);
       $pass = md5(trim($pass));
       $query = mysql_query("SELECT * FROM $table WHERE userName = '$username' AND userPassword = '$pass'");
       return mysql_num_rows($query);
    }

    // ---
    // forget password
    // ---
    function forget($email)
    {
       GLOBAL $db,$table;
       $email = trim($email);
       $query = mysql_query("SELECT userName, userQuestion from $table WHERE userMail = '$email'");
       if(mysql_num_rows($query)<1)
       {
          return "error=email not present into database";
       }
       $row = mysql_fetch_array($query);
       return "userName=$row[userName]&userQuestion=" . stripslashes($row['userQuestion']);
    }

    // ---
    // generate new password
    // ---
    function new_password($username,$email,$answer)
    {
       GLOBAL $db,$table;
       $username = trim($username);
       $email = trim($email);
       $answer = addslashes(trim($answer));
       $query = mysql_query("SELECT * FROM $table WHERE userName = '$username' AND userMail = '$email' AND userAnswer = '$answer'");
       if(mysql_num_rows($query) < 1)
       {
          return "error=wrong answer";
       }
       $rand_string = '';
       // ---
       // generating a random 8 chars lenght password
       // ---
       for($a=0;$a<7;$a++)
       {
          do
          {
             $newrand = chr(rand(0,256));
          } while(!eregi("^[a-z0-9]$",$newrand));
          $rand_string .= $newrand;
       }
       $pwd_to_insert = md5($rand_string);
       $new_query = mysql_query("UPDATE $table SET userPassword = '$pwd_to_insert' WHERE userName = '$username' AND userMail = '$email'");
       if(!$new_query)
       {
          return "error=unable to update value";
       }
       return "userName=$username&new_pass=$rand_string";
    }

    // ---
    // decisional switch
    // ---
    if(isset($HTTP_POST_VARS["action"]))
    {
       switch($HTTP_POST_VARS["action"])
       {
          case "register":
             $result = register($HTTP_POST_VARS['username'],$HTTP_POST_VARS['pass'],$HTTP_POST_VARS['email'],$HTTP_POST_VARS['question'],$HTTP_POST_VARS['answer']);
             print $result;
             break;
          case "login":
             $result = login($HTTP_POST_VARS['username'],$HTTP_POST_VARS['pass']);
             print "user=" . $result;
             break;
          case "forget":
             $result = forget($HTTP_POST_VARS['email']);
             print $result;
             break;
          case "new_password":
             $result = new_password($HTTP_POST_VARS['username'],$HTTP_POST_VARS['email'],$HTTP_POST_VARS['answer']);
             print $result;
             break;
       }
    }
    ?>
    Information gathered from:http://www.sephiroth.it/tutorials/fl...tion/index.php

    If anyone can help, that would be amazing. If you have anything to contribute, please post. Any reply is better than no reply.

    I appreciate the help,
    DaVULf

  2. #2
    the friendly canadian DaVulf's Avatar
    Join Date
    Feb 2004
    Location
    Singapore
    Posts
    2,017
    Nobody has anything to say?

  3. #3
    Junior Member
    Join Date
    May 2005
    Posts
    27
    I cannot help you with everything. However I have found this the most successful sendAndLoad application:
    Your use of myVars for your reply could cause problems.


    Code:
    {		myVars = new LoadVars();
    		MyReply= new LoadVars();
    		myVars.username = userName.text
    		myVars.pass = userPassword.text
    		myVars.action = 'login';
    		MyVars.sendAndLoad('your.php, MyReply);
    		MyReply.onLoad = UpdateReply;           ///don't put brackets '()'
    }
    function UpdateReply(success) {
    	if (success) {
    		_root.Vareply = MyReply;
    		
    	} else {
    		_root.Vareply = "Failed";
    		
    	}
    }

  4. #4
    the friendly canadian DaVulf's Avatar
    Join Date
    Feb 2004
    Location
    Singapore
    Posts
    2,017
    Great, thanks newboy. I'll have to switch that up.

  5. #5
    the friendly canadian DaVulf's Avatar
    Join Date
    Feb 2004
    Location
    Singapore
    Posts
    2,017
    Okay, what newboy suggested has now been implemented, but although helpful (and thanks a bunch man), this does not contribute to the bulk of the problem.

    As I say, I know some people on here know how to fix this, so could I please get you to help a brother out. I know I've been asky lately, but I've been swamped at work, and I don't have the time I did back when school was still in. Once I'm back at school I will have time to research all of this instead of just asking, but I need things done long before then, so I need your collective help.

    I appreciate the help,
    DaVuLf

  6. #6
    associate admedia's Avatar
    Join Date
    Oct 2001
    Location
    is
    Posts
    1,347
    So you want someone to come to the site. Register, then you manually confirm the registration?

  7. #7
    the friendly canadian DaVulf's Avatar
    Join Date
    Feb 2004
    Location
    Singapore
    Posts
    2,017
    That's correct.

    The only people that I will confirm registration for, are people who have been pre-authorized by me giving them a registration code in person.. Similar to a CD-Key for a program.

    As I explained, this is because only people who are members of the club are to have access. To be a member of the club you have to sign up on campus, and pay the club fee and I will give them the registration key.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  




Click Here to Expand Forum to Full Width

HTML5 Development Center