Gahhh This Isn't Going Well Please Help!

chappill

May 26 2008, 05:55 PM

CODE

<?
// database connection details stored here
include "database.php";
?>
<!doctype html public "-//w3c//dtd html 3.2//en">
<html>
<head>
<title>Thanks!</title>
</head>
<body bgcolor="#ffffff" text="#000000">
<?
$email=mysql_real_escape_string($email);
$status = "OK";
$msg="";
//error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
if (!stristr($email,"@") OR !stristr($email,".")) {
$msg="Your email address is not correct ";
$status= "NOTOK";}
echo " ";
if($status=="OK"){ $query="SELECT * FROM users WHERE password = '$email'";
$st=mysql_query($query);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email;// email is stored to a variable
if ($recs == 0) { echo

That's a snippet of code from my forgot password form on my site...I don't know why it doesn't work. Here's a few links you may need to help:
http://chappill.trap17.com/test/test/login.php
http://chappill.trap17.com/test/test/register.php
http://chappill.trap17.com/test/test/forgot.php

Login is the login page, register is the register page and forgot is the forgotten password page, I hope you can help!
The problem is when you click submit on the forgotten password page it takes you off to the next page (like it should) but the next page displays

QUOTE

Your email address is not correct

Even though I know It's right... so there must be something wrong wth the way the script gets the information out of the MySQL database, heres the full code: http://www.chappill.trap17.com/test/test/lookhere.txt

rvalkass

May 26 2008, 07:18 PM

The problem lies with the way you check for the pattern of an email address:

CODE

if (!stristr($email,"@") OR !stristr($email,".")) {

I would take a look at using regexp to detect email addresses, rather than stristr. preg_match will use a regular expression, and tell you whether a given string matches that regular expression.

There is a lot of information on validating email addresses using regular expressions here: http://www.regular-expressions.info/email.html

chappill

May 26 2008, 07:24 PM

Hmmm now that's confused me :S So I change

CODE

if (!stristr($email,"@") OR !stristr($email,".")) {

to this

CODE

if (!regexp($email,"@") OR !regexp($email,".")) {

??? Or is that wrong, help I'm lost!!!

But thanks for trying, i get into al sorts of problem with my scripts lol.

rvalkass

May 26 2008, 07:39 PM

No, regexp isn't a function

Regexp stands for regular expressions, and is a way of checking if a string matches a certain pattern. In PHP, the easiest way to use regular expressions is with preg_match. You use it like this:

CODE

preg_match("regexp here", "string to check here");

It will return 0 for no matches, or 1 for a match.

The most difficult part is writing the regexp - the pattern the email address has to match to be classed as valid. Regular expressions are tricky to understand to start with, but incredibly powerful.

chappill

May 26 2008, 07:59 PM

Gahhhh my head hurts I need another break already but I'm not off!

I now have:

CODE

preg_match("$email,"@"", "$email,"."");

Instead of:

CODE

if (!stristr($email,"@") OR !stristr($email,".")) {

And that produces the error:

QUOTE

Parse error: syntax error, unexpected '@' in /home/chappill/public_html/test/test/forgot-passwordck.php on line 36

Line 36 is that very line above...It's still screwed and It's all because I'm a retard =[

rvalkass

May 27 2008, 09:26 AM

What you want that line to say is this:

CODE

if ( preg_match("^[-._%+A-Za-z0-9]+@[-.A-Za-z0-9]+\.[A-Za-z]{2,4}$", $email) == 0 ) {

The most difficult part to understand is the regexp string, which I will try to explain below. It is basically a pattern that the variable $email must fit to be declared valid. If it fits the pattern, preg_match returns 1, and the email address is valid. If it doesn't fit the pattern, preg_match returns 0, and the email address is invalid.

So, to explain that huge jumble of characters:

^ - The start of the string
[-._%+A-Za-z0-9] - Look for the -, ., _, % and + characters, along with characters in the ranges A-Z, a-z and 0-9...
+ - ...repeated any number of times...
@ - ...followed by the @ sign...
[-.A-Za-z0-9] - ...then more letters...
+ - ...repeated any number of times...
\. - ...followed by a dot...
[A-Za-z] - ...then the letters A-Z and a-z...
{2,4} - ...repeated between 2 and 4 times (the domain, like .COM or .UK or something)...
$ - ...and then the end of the string.

chappill

May 30 2008, 02:04 PM

Sorry it's been about 3 days just got off holidays =].
I put that line in and as I thought it would go ape over

QUOTE

Warning: preg_match() [function.preg-match]: No ending delimiter '^' found in /home/chappill/public_html/test/test/forgot-passwordck.php on line 47

Your email address is not correct

the little ^ thats in there, should that not be something else?

rvalkass

May 30 2008, 03:24 PM

Sorry, PHP, for some reason, needs slashes added:

CODE

if ( preg_match("/^[-._%+A-Za-z0-9]+@[-.A-Za-z0-9]+\.[A-Za-z]{2,4}$/", $email) == 0 ) {

Just tested it, and it seems to work. Let us know.

chappill

May 31 2008, 07:59 AM

Dude your a star =] Thanks so much for putting up with my dodgy scripts and finding and solving the problem, without you I would be lost, it works, thanks very much =]

Oh wait, I think theres something wrong with the way it's pulling the information from the MySQL. I have:

CODE

echo " ";

if($status=="OK"){ $query="SELECT * FROM users WHERE password = '$email'";

$st=mysql_query($query);

$recs=mysql_num_rows($st);

$row=mysql_fetch_object($st);

$em=$row->email;// email is stored to a variable

That as the code, my MySQL table is set up like this, users as the table name which i presumed was FROM, and then username, password and email as my fields. Should this be changed?

rvalkass

May 31 2008, 11:15 AM

Either you have a very weird and confusing way of naming variables, or this line is wrong:

CODE

{ $query="SELECT * FROM users WHERE password = '$email'";

Any reason the password would be the same as their email address?

Latest Entries

tracdoor

Jun 1 2008, 08:20 PM

Why don't you use Mysql query? that would make it a lot easier!

Don't jump in at the deep end trying to make a super secure login script with loads of features, a simple register, login and logout is fine for a first try! from there you can make more adjustments to it later. Also i noticed you don't seem to have a members page yet, what use is a forgotten password script if your visitors have no reason to come back!.

Like I said don't jump in at the deep end, simple Mysql query's are fine! if you do that there's little chance of errors, and the errors that you do get are simple mistakes, ones that a novice could correct easily.

rvalkass

Jun 1 2008, 08:30 AM

QUOTE(chappill @ May 31 2008, 09:34 PM)

Good point lol I have absolutely no idea, a friend recommended

CODE

{ $query="SELECT email,password,username FROM users WHERE password = '$email'";

But i can't see that working either and it didn't!

You've still got password equal to email...?

Surely that line should either be:

CODE

{ $query="SELECT * FROM users WHERE email = '$email'";

Or:

CODE

{ $query="SELECT * FROM users WHERE password = '$encryptedPassword'";

Identifying users by their password seems somewhat bizarre, so I assume you want the first example - getting a list of people with the email address you want.

ADD REPLY / Got an Opinion!	a humble request :-)	RAPID SEARCH!	Free Hosting	[X]
Express your Opinions, Thoughts or Contribute your information that might help someone here. Ask your Doubts & Queries to get answers.. "Together, We enlight each other!"	Register FREE for AD-FREE forum, Create your own topics, Ask Questions, track topics, setup subscriptions & notifications and Get a Free Website w/ Email and FTP.		500MB Space No Ads, CPanel, FTP, PHP, MySQL, EMails - 100% FREE

Gahhh This Isn't Going Well Please Help! - It's a forgot password form in php!

Gahhh This Isn't Going Well Please Help! - It's a forgot password form in php!

Latest Entries