dongting3135 2015-12-04 14:30
浏览 40
已采纳

带有base64_encode的PDO部分工作

(I always search and found answers here for many years. This is my first post, hoping I'm doing it right...)

In my user_class.php is all the code to register, verify forgot pw, send mail, etc. But also this function:

USER_CLASS.php

public function lastID()
{
    $stmt = $this->conn->lastInsertId();
    return $stmt;
}

In my signup.php everything works as expected; the row is inserted correctly into the database tbl_users, with the code from:

SIGNUP.php

$code = md5(uniqid(rand()));

Also, the email is send correctly with the activation link as in the code below.

SIGNUP.php

else
{
    if($reg_user->register($uname,$email,$upass,$code,$iagree,$userip))
    {           
        $id = $reg_user->lastID();      
        $key = base64_encode($id);
        $id = $key;


        $message = "                    
                    Hello $uname,
                    <br /><br />
                    Welcome to XXXXX.<br/>
                    To complete your registration  please , follow the link below:<br/>
                    <br /><br />
                    <a href='http://example.com/verify.php?id=$id&code=$code'>Click here to Activate your account.</a>

When I compare the the code ($code) with the code stored in the table, it is correct (the same) as it should be.

The PROBLEM is that when I follow the activation link, my verify.php page cannot find that record in the table:

VERIFY.php

if(empty($_GET['id']) && empty($_GET['code']))
{
    $user->redirect('index.php');
}

if(isset($_GET['id']) && isset($_GET['code']))
{
    $id = base64_decode($_GET['id']);
    $code = $_GET['code'];

    $statusY = "Y";
    $statusN = "N";

$stmt = $user->runQuery("SELECT userID,userStatus FROM tbl_users WHERE userID=:uID AND tokenCode=:code LIMIT 1");
$stmt->execute(array(":uID"=>$id,":code"=>$code));
$row=$stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() > 0)
{
    if($row['userStatus']==$statusN)
    {
        $stmt = $user->runQuery("UPDATE tbl_users SET userStatus=:status WHERE userID=:uID");
        $stmt->bindparam(":status",$statusY);
        $stmt->bindparam(":uID",$id);
        $stmt->execute();   

        $msg = "
               <div class='alert alert-success'>
               <button class='close' data-dismiss='alert'>&times;</button>
                  <strong>Thank you.</strong>  Your Account is now activated : <a href='index.php'>Login here</a>
               </div>
               ";   
    }
    else
    {
        $msg = "
               <div class='alert alert-error'>
               <button class='close' data-dismiss='alert'>&times;</button>
                  Your Account is already Activated : <a href='index.php'>Login here</a>
               </div>
               ";
    }
}
else
{
    $msg = "
           <div class='alert alert-error'>
           <button class='close' data-dismiss='alert'>&times;</button>
           No Account Found : <a href='signup.php'>Signup here</a>
           </div>
           ";
  } 
}

Following the verify link from the email takes me to verify.php and then the error:

$msg = "
           <div class='alert alert-error'>
           <button class='close' data-dismiss='alert'>&times;</button>
           No Account Found : <a href='signup.php'>Signup here</a>
           </div>
           ";

The PROBLEM, I think, is in signup.php, specifically with $key :

$id = $reg_user->lastID();      
$key = base64_encode($id);
$id = $key;

The reason i think it's $key, is because the email's verify-account link looks like this:

http://www.example.com/verify.php?id=MTUz&code=c74f01c3ea3edf807b21fc4ea28a41cb

Now, I clearly don't know much, and I admit at being a beginner, but the MTUz bit is what seems the be the issue. The only thing I could come up with is that the MTU is something to do woth exceeding the size of something.

I admit that I haven't tried anything else because I don't know where to start.

Please point me in the right direction.

Thank you.

CREDIT to the original author of the script: codingcage(dot)com/2015/09/login-registration-email-verification-forgot-password-php.html

  • 写回答

1条回答 默认 最新

  • dstew32424 2015-12-05 05:33
    关注

    MAJOR FAIL on my part.

    @Marc B - thank you, var_dump($_GET) is what pointed out my mistake.

    I apologize profoundly for taking up your time with my stupid mistake.

    There is absolutely nothing wrong with any of the code, except for the following in user_class.php:

    public function lastID()
{
    $stmt = $this->conn->lastInsertId();
    return $stmt;
}

    Specifically lastInsertId();

    This last id is of course what the verify.php is looking for:

    $id = base64_decode($_GET['id']);

    This all works correctly as it should.

    The problem (MY mistake) was this:

    I had two INSERT INTO statements;

    FIRTS > INSERT INTO tbl_user < the new signup user.

    SECOND > INSERT INTO tbl_another < stuff I need.

    So obviously `lastInsertId();' was taking the ID from tbl_another.

    And lastInsertId is just that, >> LAST <<

    I simply change the order of the INSERT INTO so that tbl_users' ID is last

    All now works correctly. I feel such an idiot - spend days on it and then out of desperation - sought help here.

    Thank you for your time anyway. Jamie.

    PS: How do I mark this post as SOLVED ? [EDIT] Found it - click the check-mark to accept answer, correct? but can do so only tomorrow.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥20 关于#stm32#的问题:需要指导自动酸碱滴定仪的原理图程序代码及仿真
  • ¥20 设计一款异域新娘的视频相亲软件需要哪些技术支持
  • ¥15 stata安慰剂检验作图但是真实值不出现在图上
  • ¥15 c程序不知道为什么得不到结果
  • ¥40 复杂的限制性的商函数处理
  • ¥15 程序不包含适用于入口点的静态Main方法
  • ¥15 素材场景中光线烘焙后灯光失效
  • ¥15 请教一下各位,为什么我这个没有实现模拟点击
  • ¥15 执行 virtuoso 命令后,界面没有,cadence 启动不起来
  • ¥50 comfyui下连接animatediff节点生成视频质量非常差的原因