Site registration with url mail activation

[franky4fingers]

I've done a hack to let users register with form (+ captcha module: look: http://php.brickhost.com/forums/index.php?topic=3625.0), receive email with url activation, activate and at the end logon.

Hack done wiht help of "Access user Class" from http://www.phpclasses.org

Here things to do:

Create a new field (eg. active) on login table, type enum('y', 'n')


Edit file index.php

Add:

Code:

else if (isset($_GET['activate']) && isset($_GET['ident'])) { // this two variables are required for activating/updating the account/password
$msg = $auth->activate_account($_GET['activate'], $_GET['ident']); // the activation method
}

after:

Code:

if (isset($_GET['logout'])) {
    $auth->doLogout();   
}

Edit file Auth.class.php

add:

Code:

if ($ok_user && $ok_pass && !$this->db->userActive($uname, $use_logonname) ) {
$msg .= translate('User is not active!') . '<br/>';
$ok_active = false;
}
else
$ok_active = true;

after:

Code:

else
$ok_pass = true;

change:

Code:

if (!$ok_user || !$ok_pass) {
$msg .= translate('You can try');
return $msg;
}

in:

Code:

if (!$ok_user || !$ok_pass || !$ok_active) {
//$msg .= translate('You can try');
return $msg;
}

add:

Code:

function activate_account($activate_key, $key_id) {
global $conf;
if ($activate_key != "" && strlen($activate_key) == 32 && $key_id != "") {
$this->id = $key_id;
if ($this->db->userActiveId($key_id)) {
$this->db->doActive($activate_key, $key_id);
$msg = $this->success = translate('You account is active now!') . '<br/>' ;
return $msg;

}
}
}

after:

Code:

CmnFns::redirect(urldecode($resume));
}
}

change the function do_register_user in:

Code:

function do_register_user($data, $adminCreated) {
global $conf;
// Verify user data
$msg = $this->check_all_values($data, false);
if (!empty($msg)) {
return $msg;
}

$adminemail = strtolower($conf['app']['adminEmail']);
$techEmail  = empty($conf['app']['techEmail']) ? translate('N/A') : $conf['app']['techEmail'];
$url        = CmnFns::getScriptURL();

// Register the new member
$id = $this->db->insertMember($data);

$this->db->autoassign($id); // Give permission on auto-assigned resources

$mailer = new PHPMailer();
$mailer->IsHTML(false);

// Email user informing about successful registration
$subject = $conf['ui']['welcome'];
$url_act = $url."/index.php?ident=".$id."&activate=".md5($data['password'])."&language=".$data['lang'];
$msg = translate_email('register',
$data['fname'], $conf['ui']['welcome'],
$url_act,
$url,
(isset($data['logon_name']) ? $data['logon_name'] : $data['emailaddress']),
$data['password']
);

$mailer->AddAddress($data['emailaddress'], $data['fname'] . ' ' . $data['lname']);
$mailer->From = $adminemail;
$mailer->FromName = $conf['app']['title'];
$mailer->Subject = $subject;
$mailer->Body = $msg;
$mailer->Send();

// Email the admin informing about new user
if ($conf['app']['emailAdmin']) {
$subject = translate('A new user has been added');
$msg = translate_email('register_admin',
$data['emailaddress'],
$data['fname'], $data['lname'],
$data['phone'],
$data['institution'],
$data['position']);

$mailer->ClearAllRecipients();
$mailer->AddAddress($adminemail);
$mailer->Subject = $subject;
$mailer->Body = $msg;
$mailer->Send();
}

if (!$adminCreated) {
// If the user wants to set a cookie, set it
// for their ID and fname.  Expires in 30 days (2592000 seconds)
if (isset($data['setCookie'])) {
setcookie('ID', $id, time() + 2592000, '/');
}

// If it is the admin, set session variable
if ($data['emailaddress'] == $adminemail) {
$_SESSION['sessionAdmin'] = $adminemail;
}

// Set other session variables
$_SESSION['sessionID'] = $id;
$_SESSION['sessionName'] = $data['fname'];
$_SESSION['hourOffset'] = $data['timezone'] - $conf['app']['timezone'];
}

// Write log file
CmnFns::write_log('New user registered. Data provided: fname- ' . $data['fname'] . ' lname- ' . $data['lname']
. ' email- '. $data['emailaddress'] . ' phone- ' . $data['phone'] . ' institution- ' . $data['institution']
. ' position- ' . $data['position'], $id);

if( !$conf['ldap']['authentication'] ) {
$url = 'index.php';
if ($adminCreated){
$url = 'admin.php?tool=users';
}
$link = CmnFns::getNewLink();

$this->success = translate('You have successfully registered') . '<br/>' . $link->getLink($url, translate('Continue'));

}
else {
// return DB id from entry created if using LDAP
return $id;
}
}

Edit file AuthDB.class.php

add functions:

Code:

/**
* Returns whether the user is active or not
* @param string $uname user name
* @return whether user is active or not
*/
function userActive($uname, $use_logonname = false) {
$data = array (strtolower($uname));
if ($use_logonname) {
// Can be logonname or email address
$where = '(email=? OR logon_name=?)';
$data[] = $data[0];
}
else {
// Can only be email address
$where = '(email=?)';
}
$email_or_login = ($use_logonname) ? 'logon_name' : 'email';
$result = $this->db->getRow('SELECT count(*) as num FROM ' . $this->get_table('login') . " WHERE (email=? OR logon_name=?) AND active='y' ", $data);
$this->check_for_error($result);

return ($result['num'] > 0 );
}

/**
* Returns whether the user is active or not by userid
* @param string $key_id userid
* @return whether user is active or not by userid
*/
function userActiveId($key_id) {
$data = array (strtolower($key_id));
$result = $this->db->getRow('SELECT count(*) as num FROM ' . $this->get_table('login') . " WHERE memberid=? AND active='n' ", $data);
$this->check_for_error($result);

return ($result['num'] > 0 );
}

  /**
* Make the user active 
* @param string $uname user name
* @return whether user is active or not
*/
function doActive ($activate_key, $key_id) {
$data = array (strtolower($activate_key), strtolower($key_id));
// $result = $this->db->getRow('UPDATE . $this->get_table('login') active SET active = 'y' WHERE id = %s AND pw = '%s'", $this->table_name, $key_id, $activate_key);
$sql = $this->db->query('UPDATE ' . $this->get_table('login') . ' SET active = "y" WHERE password = ? AND memberid = ? ', $data);
$this->check_for_error($result);
}

add at the end of function insertMember($data):

Code:

(array_push($to_insert,'n'));

Add a ? in:

Code:

$q = $this->db->prepare('INSERT INTO ' . $this->get_table('login')..

Modify own xxx.lang.php file changing the $email['register']


Enjoy!

[Nick]

Very cool!  Thanks for sharing this!

[tourer]

A very nice modification to the system, but when i tried to install this function, i got the following errors.
There was an error executing your query:
DB Error: no such field SELECT count(*) as num FROM login WHERE (email='dengue' OR logon_name='dengue') AND active='y' [nativecode=1054 ** Unknown column 'active' in 'where clause']

Please if any one can help. Also How will the activation link appear on the mail. in my case, the mails are sent but they don't contain any information about the new user.

[franky4fingers]

A very nice modification to the system, but when i tried to install this function, i got the following errors.
There was an error executing your query:
DB Error: no such field SELECT count(*) as num FROM login WHERE (email='dengue' OR logon_name='dengue') AND active='y' [nativecode=1054 ** Unknown column 'active' in 'where clause']

Hi,
did you add the "active" field on the login table?

[tourer]

Thankyou for such a speedy reply. Btw here are the steps i took:

1. Added the following line to my auth.template.php
                </tr>
     <tr bgcolor="#FFFFFF">
      <td>
        <p><b><?php echo translate('Active')?></b></p>
      </td>
      <td>
        <input type="enum" name="Active" class="textbox" />
      </td>
This gave me field on the index.php with a active icon in the log-in page.

2. Perform all the steps as stated, but is recieving the error:
There was an error executing your query:
DB Error: no such field SELECT count(*) as num FROM login WHERE (email='tourer' OR logon_name='tourer') AND active='y' [nativecode=1054 ** Unknown column 'active' in 'where clause']
Even if i am trying to log-in with any account. Even Admin included.

3. When i try to register as a new user, i get the following errors:
a. Warning: array_push() [function.array-push]: First argument should be an array in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\lib\db\AuthDB.class.php on line 117 {it happened when i added (array_push($to_insert,'n'));}

b. There was an error executing your query:
DB Error: mismatch INSERT INTO login VALUES ( , , , , , , , , , , , , , , , , , ) [DB Error: mismatch] {it occured after i added ? in the $q = $this->db->prepare('INSERT INTO ' . $this->get_table('login').. which maked a total of 18 ? in this line.

Please help if i made myself clear about my errors.

[franky4fingers]

Thankyou for such a speedy reply. Btw here are the steps i took:

1. Added the following line to my auth.template.php
                </tr>
     <tr bgcolor="#FFFFFF">
      <td>
        <p><b><?php echo translate('Active')?></b></p>
      </td>
      <td>
        <input type="enum" name="Active" class="textbox" />
      </td>
This gave me field on the index.php with a active icon in the log-in page.

No way!!
You must edit your database.
Access to your DB (eg. with phpmyadmin) and edit the "login" table.
You must add a field named "active" of type enum('y', 'n')

[tourer]

Again thanks for the reply. Btw is there anything else required apart from this field.

 ALTER TABLE `login` ADD `Active` ENUM NOT NULL

MySQL said: Documentation
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'NOT NULL' at line 1

This is the error i am getting while trying to create a new field.

I know its so lame of me but still i dont know why i am getting all these errors.

[franky4fingers]

Again thanks for the reply. Btw is there anything else required apart from this field.

 ALTER TABLE `login` ADD `Active` ENUM NOT NULL

MySQL said: Documentation
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'NOT NULL' at line 1

ALTER TABLE  `login` ADD  `active` ENUM('y', 'n') NOT NULL ;

[tourer]

Field in the table created, but now when i register as a new user, the following error occurs:

Warning: array_push() [function.array-push]: First argument should be an array in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\lib\db\AuthDB.class.php on line 117

There was an error executing your query:
DB Error: mismatch INSERT INTO login VALUES ( , , , , , , , , , , , , , , , , , ) [DB Error: mismatch]

I added the extra ? required. now it sums up to 18 ? marks.

[franky4fingers]

Field in the table created, but now when i register as a new user, the following error occurs:

Warning: array_push() [function.array-push]: First argument should be an array in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\lib\db\AuthDB.class.php on line 117

There was an error executing your query:
DB Error: mismatch INSERT INTO login VALUES ( , , , , , , , , , , , , , , , , , ) [DB Error: mismatch]

I added the extra ? required. now it sums up to 18 ? marks.

Did you add in AuthDB.class.php at the end of function insertMember($data)  the code:

Code:

(array_push($to_insert,'n'));

[tourer]

Ok. Actually when i added this required (array_push($to_insert,'n')); after array_push($to_insert, $data['timezone']); at line 139, every thing is working fine. now i am registered with some minor error :

Warning: sprintf() [function.sprintf]: Too few arguments in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\config\langs.php(242) : eval()'d code on line 14.

Even when i check my databse, in the Active field this newly registered user is assigned n value that means i am not activated.

I also recieved a mail which i read. but how so i activate myself now. I dont recieve any link in the mail to activate my account.

Also when i try to log-in using this unactivated account, i get only a ? as an error msg.

I guess we are very near to the solution. Thnx Anywaysz.

[franky4fingers]

I also recieved a mail which i read. but how so i activate myself now. I dont recieve any link in the mail to activate my account.

I guess we are very near to the solution. Thnx Anywaysz.

You must edit your xx.langs.php in lang directory.
Change the  $email['register'] to match the code of Auth.class.php

Code:

$msg = translate_email('register',
$data['fname'], $conf['ui']['welcome'],
$url_act,
$url,
(isset($data['logon_name']) ? $data['logon_name'] : $data['emailaddress']),
$data['password']
);

You must have 6 %s on your $email['register']

[tourer]

That means if i have the following code in my auth.class.php, i need to copy the same code to my en_US.lang.php:

Auth.class.php:-
$subject = $conf['ui']['welcome'];
      $url_act = $url."/index.php?ident=".$id."&activate=".md5($data['password'])."&language=".$data['lang'];
      $msg = translate_email('register',
                        $data['fname'], $conf['ui']['welcome'],
                        $url_act,
                        $url,
            (isset($data['logon_name']) ? $data['logon_name'] : $data['emailaddress']),
                        $data['password']
                        );

for
en_US.lang.php:-
$email['register'] = "%s, %s \r\n"
            . "You have successfully registered with the following information:\r\n"
            . "Logon: %s\r\n"
            . "Name: %s %s \r\n"
            . "Phone: %s \r\n"
            . "Institution: %s \r\n"
            . "Position: %s \r\n\r\n"
            . "Please log into the scheduler at this location:\r\n"
            . "%s \r\n\r\n"
            . "You can find links to the online scheduler and to edit your profile at My Control Panel.\r\n\r\n"
            . "Please direct any resource or reservation based questions to %s";

[franky4fingers]

That means if i have the following code in my auth.class.php, i need to copy the same code to my en_US.lang.php:

Auth.class.php:-
$subject = $conf['ui']['welcome'];
      $url_act = $url."/index.php?ident=".$id."&activate=".md5($data['password'])."&language=".$data['lang'];
      $msg = translate_email('register',
                        $data['fname'], $conf['ui']['welcome'],
                        $url_act,
                        $url,
            (isset($data['logon_name']) ? $data['logon_name'] : $data['emailaddress']),
                        $data['password']
                        );

for
en_US.lang.php:-
$email['register'] = "%s, %s \r\n"
            . "You have successfully registered with the following information:\r\n"
            . "Logon: %s\r\n"
            . "Name: %s %s \r\n"
            . "Phone: %s \r\n"
            . "Institution: %s \r\n"
            . "Position: %s \r\n\r\n"
            . "Please log into the scheduler at this location:\r\n"
            . "%s \r\n\r\n"
            . "You can find links to the online scheduler and to edit your profile at My Control Panel.\r\n\r\n"
            . "Please direct any resource or reservation based questions to %s";

No, you have to change the $email['register'] to something like this:

Code:

$email['register'] = "%s, %s \r\n"
. "Check this url to activate your account:\r\n"
. "Activate url: %s\r\n"
. "After you can access the homepage : %s\r\n"
. "with your username: %s \r\n"
. "and your password: %s \r\n";

[tourer]

Aha. Finally, i am able to do all the things. Thank you very much for all the help. I will let you in some time if i get some error. Till now its working completly fine. Thankyou again.

Btw when i click on the activation link to activate the account, however my account gets activated still i get this error:
Notice: Undefined variable: result in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\lib\db\AuthDB.class.php on line 109

And also when i try to log-in without clicking on the activation mail, i get ? only for the error msg, nd not something like your account is not valid.

Lastly but Thanks Newaz.