这个古怪的错误到底是什么? [英] What on earth is this outlandish error ?
问题描述
编程好友,
这是我的最新脚本。它是一个成员注册脚本。
它会注册您并激活您的帐户以确认您的电子邮件,然后自动登录您的帐户。它使用cookie来记住您的用户详细信息。在我为你的朋友或公众发布帖子之前,它一直工作正常。
我收到错误:
PHP解析错误:/ home中的语法错误,意外''',期待' - '或标识符(T_STRING)或变量(T_VARIABLE)或数字(T_NUM_STRING)第168行/sn/public_html/sn/home.php
在许多行上,我改变了:
$ query =SELECT * FROM users WHERE Username =' 。$ user。';
to:
$ query =SELECT * FROM users WHERE Username ='$ user';
但是没有运气摆脱错误。你会看到第168行没有任何。
我使用notepad ++。错误mssg似乎无关紧要。
所以,看看错误和我的脚本,你觉得这个问题是什么?是?最好c
我的wamp / xampp上的代码真正理解问题。
谢谢!
PPS - 下一篇文章。
这篇关于这个古怪的错误到底是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
我尝试过:
一遍又一遍地编码。
register.php
< pre lang =PHP><!DOCTYPE html>
< html >
< head < span class =code-keyword>>
< title > 注册页面< / title >
< meta charset = utf-8 >
< meta name = viewport < span class =code-attribute> content = width = device-width,initial-scale = 1 >
< link rel = 样式表 href = https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css >
< 脚本 src = https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js > < / script >
< script src = h ttps://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js > < / script >
< / head >
< body >
< span class =code-keyword>< div class = container >
< center > < h2 > 注册表单< / h2 > < / center >
< 表格 方法 = post action = >
< div 类 = form-group >
< center > < label = username > 用户名:< / label >
< 输入 类型 = text class = form-control
< ; / div >
< div class = form-group
< center > < label = 密码 > 密码:< / label >
< input type = 密码 class < span class =code-keyword> = form-control id = pwd 占位符 = < span class =code-keyword>输入新密码 name = member_registration_password > < / center >
< / div >
< div 类 = form-group >
< center > < label = 密码 > 重复密码:< / label >
< < span class =code-leadattribute> input type = 密码 class = form-control id = member_registration_repeat_pwd 占位符 = 重复新密码 名称 = member_registration_password_confirmation > < span class =code-keyword>< / center >
< / div >
< div class = form-group >
< center > < label for = forename > 名字:< / label >
< 输入 类型 = text class = form-control id = member_registration_first_name 占位符 = 输入您的名字 名称 = member_registration_forename > < / center >
< / div >
< div 类 = form-group >
< center > < label = 姓 > 姓:< / label >
< input type = text class = 表格控制 id = member_registration_last_name 占位符 = 输入您的姓氏 名称 = member_registration_surname > < < span class =code-leadattribute> / center >
< / div >
< div class = form-group >
< 中心 > < label = 电子邮件 > 电子邮件:< / label >
< < span class =code-leadattribute> input type = 电子邮件 class = form-control id = member_registration_email 占位符 = 输入您的电子邮件 名称 = member_registration_email > < / center >
< / div >
< div class = 表单组 >
< center > < label for = email > 重复电子邮件:< ; / label >
< 输入 type = email
< / div >
< center > < 按钮 type = 提交 class = btn btn-default < span class =code-attribute> name = submit > 注册!< / button > < / center >
< 中心 > < font 颜色 = red size = 3 > 已经拥有一个帐户? < br > < a href = login.php > 在此登录!< / a > < / font > < / center >
< / form >
< / div >
< / body >
< / html >
<? php
require conn.php;
if (isset($ _ POST [' 提交']))
{
if(!empty($ _ POST [ member_registration_username])&&!empty($ _ POST [ member_registration_password ])&&!empty($ _ POST [ member_registration_password_confirmation])&&!空($ _ POST [ member_registration_email])&&!empty($ _ POST [ member_registration_email_confirmation])&&!empty($ _ POST [ member_registration_forename])&&!empty($ _ POST [ < span class =code-string> member_registratio n_surname]))
{
$ member_registration_account_activation = 0 ;
$ member_registration_random_numbers = random_int(0,9999999999);
$ member_registration_username = trim($ _ POST [ member_registration_username]);
$ member_registration_forename = trim($ _ POST [ member_registration_forename]);
$ member_registration_surname = trim($ _ POST [ member_registration_surname]);
$ member_registration_password = trim($ _ POST [ member_registration_password]);
$ member_registration_password_confirmation = trim($ _ POST [ member_registration_password_confirmation]);
$ member_registration_email = trim($ _ POST [ member_registration_email]);
$ member_registration_email_confirmation = trim($ _ POST [ member_registration_email_confirmation]);
$ member_registration_account_activation_code = trim( $ member_registration_random_numbers );
$ member_registration_username = mysqli_real_escape_string($ conn,$ _ POST [
$ member_registration_forename = mysqli_real_escape_string($ conn,$ _ POST [ member_registration_forename]);
$ member_registration_surname = mysqli_real_escape_string($ conn,$ _ POST [ member_registration_surname]);
$ member_registration_password = mysqli_real_escape_string($ conn,$ _ POST [ member_registration_password]);
$ member_registration_password_confirmation = mysqli_real_escape_string($ conn,$ _ POST [ member_registration_password_confirmation]);
$ member_registration_email = mysqli_real_escape_string($ conn,$ _ POST [ member_registration_email]);
$ member_registration_email_confirmation = mysqli_real_escape_string($ conn,$ _ POST [ member_registration_email_confirmation]);
$ member_registration_account_activation_code = mysqli_real_escape_string($ conn,$ member_registrati on_account_activation_code);
if($ member_registration_email!= $ member_registration_email_confirmation)
{
echo < center>您的电子邮件输入不匹配!请尝试重新输入,然后重新提交。< / center>;
$ conn-> close();
exit();
}
else
{
}
if($ member_registration_password!= $ member_registration_password_confirmation)
{
echo < center>您的密码输入不匹配!请尝试再次输入,然后重新提交。< / center>;
$ conn-> close();
exit();
}
else
{
}
$ sql_check_username_in_pending_users = SELECT * FROM pending_users WHERE Username ='。$ member_registration_username 。 ';
$ result_username_in_pending_users = mysqli_query($ conn,$ sql_check_username_in_pending_ users);
if(mysqli_num_rows($ result_username_in_pending_use rs)> 0)
{
echo < script> alert('用户名$ member_registration_username正在等待注册!')< / script>;
exit();
}
$ sql_check_username_in_users = SELECT * FROM users WHERE Username ='。$ member_registration_username。 '< /跨度>;
$ result_username_in_users = mysqli_query($ conn,$ sql_check_username_in_users);
if(mysqli_num_rows($ result_username_in_users)> 0)
{
echo < script> alert('用户名$ member_registration_username已注册!')< / script>;
exit();
}
$ sql_check_email_in_pending_users = SELECT * FROM pending_users WHERE Email ='。$ member_registration_email。 '< /跨度>;
$ result_email_in_pending_users = mysqli_query($ conn,$ sql_check_email_in_pending_use rs);
if(mysqli_num_rows($ result_email_in_pending_users)> 0)
{
echo < script> alert('Email $ member_registration_email正在等待注册!')< / script>;
exit();
}
$ sql_check_email_in_users = SELECT * FROM users WHERE Email ='。$ member_registration_email。 '< /跨度>;
$ result_email_in_users = mysqli_query($ conn,$ sql_check_email_in_users);
if(mysqli_num_rows($result_email_in_users)>0)
{
echo \"<script>alert('That Email $member_registration_email is already registered!')</script>\";
exit();
}
$sql = \"INSERT INTO pending_users(Username,Password,Email,Forename,Sur name,Account_Activation_Code,Account_Activation) VALUES('\".$member_registration_username.\"','\".$mem ber_registration_password.\"','\".$member_registrati on_email.\"','\".$member_registration_forename.\"','\" .$member_registration_surname.\"','\".$member_regist ration_account_activation_code.\"','\".$member_regis tration_account_activation.\"')\";
if($conn->query($sql)===TRUE)
{
echo \"Data insertion into table success!\";
}
else
{
echo \"Data insertion into table failure!\";
$conn->close();
exit();
}
$to = \"$member_registration_email\";
$subject = \"Account Activation!\";
$body = \"$member_registration_forename $member_registration_surname,\n\n You need to click the following link to confirm your email address and activate your account.\n\n\
http://www.yourdomain.com/activate_account.php?email=$member_registration_em ail&&member_registration_account_activation_code=$ member_registration_account_activation_code\";
$from = \"YOUR EMAIL GO HERE\";
$message = \"from: $from\";
mail($to,$subject,$body,$message);
echo \"<script>alert('Check your email for further instructions!')</script>\";
$conn->close();
}
else
{
echo \"<script>alert('You must fill-in all input fields!')</script>\";
$conn->close();
}
}
?>
activate_account.php
<?php
session_start();
需要 conn.php;
//Grab User's (account activator's) email and account activation code from account activation link's url. Check for email and account activation code details in the account activation link's url.
if(!isset($_GET[\"email\"], $_GET[\"member_registration_account_activation_code\"]) === TRUE)
{
echo \"<script>alert('Invalid Email Address! Invalid Account Activation Link! This email is not registered! Try registering an account!')</script>\";
echo \"Invalid Email Address! Invalid Account Activation Link! This email is not registered! Try registering an account if you do not already have one! <a href=\"register.php\">Register here!</a>\";
$conn->close();
exit();
}
else
{
$confirmed_email = trim($_GET[\"email\"]);
$member_registration_account_activation_code = trim($_GET[\"member_registration_account_activation_code\"]);
$confirmed_email = mysqli_real_escape_string($conn,$confirmed_email);
$member_registration_account_activation_code = mysqli_real_escape_string($conn,$member_registration_account_activation_code);
//Check User's Username against \"users\" tbl to see if it has already been taken or not whilst the User was in midst of activating his/her account. Give error message if already taken.
$query = \"SELECT * FROM users WHERE Email = '\".$confirmed_email.\"'\";
$result = mysqli_query($conn,$query);
$numrows = mysqli_num_rows($result);
if($numrows != 0)
{
echo \"<script>alert('That email '\".$confirmed_email.\"' is already registered! So, just login!')</script>\";
echo \"That email '\".$confirmed_email.\"' is already registered! So, just <a href=\"login.php\">login here!</a>\";
$conn->close();
exit();
}
else
{
//Grab User's details from \"pending_users\" table. Search for User's data with his/her confirmed Email Address.
$query = \"SELECT * FROM pending_users WHERE Email = '\".$confirmed_email.\"'\";
$result = mysqli_query($conn,$query);
$numrows = mysqli_num_rows($result);
if($numrows = 0)
{
echo \"<script>alert('Invalid Email Address! Invalid Account Activation Link! This email is not registered! Try registering an account!')</script>\";
echo \"Invalid Email Address! Invalid Account Activation Link! This email is not registered! Try registering an account if you do not already have one! <a href=\"register.php\">Register here!</a>\";
$conn->close();
exit();
}
else
{
while($row = mysqli_fetch_assoc($result))
{
$db_id = $row[\"Id\"];
$db_username = $row[\"Username\"];
$db_password = $row[\"Password\"];
$db_email = $row[\"Email\"];
$db_forename = $row[\"Forename\"];
$db_surname = $row[\"Surname\"];
$db_account_activation_code = $row[\"Account_Activation_Code\"];
$db_account_activation = $row[\"Account_Activation\"];
if($db_account_activation != 0)
{
echo \"<script>alert('Since your account is already activated, why are you trying to activate it again ? Just login!')</script>\";
echo \"Since your account is already activated, why are you trying to activate it again ? Just <a href=\"login.php\">login here!</a>\";
$conn->close();
exit();
}
else
{
$conn->query(\"UPDATE pending_users SET Account_Activation 1 WHERE Email = '\".$confirmed_email.\"'\");
//Create table under $username to hold User's account activity data.
$sql = \"CREATE TABLE $db_username (
Id INT(10) UNSIGNED AUTO_INCREMENT PRIMARY KEY,
Date_&_Time TIMESTAMP NOT NULL ON UPDATE CURRENT_TIMESTAMP,
Account_Activation_Code varchar(10) NOT NULL,
Username varchar(30) NOT NULL,
Password varchar(32) NOT NULL,
Email varchar(50) NOT NULL,
Forename varchar(30) NOT NULL,
Surname varchar(30) NOT NULL,
Profile_Pic longblob NULL,
Bio varchar(250) NOT NULL,
Status_To_Friends varchar(180) NOT NULL)
Status_To_Public varchar(180) NOT NULL)\";
if ($conn->query($sql) != TRUE)
{
echo \"Error creating table under $username to hold User's account activity data!: \" . mysqli_error($康恩);
$conn->close();
}
else
{
//Copy $user's registration data from \"pending_users\" table to \"$username\" table.
$sql = \"INSERT INTO $db_username (Username,Password,Email,Forename,Surname,Account_Activation_Code) VALUES('$db_username','$db_password','$db_email','$db_forename','$db_surname','$db_account_activation_code')\";
if($conn->query($sql) != TRUE)
{
echo \"inserting data into $db_username table failed! \" . mysqli_error($康恩);
$conn->close();
}
else
{
//Copy $user's registration data from table \"pending_users\" to table \"users\".
$sql = \"INSERT INTO users (Username,Password,Email,Forename,Surname,Account_Activation_Code) VALUES('$db_username','$db_password','$db_email','$db_forename','$db_surname','$db_account_activation_code')\";
if($conn->query($sql) != TRUE)
{
echo \"inserting data into table users failed! \" . mysqli_error($康恩);
$conn->close();
}
else
{
$user = $db_username;
$userid = $db_id;
$_SESSION[\"user\"] = $user;
//Redirect newly activated user to his/her account homepage.
header(\"location:home.php\");
}
}
}
}
}
}
}
}
?>
login.php
<?php
session_start();
需要 conn.php;
if(isset($_POST[\"member_login_submit\"]))
{
if(!empty($_POST[\"member_login_username_or_email\"]) && !empty($_POST[\"member_login_password\"]))
{
$member_login_username_or_email = trim($_POST[\"member_login_username_or_email\"]);
$member_login_password = trim($_POST[\"member_login_password\"]);
$member_login_username_or_email = mysqli_real_escape_string($conn,$_POST[\"member_login_username_or_email\"]);
$member_login_password = mysqli_real_escape_string($conn,$_POST[\"member_login_password\"]);
$sql = \"SELECT * FROM users WHERE Username='\".$member_login_username_or_email.\"' OR Email='\".$member_login_username_or_email.\"' AND Password='\".$member_login_password.\"'\";
$result = mysqli_query($conn,$sql);
$numrows = mysqli_num_rows($result);
if($numrows != 0)
{
while ($row = mysqli_fetch_assoc($result))
{
$db_id = $row[\"Id\"];
$db_username = $row[\"Username\"];
$db_password = $row[\"Password\"];
$db_email = $row[\"Email\"];
if ($member_login_username_or_email == $db_username && $member_login_password == $db_password || $member_login_username_or_email == $db_email && $member_login_password == $db_password)
{
$user = $db_username;
$userid = $db_id;
$_SESSION[\"user\"] = $user;
if(!empty($_POST[\"member_login_remember\"]))
{
setcookie(\"member_login_username_or_email\", $member_login_username_or_email, time()+ (10 * 365 * 24 * 60 * 60));
setcookie(\"member_login_password\", $member_login_password, time()+ (10 * 365 * 24 * 60 * 60));
}
else
{
if(isset($_COOKIE[\"member_login_username_or_email\"]))
{
setcookie(\"member_login_username_or_email\", \"\", \"\");
}
if(isset($_COOKIE[\"member_login_password\"]))
{
setcookie(\"member_login_password\", \"\", \"\");
}
}
header(\"location:home.php\");
}
else
{
echo \"<script>alert('Incorrect account details!')</script>\";
$conn->close();
}
}
}
else
{
echo \"<script>alert('Incorrect User details!')</script>\";
$conn->close();
}
}
else
{
echo \"<script>alert('You must type in your account Username or Email and then the Password!')</script>\";
$conn->close();
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Member Login Page</title>
<meta charset=\"utf-8\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<link rel=\"stylesheet\" href=\"https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css /bootstrap.min.css\">
<script src=\"https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js\"></script>
<script src=\"https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js\"></script>
</head>
<body>
<div class = \"container\">
<form method=\"post\" action=\"\">
<center><h3>Member Login Form</h3></center>
<div class=\"text-danger\">
<div class=\"form-group\">
<center><label for=\"member-login-username-or-email\">Username/Email:</label>
<input type=\"text\" class=\"form-control\" placeholder=\"Enter Username or Email\" name=\"member_login_username_or_email\" value=\"<?php if(isset($_COOKIE[\"member_login_username_or_email\"])) echo $_COOKIE[\"member_login_username_or_email\"]; ?>\"</center>
</div>
<div class=\"form-group\">
<center><label for=\"member-login-password\">Password:</label>
<input type=\"password\" class=\"form-control\" placeholder=\"Enter password\" name=\"member_login_password\" value=\"<?php if(isset($_COOKIE[\"member_login_password\" ])) echo $_COOKIE[\"member_login_password\"] ;?>\"></center>
</div>
<div class=\"form-group\">
<center>& lt;label for=\"member-login-remember\">Remember Login Details:</label>
<input type=\"checkbox\" name=\"member_login_remember\" /></center>
</div>
<div class=\"form-group\">
<center><input type=\"submit\" name=\"member_login_submit\" value=\"Login\" class=\"button button-success\" /></center>
</div>
<div class=\"form-group\">
<center><font color=\"red\" size=\"3\">Forgot your password ?<br><a href=\"member_login_password_reset.php\">Reset it here!</a></font></center>
<center><font color=\"red\" size=\"3\">Not registered ?<br><a href=\"member_register.php\">Register here!</a></font></center>
</form>
</div>
</body>
</html>
home.php
<html>
<head>
<title>
$user Home Page
</title>
</head>
<body>
<body background=\".png\">
<?php
session_start();
需要 conn.php;
/ * 通过检查会话是否已设置或检查用户是否已登录不。
如果用户未登录,则重定向到登录页面。 Else, show user's account's homepage.php.*/
if(!isset($_SESSION[\"user\"]))
{
header(\"location:login.php\");
}
else
{
$user = $_SESSION[\"user\"];
$query = \"SELECT * FROM users WHERE Username = '\".$user.\"'\";
$result = mysqli_query($conn,$query);
while($row = mysqli_fetch_assoc($result))
{
$db_id = $row[\"Id\"];
$ db_username = $ row [ 用户名];
$ db_forename = $ row [ Forename];
$ db_surname = $ row [ 姓];
$ db_email = $ row [ 电子邮件];
$ db_bio = $ row [ Bio];
$ db_status = $ row [ 状态];
//Welcome user by name.
echo \"<center>Welcome <h2>$db_forename $db_surname!</center>\"?></h2>|
<?php
//Display log-out link.
echo \"<p align='right'><a href='logout.php'>$user Log Out</a>\";?>|</p><br>
<form method=\"post\" action=\"\">
<div class=\"form-group\">
<center><label for=\"post_status_to_friends\">Post Status To Friends:</label>
<input type=\"text\" class=\"form-control\" id=\"post_status_to_friends\" placeholder=\"Post Status To Friends\" name=\"post_status_to_friends\"></center><br>
<center><button type=\"submit\" class=\"btn btn-default\" name=\"post_status_to_friends\">Post Status To Friends!</button></center>
</div>
<form method=\"post\" action=\"\">
<div class=\"
<center><label for=\"post_status_to_public\">Post Status To Public:</label>
<input type=\"text\" class=\"form-control\" id=\"post_status_to_public\" placeholder=\"Post Status To Public\" name=\"post_status_to_public\"></center><br>
<center> <button type=\"submit\" class=\"btn btn-default\" name=\"post_status_to_public\">Post Status To Public!</button></center>
</div>
<?php
//Post User Status To Friends in $user table.
if (isset($_POST['post_status_to_friends']))
{
$status_to_friends = trim($_POST[\"post_status_to_friends\"]);
$status_to_friends = mysqli_real_escape_string($conn,$status_to_friends);
$conn->query(\"UPDATE $user SET Status_To_Friends $status_to_friends WHERE Username = '\".$user.\"'\");
if($conn->query($sql)===TRUE)
{
echo \"posted status for friends to $user table!\";
$conn->close();
exit();
}
else
{
echo \"posting status for friends to $user table failed!\";
$conn->close();
exit();
}
//Post User Status To Friends in users table.
$conn->query(\"UPDATE users SET Status_To_Friends $status_to_friends WHERE Username = '\".$user.\"'\");
if($conn->query($sql)===TRUE)
{
echo \"posted status for friends to users table!\";
$conn->close();
exit();
}
else
{
echo \"posting status for friends to users table failed!\";
$conn->close();
exit();
}
//Display User Status To Friends. Search for User's data with $user.
$query = \"SELECT * FROM $user WHERE Username = '\".$user.\"'\";
$result = mysqli_query($conn,$query);
$numrows = mysqli_num_rows($result);
if($numrows = 0)
{
echo \"No data!\";
$conn->close();
exit();
}
else
{
while($row = mysqli_fetch_assoc($result))
{
$db_status_to_friends = $row[\"Status_To_Friends\"];
}
echo \"<br>$user Status To Friends:<br>
$db_status_to_friends\";?><br>
<br>
<?php
//Post User Status To Public in $user table.
if (isset($_POST['post_status_to_public']))
{
$status_to_public = trim($_POST[\"post_status_to_public\"]);
$status_to_public = mysqli_real_escape_string($conn,$status_to_public);
$conn->query(\"UPDATE $user SET Status_To_Public $status_to_public WHERE Username = '\".$user.\"'\");
if($conn->query($sql)===TRUE)
{
echo \"posted status for public to $user table!\";
$conn->close();
exit();`
}
else
{
echo \"posting status for public to $user table failed!\";
$conn->close();
exit();
}
//Post User Status To Public in users table.
$conn->query(\"UPDATE users SET Status_To_Public $status_to_public WHERE Username = '\".$user.\"'\");
if($conn->query($sql)===TRUE)
{
echo \"posted status for public to users table!\";
$conn->close();
exit();
}
else
{
echo \"posting status for public to users table failed!\";
$conn->close();
exit();
}
//Display User Status To Public. Search for User's data with $user.
$query = \"SELECT * FROM $user WHERE Username = '\".$user.\"'\";
$result = mysqli_query($conn,$query);
$numrows = mysqli_num_rows($result);
if($numrows = 0)
{
echo \"No data!\";
$conn->close();
exit();
}
else
{
while($row = mysqli_fetch_assoc($result))
{
$db_status_to_public = $row[\"Status_To_Public\"];
}
echo \"<br>$user Status To Public:<br>
$db_status_to_public\";?><br>
<br>
<?php
//Display User Bio.
echo \"<br>Bio:<br>
$db_bio\";?><br>
<br>
<?php
//Display iFrame.?>
<iframe src=\"https://www.w3schools.com\"></iframe>
<?php
}
}
}
?>
</body>
</html>query = \"SELECT * FROM users WHERE Username = ’\".
user.\"’\";
to:query = \"SELECT * FROM users WHERE Username = ’
Programming Buddies,
Here's my latest script. It is a member reg-login script.
It registers you and gets you to activate your account confirming your email and then auto logs you into your account. It uses cookies to remember your user details. It was working fine until I added the feature for you to make posts to your friends or the public.
I get error:
PHP Parse error: syntax error, unexpected '"', expecting '-' or identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in /home/sn/public_html/sn/home.php on line 168
On many lines, I changed from:
$query = "SELECT * FROM users WHERE Username = '".$user."'";
to:
$query = "SELECT * FROM users WHERE Username = '$user';
but no luck in getting rid of the error. You will see line 168 doesn't have any ".
I use notepad++. Error mssg seems irrelevant.
And so, looking at the error and my script, what do you think the problem is ? Best to c
heck my code on your wamp/xampp to really understand the problem.
Thank You!
PPS - Script in next post.
What I have tried:
Coded differently over and over.
register.php
<!DOCTYPE html>
<html>
<head>
<title>Signup Page</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
</head>
<body>
<div class = "container">
<center><h2>Signup Form</h2></center>
<form method="post" action="">
<div class="form-group">
<center><label for="username">Username:</label>
<input type="text" class="form-control" id="user" placeholder="Enter a unique Username" name="member_registration_username"></center>
</div>
<div class="form-group">
<center><label for="password">Password:</label>
<input type="password" class="form-control" id="pwd" placeholder="Enter new Password" name="member_registration_password"></center>
</div>
<div class="form-group">
<center><label for="password">Repeat Password:</label>
<input type="password" class="form-control" id="member_registration_repeat_pwd" placeholder="Repeat new Password" name="member_registration_password_confirmation"></center>
</div>
<div class="form-group">
<center><label for="forename">First Name:</label>
<input type="text" class="form-control" id="member_registration_first_name" placeholder="Enter your First Name" name="member_registration_forename"></center>
</div>
<div class="form-group">
<center><label for="surname">Surname:</label>
<input type="text" class="form-control" id="member_registration_last_name" placeholder="Enter your Surname" name="member_registration_surname"></center>
</div>
<div class="form-group">
<center><label for="email">Email:</label>
<input type="email" class="form-control" id="member_registration_email" placeholder="Enter your Email" name="member_registration_email"></center>
</div>
<div class="form-group">
<center><label for="email">Repeat Email:</label>
<input type="email" class="form-control" id="member_registration_repeat_email" placeholder="Repeat your Email" name="member_registration_email_confirmation"></center>
</div>
<center><button type="submit" class="btn btn-default" name="submit">Register!</button></center>
<center><font color="red" size="3">Already have an account ?<br><a href="login.php">Login here!</a></font></center>
</form>
</div>
</body>
</html>
<?php
require "conn.php";
if (isset($_POST['submit']))
{
if(!empty($_POST["member_registration_username"]) && !empty($_POST["member_registration_password"])&& !empty($_POST["member_registration_password_confirmation"])&& !empty($_POST["member_registration_email"])&& !empty($_POST["member_registration_email_confirmation"])&& !empty($_POST["member_registration_forename"])&& !empty($_POST["member_registration_surname"]))
{
$member_registration_account_activation = 0;
$member_registration_random_numbers = random_int(0, 9999999999);
$member_registration_username = trim($_POST["member_registration_username"]);
$member_registration_forename = trim($_POST["member_registration_forename"]);
$member_registration_surname = trim($_POST["member_registration_surname"]);
$member_registration_password = trim($_POST["member_registration_password"]);
$member_registration_password_confirmation = trim($_POST["member_registration_password_confirmation"]);
$member_registration_email = trim($_POST["member_registration_email"]);
$member_registration_email_confirmation = trim($_POST["member_registration_email_confirmation"]);
$member_registration_account_activation_code = trim("$member_registration_random_numbers");
$member_registration_username = mysqli_real_escape_string($conn,$_POST["member_registration_username"]);
$member_registration_forename = mysqli_real_escape_string($conn,$_POST["member_registration_forename"]);
$member_registration_surname = mysqli_real_escape_string($conn,$_POST["member_registration_surname"]);
$member_registration_password = mysqli_real_escape_string($conn,$_POST["member_registration_password"]);
$member_registration_password_confirmation = mysqli_real_escape_string($conn,$_POST["member_registration_password_confirmation"]);
$member_registration_email = mysqli_real_escape_string($conn,$_POST["member_registration_email"]);
$member_registration_email_confirmation = mysqli_real_escape_string($conn,$_POST["member_registration_email_confirmation"]);
$member_registration_account_activation_code = mysqli_real_escape_string($conn,$member_registrati on_account_activation_code);
if($member_registration_email != $member_registration_email_confirmation)
{
echo "<center>Your email inputs do not match! Try inputting again and then re-submit.</center>";
$conn->close();
exit();
}
else
{
}
if($member_registration_password != $member_registration_password_confirmation)
{
echo "<center>Your password inputs do not match! Try inputting again and then re-submit.</center>";
$conn->close();
exit();
}
else
{
}
$sql_check_username_in_pending_users = "SELECT * FROM pending_users WHERE Username='".$member_registration_username."'";
$result_username_in_pending_users = mysqli_query($conn,$sql_check_username_in_pending_ users);
if(mysqli_num_rows($result_username_in_pending_use rs)>0)
{
echo "<script>alert('That Username $member_registration_username is pending registration!')</script>";
exit();
}
$sql_check_username_in_users = "SELECT * FROM users WHERE Username='".$member_registration_username."'";
$result_username_in_users = mysqli_query($conn,$sql_check_username_in_users);
if(mysqli_num_rows($result_username_in_users)>0)
{
echo "<script>alert('That Username $member_registration_username is already registered!')</script>";
exit();
}
$sql_check_email_in_pending_users = "SELECT * FROM pending_users WHERE Email='".$member_registration_email."'";
$result_email_in_pending_users = mysqli_query($conn,$sql_check_email_in_pending_use rs);
if(mysqli_num_rows($result_email_in_pending_users) >0)
{
echo "<script>alert('That Email $member_registration_email is pending registration!')</script>";
exit();
}
$sql_check_email_in_users = "SELECT * FROM users WHERE Email='".$member_registration_email."'";
$result_email_in_users = mysqli_query($conn,$sql_check_email_in_users);
if(mysqli_num_rows($result_email_in_users)>0)
{
echo "<script>alert('That Email $member_registration_email is already registered!')</script>";
exit();
}
$sql = "INSERT INTO pending_users(Username,Password,Email,Forename,Sur name,Account_Activation_Code,Account_Activation) VALUES('".$member_registration_username."','".$mem ber_registration_password."','".$member_registrati on_email."','".$member_registration_forename."','" .$member_registration_surname."','".$member_regist ration_account_activation_code."','".$member_regis tration_account_activation."')";
if($conn->query($sql)===TRUE)
{
echo "Data insertion into table success!";
}
else
{
echo "Data insertion into table failure!";
$conn->close();
exit();
}
$to = "$member_registration_email";
$subject = "Account Activation!";
$body = "$member_registration_forename $member_registration_surname,\n\n You need to click the following link to confirm your email address and activate your account.\n\n\
http://www.yourdomain.com/activate_account.php?email=$member_registration_em ail&&member_registration_account_activation_code=$ member_registration_account_activation_code";
$from = "YOUR EMAIL GO HERE";
$message = "from: $from";
mail($to,$subject,$body,$message);
echo "<script>alert('Check your email for further instructions!')</script>";
$conn->close();
}
else
{
echo "<script>alert('You must fill-in all input fields!')</script>";
$conn->close();
}
}
?>
activate_account.php
<?php
session_start();
require "conn.php";
//Grab User's (account activator's) email and account activation code from account activation link's url. Check for email and account activation code details in the account activation link's url.
if(!isset($_GET["email"], $_GET["member_registration_account_activation_code"]) === TRUE)
{
echo "<script>alert('Invalid Email Address! Invalid Account Activation Link! This email is not registered! Try registering an account!')</script>";
echo "Invalid Email Address! Invalid Account Activation Link! This email is not registered! Try registering an account if you do not already have one! <a href="register.php">Register here!</a>";
$conn->close();
exit();
}
else
{
$confirmed_email = trim($_GET["email"]);
$member_registration_account_activation_code = trim($_GET["member_registration_account_activation_code"]);
$confirmed_email = mysqli_real_escape_string($conn,$confirmed_email);
$member_registration_account_activation_code = mysqli_real_escape_string($conn,$member_registration_account_activation_code);
//Check User's Username against "users" tbl to see if it has already been taken or not whilst the User was in midst of activating his/her account. Give error message if already taken.
$query = "SELECT * FROM users WHERE Email = '".$confirmed_email."'";
$result = mysqli_query($conn,$query);
$numrows = mysqli_num_rows($result);
if($numrows != 0)
{
echo "<script>alert('That email '".$confirmed_email."' is already registered! So, just login!')</script>";
echo "That email '".$confirmed_email."' is already registered! So, just <a href="login.php">login here!</a>";
$conn->close();
exit();
}
else
{
//Grab User's details from "pending_users" table. Search for User's data with his/her confirmed Email Address.
$query = "SELECT * FROM pending_users WHERE Email = '".$confirmed_email."'";
$result = mysqli_query($conn,$query);
$numrows = mysqli_num_rows($result);
if($numrows = 0)
{
echo "<script>alert('Invalid Email Address! Invalid Account Activation Link! This email is not registered! Try registering an account!')</script>";
echo "Invalid Email Address! Invalid Account Activation Link! This email is not registered! Try registering an account if you do not already have one! <a href="register.php">Register here!</a>";
$conn->close();
exit();
}
else
{
while($row = mysqli_fetch_assoc($result))
{
$db_id = $row["Id"];
$db_username = $row["Username"];
$db_password = $row["Password"];
$db_email = $row["Email"];
$db_forename = $row["Forename"];
$db_surname = $row["Surname"];
$db_account_activation_code = $row["Account_Activation_Code"];
$db_account_activation = $row["Account_Activation"];
if($db_account_activation != 0)
{
echo "<script>alert('Since your account is already activated, why are you trying to activate it again ? Just login!')</script>";
echo "Since your account is already activated, why are you trying to activate it again ? Just <a href="login.php">login here!</a>";
$conn->close();
exit();
}
else
{
$conn->query("UPDATE pending_users SET Account_Activation 1 WHERE Email = '".$confirmed_email."'");
//Create table under $username to hold User's account activity data.
$sql = "CREATE TABLE $db_username (
Id INT(10) UNSIGNED AUTO_INCREMENT PRIMARY KEY,
Date_&_Time TIMESTAMP NOT NULL ON UPDATE CURRENT_TIMESTAMP,
Account_Activation_Code varchar(10) NOT NULL,
Username varchar(30) NOT NULL,
Password varchar(32) NOT NULL,
Email varchar(50) NOT NULL,
Forename varchar(30) NOT NULL,
Surname varchar(30) NOT NULL,
Profile_Pic longblob NULL,
Bio varchar(250) NOT NULL,
Status_To_Friends varchar(180) NOT NULL)
Status_To_Public varchar(180) NOT NULL)";
if ($conn->query($sql) != TRUE)
{
echo "Error creating table under $username to hold User's account activity data!: " . mysqli_error($conn);
$conn->close();
}
else
{
//Copy $user's registration data from "pending_users" table to "$username" table.
$sql = "INSERT INTO $db_username (Username,Password,Email,Forename,Surname,Account_Activation_Code) VALUES('$db_username','$db_password','$db_email','$db_forename','$db_surname','$db_account_activation_code')";
if($conn->query($sql) != TRUE)
{
echo "inserting data into $db_username table failed! " . mysqli_error($conn);
$conn->close();
}
else
{
//Copy $user's registration data from table "pending_users" to table "users".
$sql = "INSERT INTO users (Username,Password,Email,Forename,Surname,Account_Activation_Code) VALUES('$db_username','$db_password','$db_email','$db_forename','$db_surname','$db_account_activation_code')";
if($conn->query($sql) != TRUE)
{
echo "inserting data into table users failed! " . mysqli_error($conn);
$conn->close();
}
else
{
$user = $db_username;
$userid = $db_id;
$_SESSION["user"] = $user;
//Redirect newly activated user to his/her account homepage.
header("location:home.php");
}
}
}
}
}
}
}
}
?>
login.php
<?php
session_start();
require "conn.php";
if(isset($_POST["member_login_submit"]))
{
if(!empty($_POST["member_login_username_or_email"]) && !empty($_POST["member_login_password"]))
{
$member_login_username_or_email = trim($_POST["member_login_username_or_email"]);
$member_login_password = trim($_POST["member_login_password"]);
$member_login_username_or_email = mysqli_real_escape_string($conn,$_POST["member_login_username_or_email"]);
$member_login_password = mysqli_real_escape_string($conn,$_POST["member_login_password"]);
$sql = "SELECT * FROM users WHERE Username='".$member_login_username_or_email."' OR Email='".$member_login_username_or_email."' AND Password='".$member_login_password."'";
$result = mysqli_query($conn,$sql);
$numrows = mysqli_num_rows($result);
if($numrows != 0)
{
while ($row = mysqli_fetch_assoc($result))
{
$db_id = $row["Id"];
$db_username = $row["Username"];
$db_password = $row["Password"];
$db_email = $row["Email"];
if ($member_login_username_or_email == $db_username && $member_login_password == $db_password || $member_login_username_or_email == $db_email && $member_login_password == $db_password)
{
$user = $db_username;
$userid = $db_id;
$_SESSION["user"] = $user;
if(!empty($_POST["member_login_remember"]))
{
setcookie("member_login_username_or_email", $member_login_username_or_email, time()+ (10 * 365 * 24 * 60 * 60));
setcookie("member_login_password", $member_login_password, time()+ (10 * 365 * 24 * 60 * 60));
}
else
{
if(isset($_COOKIE["member_login_username_or_email"]))
{
setcookie("member_login_username_or_email", "", "");
}
if(isset($_COOKIE["member_login_password"]))
{
setcookie("member_login_password", "", "");
}
}
header("location:home.php");
}
else
{
echo "<script>alert('Incorrect account details!')</script>";
$conn->close();
}
}
}
else
{
echo "<script>alert('Incorrect User details!')</script>";
$conn->close();
}
}
else
{
echo "<script>alert('You must type in your account Username or Email and then the Password!')</script>";
$conn->close();
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Member Login Page</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
</head>
<body>
<div class = "container">
<form method="post" action="">
<center><h3>Member Login Form</h3></center>
<div class="text-danger">
<div class="form-group">
<center><label for="member-login-username-or-email">Username/Email:</label>
<input type="text" class="form-control" placeholder="Enter Username or Email" name="member_login_username_or_email" value="<?php if(isset($_COOKIE["member_login_username_or_email"])) echo $_COOKIE["member_login_username_or_email"]; ?>"</center>
</div>
<div class="form-group">
<center><label for="member-login-password">Password:</label>
<input type="password" class="form-control" placeholder="Enter password" name="member_login_password" value="<?php if(isset($_COOKIE["member_login_password"])) echo $_COOKIE["member_login_password"] ;?>"></center>
</div>
<div class="form-group">
<center><label for="member-login-remember">Remember Login Details:</label>
<input type="checkbox" name="member_login_remember" /></center>
</div>
<div class="form-group">
<center><input type="submit" name="member_login_submit" value="Login" class="button button-success" /></center>
</div>
<div class="form-group">
<center><font color="red" size="3">Forgot your password ?<br><a href="member_login_password_reset.php">Reset it here!</a></font></center>
<center><font color="red" size="3">Not registered ?<br><a href="member_register.php">Register here!</a></font></center>
</form>
</div>
</body>
</html>
home.php
<html>
<head>
<title>
$user Home Page
</title>
</head>
<body>
<body background=".png">
<?php
session_start();
require "conn.php";
/*Check if user is logged-in or not by checking if session is set or not.
If user is not logged-in then redirect to login page. Else, show user's account's homepage.php.*/
if(!isset($_SESSION["user"]))
{
header("location:login.php");
}
else
{
$user = $_SESSION["user"];
$query = "SELECT * FROM users WHERE Username = '".$user."'";
$result = mysqli_query($conn,$query);
while($row = mysqli_fetch_assoc($result))
{
$db_id = $row["Id"];
$db_username = $row["Username"];
$db_forename = $row["Forename"];
$db_surname = $row["Surname"];
$db_email = $row["Email"];
$db_bio = $row["Bio"];
$db_status = $row["Status"];
//Welcome user by name.
echo "<center>Welcome <h2>$db_forename $db_surname!</center>"?></h2>|
<?php
//Display log-out link.
echo "<p align='right'><a href='logout.php'>$user Log Out</a>";?>|</p><br>
<form method="post" action="">
<div class="form-group">
<center><label for="post_status_to_friends">Post Status To Friends:</label>
<input type="text" class="form-control" id="post_status_to_friends" placeholder="Post Status To Friends" name="post_status_to_friends"></center><br>
<center><button type="submit" class="btn btn-default" name="post_status_to_friends">Post Status To Friends!</button></center>
</div>
<form method="post" action="">
<div class="form-group">
<center><label for="post_status_to_public">Post Status To Public:</label>
<input type="text" class="form-control" id="post_status_to_public" placeholder="Post Status To Public" name="post_status_to_public"></center><br>
<center><button type="submit" class="btn btn-default" name="post_status_to_public">Post Status To Public!</button></center>
</div>
<?php
//Post User Status To Friends in $user table.
if (isset($_POST['post_status_to_friends']))
{
$status_to_friends = trim($_POST["post_status_to_friends"]);
$status_to_friends = mysqli_real_escape_string($conn,$status_to_friends);
$conn->query("UPDATE $user SET Status_To_Friends $status_to_friends WHERE Username = '".$user."'");
if($conn->query($sql)===TRUE)
{
echo "posted status for friends to $user table!";
$conn->close();
exit();
}
else
{
echo "posting status for friends to $user table failed!";
$conn->close();
exit();
}
//Post User Status To Friends in users table.
$conn->query("UPDATE users SET Status_To_Friends $status_to_friends WHERE Username = '".$user."'");
if($conn->query($sql)===TRUE)
{
echo "posted status for friends to users table!";
$conn->close();
exit();
}
else
{
echo "posting status for friends to users table failed!";
$conn->close();
exit();
}
//Display User Status To Friends. Search for User's data with $user.
$query = "SELECT * FROM $user WHERE Username = '".$user."'";
$result = mysqli_query($conn,$query);
$numrows = mysqli_num_rows($result);
if($numrows = 0)
{
echo "No data!";
$conn->close();
exit();
}
else
{
while($row = mysqli_fetch_assoc($result))
{
$db_status_to_friends = $row["Status_To_Friends"];
}
echo "<br>$user Status To Friends:<br>
$db_status_to_friends";?><br>
<br>
<?php
//Post User Status To Public in $user table.
if (isset($_POST['post_status_to_public']))
{
$status_to_public = trim($_POST["post_status_to_public"]);
$status_to_public = mysqli_real_escape_string($conn,$status_to_public);
$conn->query("UPDATE $user SET Status_To_Public $status_to_public WHERE Username = '".$user."'");
if($conn->query($sql)===TRUE)
{
echo "posted status for public to $user table!";
$conn->close();
exit();`
}
else
{
echo "posting status for public to $user table failed!";
$conn->close();
exit();
}
//Post User Status To Public in users table.
$conn->query("UPDATE users SET Status_To_Public $status_to_public WHERE Username = '".$user."'");
if($conn->query($sql)===TRUE)
{
echo "posted status for public to users table!";
$conn->close();
exit();
}
else
{
echo "posting status for public to users table failed!";
$conn->close();
exit();
}
//Display User Status To Public. Search for User's data with $user.
$query = "SELECT * FROM $user WHERE Username = '".$user."'";
$result = mysqli_query($conn,$query);
$numrows = mysqli_num_rows($result);
if($numrows = 0)
{
echo "No data!";
$conn->close();
exit();
}
else
{
while($row = mysqli_fetch_assoc($result))
{
$db_status_to_public = $row["Status_To_Public"];
}
echo "<br>$user Status To Public:<br>
$db_status_to_public";?><br>
<br>
<?php
//Display User Bio.
echo "<br>Bio:<br>
$db_bio";?><br>
<br>
<?php
//Display iFrame.?>
<iframe src="https://www.w3schools.com"></iframe>
<?php
}
}
}
?>
</body>
</html>
query = "SELECT * FROM users WHERE Username = '".
user."'";
to:
query = "SELECT * FROM users WHERE Username = '
