Hi friends am trying to create a sign up form that will generate an auto password for users and a hash key that will be needed for email verification before one can log in to their account but am having a problem, the values cannot be entered into the database. please help. here is my code.
if(isset($_GET['usertype'])){
$user=$_GET['usertype'];
if($user==1){
$acc="Starter Account";
}
else if($user==2){
$acc="Basic Account";
}
else{
$acc="Premium Account";
}
$hash_key=md5(rand(0,1000));
$pass=md5(rand(1000,5000));
if(isset($_POST['add'])){
$first_name=mysqli_real_escape_string($con, $_POST['first_name']);
$surname=mysqli_real_escape_string($con, $_POST['surname']);
$username=mysqli_real_escape_string($con, $_POST['username']);
$email=mysqli_real_escape_string($con, $_POST['email']);
$timestamp=strtotime("+21 Days");
$o_date=date('Y-m-d H:i:s', $timestamp);
$j_date=date('Y-m-d H:i:s');
if (( !preg_match ("/^[a-zA-Z\s]+$/",$first_name))||(strlen($first_name) < 3)) {
$first_name_error= "<p class='text-danger'>Your first name should contain letters only and must not be less than 3 characters</p>";
}
if (( !preg_match ("/^[a-zA-Z\s]+$/",$surname))||(strlen($surname) < 3)) {
$surname_error= "<p class='text-danger'>Your surname should contain letters only and must not be less than 3 characters</p>";
}
if (( !preg_match ("/^[a-zA-Z\s]+$/",$username))||(strlen($username) < 3)) {
$username_error= "<p class='text-danger'>Your username should contain letters only and must not be less than 3 characters</p>";
}
if(!filter_var($email,FILTER_VALIDATE_EMAIL)){
$email_error= "<p class='text-danger'>Please use a valid email</p>";
}
if(mysqli_num_rows(mysqli_query($con,"SELECT * FROM users WHERE username='$username'"))>0){
$username_rep_error="That username is already taken";
}
if(mysqli_num_rows(mysqli_query($con,"SELECT * FROM users WHERE email='$email'"))>0){
$email_rep_error="That email is already taken";
}
if((empty($first_name_error))&&(empty($surname_error))&&(empty($username_error))&&(empty($username_rep_error))&&(empty($email_rep_error))&&(empty($email_error))){
if(mysqli_query($con,"INSERT INTO users (first_name,surname,username,email,password,account,join_date,offer_expirely,hash_key) VALUES('$first_name','$surname','$username','$email','$pass','$acc','$j_date','$o_date','$hash_key')")){
$to = $email; // Send email to our user
$subject = 'Signup | Verification'; // Give the email a subject $message = '
Thanks for signing up! Your account has been created, you can login with the following credentials after you have activated your account by pressing the url below.
Username: '.$username.'
Password: '.$password.'
Please click this link to activate your account: http://www.mysite.co.ke/verify.php?email='.$email.'&hash='.$hash.'
'; // Our message above including the link
$headers = 'From:noreply@mysite.co.ke' . "
"; // Set from headers
mail($to, $subject, $message, $headers); // Send our email
$valid_msg="Your account has been made,
please verify it by clicking the activation link that has been sent to your email.
} }