Register/login/ form- activation link












-2















So i have been taking a course in webdevelopment and while building a website i started having issues when creating register/login page. When i leave values blank in the register form and hit "submit". I get the errors missing "username, email, password etc." however, it stores the empty values in my database. Another issue, is when i type in the password, it will prompt me how long the password should be even after i put the correct value for password, then it doesn't prompt me to confirm the new passwords so they match. Even putting any password it will accept it and i will get both the error that the password should be at least 8 char long, 1 capital letter etc. but i will also get a "success" message saying that i have received an "activation link" in email. When i click the activation link, it say "activated" and says so in database, but when i try to login with the info, it says "wrong username or password".



I am very new to all this but i just could not find the solution to this.



This is my code in register



<!--Start a session-->

<?php

session_start();





//here we are connecting to db by linking the file to connection.php

include('connections.php');



//Check user inputs

//    Define error message



$missingUsername = '<p><strong>Please enter the username!</strong></p>';

$missingEmail = '<p><strong>Please enter your email!</strong></p>';

$invalidEmail = '<p><strong>Please enter a valid email</strong></p>';

$missingPassword = '<p><strong>Please enter a password!</strong></p>';

$invalidPassword = '<p><strong>Your password should be at least 8 characters long and include one capital letter and one number!</strong></p>';

$differentPassword2 = '<p><strong>The passwords don't match!</strong></p>';

$missingPassword2 = '<p><strong>Please enter password again</strong></p>';





//Get username, email, password, passwowrd2



//GET USERNAME

if(empty($_POST["username"])){



    $errors .= $missingUsername;



}else{

    $username = filter_var($_POST["username"], FILTER_SANITIZE_STRING);

}



//GET EMAIL

if(empty($_POST["email"])){



$errors .= $missingEmail;



}else{

    $email = filter_var($_POST["email"], FILTER_SANITIZE_EMAIL);



//    VALIDATING EMAIL if email invalid

if(!filter_var($email, FILTER_VALIDATE_EMAIL)){



    $errors .= $invalidEmail;

}    



}

//GET PASSWORDs



if(empty($_POST["password"])){



    $errors .= $missingPassword;



}elseif(!(strlen($_POST["password"])>8 

         and preg_match('/[A-Z]/',$_POST["password"])

         and preg_match('/[0-9]/',$_POST["password"]))){



    $errors .= $invalidPassword;



}else{

        $password = filter_var($_POST["password"], FILTER_SANITIZE_STRING);



//IF SECOND PASSWORD MISSING 



    if(empty($_POST["password2"])){



    $errors .= $missingPassword2;

}else{

    $password2 = filter_var($_POST["password2"], FILTER_SANITIZE_STRING);



        if($password !== $password2){



        $errors .= $differentPassword;

    }

  }

}



//IF THERE ARE ANY ERRROR    PRINT ERRORS



if($errors){

    $resultMessage = '<div class="alert alert-danger">' . $errors . '</div>';

    echo $resultMessage;

}



//IF THERE ARE NO ERRORS



$username = mysqli_real_escape_string($link,$username);



$email = mysqli_real_escape_string($link,$email);



$password = mysqli_real_escape_string($link,$password);



//hashing password



//$_Password = md5($_Password);

$password = hash('sha256',$password);

//128 bits -> 32 characters

//256 bits ->64 characters



//IF *USERNAME* EXISTS IN THE USERS TABLE PRINT ERROR





$sql = "SELECT * FROM users WHERE username = '$username'";

$result = mysqli_query($link, $sql);

if(!$result){

    echo '<div class="alert alert-danger">Error running the query!</div>';



    //echo '<div class="alert alert-danger">'. mysqli_error($link).'</div>';



    exit;

}

$results = mysqli_num_rows($result);

if($results){

    echo '<div class="alert alert-danger">That username is already registered. Do you want to log in?</div>';



    exit;

}



//IF THE *EMAIL* exists in the users table print error    



  $sql = "SELECT * FROM users WHERE email = '$email'";

$result = mysqli_query($link, $sql);

if(!$result){

    echo '<div class="alert alert-danger">Error running the query!</div>';



    exit;

}

$results = mysqli_num_rows($result);

if($results){

    echo '<div class="alert alert-danger">That email is already registered. Do you want to login?</div>';



    exit;

}



//CREATE A UNIQUE ACTIVATION CODE



$activationKey =

 bin2hex(openssl_random_pseudo_bytes(16));

//     bytes:unit of data = 8 bits

//     bit: 0 or 1

//     16 bytes = 16 * 8= 128 bits

//     (2*2*2*2)*2*2*2*2...*2

//     16*16*...*16

//     32 characters



//INSERT USER DETAILS AND ACTIVATION CODE IN THE USERS TABLE



 $sql = "INSERT INTO users (username, email, password, activation) VALUES ('$username', '$email', '$password', '$activationKey')";   



 $result =  mysqli_query($link, $sql);



 if(!$result){

     echo '<div class="alert alert-danger">There was an error inserting users detail in the database!</div>';



     exit;

 }   



 //SEND THE USER AN EMAIL WITH A LINK TO ACTIVATE.PHP WITH THEIR EMAIL AND ACTIVATION CODE

$message = "Please click on this link to activate your account:nn";

$message .= "" . urlencode($email) . "&key=$activationKey";



if(mail($email, 'Confirm your registration', $message, 'From:'.'muharem22@gmail.com')){



    echo "<div class='alert alert-success'>Thank you for registering! A confirmation email has been sent to $email. Please click on the activation link to activate your account!</div>";

}



?>


Here is a screen shot of my register form



Thank you for any suggestions/advice






php







share|improve this question

























  • why is this tagged as javascript/jquery/ajax/twitter-bootstrap?

    – Funk Forty Niner
    Nov 19 '18 at 14:37








  • 1





    Suggestion: Use PHP's password_hash() and password_verify() instead of hash(). They come with proper hashing techniques like unique salts etc. Using sha256 straight off still makes the passwords open to rainbow table attacks if someone would get a hold of the hashed passwords.

    – Magnus Eriksson
    Nov 19 '18 at 14:44













  • Instead of if (!(strlen(($_POST["password"])>8 AND ..., do if (strlen($_POST['password']) < 8 AND .... Currently, you're actually passing the complete string $_POST["password"])>8 and preg_match('/[A-Z]/',$_POST["password"]) as the argument to strlen().

    – Magnus Eriksson
    Nov 19 '18 at 14:49


















-2















So i have been taking a course in webdevelopment and while building a website i started having issues when creating register/login page. When i leave values blank in the register form and hit "submit". I get the errors missing "username, email, password etc." however, it stores the empty values in my database. Another issue, is when i type in the password, it will prompt me how long the password should be even after i put the correct value for password, then it doesn't prompt me to confirm the new passwords so they match. Even putting any password it will accept it and i will get both the error that the password should be at least 8 char long, 1 capital letter etc. but i will also get a "success" message saying that i have received an "activation link" in email. When i click the activation link, it say "activated" and says so in database, but when i try to login with the info, it says "wrong username or password".



I am very new to all this but i just could not find the solution to this.



This is my code in register



<!--Start a session-->

<?php

session_start();





//here we are connecting to db by linking the file to connection.php

include('connections.php');



//Check user inputs

//    Define error message



$missingUsername = '<p><strong>Please enter the username!</strong></p>';

$missingEmail = '<p><strong>Please enter your email!</strong></p>';

$invalidEmail = '<p><strong>Please enter a valid email</strong></p>';

$missingPassword = '<p><strong>Please enter a password!</strong></p>';

$invalidPassword = '<p><strong>Your password should be at least 8 characters long and include one capital letter and one number!</strong></p>';

$differentPassword2 = '<p><strong>The passwords don't match!</strong></p>';

$missingPassword2 = '<p><strong>Please enter password again</strong></p>';





//Get username, email, password, passwowrd2



//GET USERNAME

if(empty($_POST["username"])){



    $errors .= $missingUsername;



}else{

    $username = filter_var($_POST["username"], FILTER_SANITIZE_STRING);

}



//GET EMAIL

if(empty($_POST["email"])){



$errors .= $missingEmail;



}else{

    $email = filter_var($_POST["email"], FILTER_SANITIZE_EMAIL);



//    VALIDATING EMAIL if email invalid

if(!filter_var($email, FILTER_VALIDATE_EMAIL)){



    $errors .= $invalidEmail;

}    



}

//GET PASSWORDs



if(empty($_POST["password"])){



    $errors .= $missingPassword;



}elseif(!(strlen($_POST["password"])>8 

         and preg_match('/[A-Z]/',$_POST["password"])

         and preg_match('/[0-9]/',$_POST["password"]))){



    $errors .= $invalidPassword;



}else{

        $password = filter_var($_POST["password"], FILTER_SANITIZE_STRING);



//IF SECOND PASSWORD MISSING 



    if(empty($_POST["password2"])){



    $errors .= $missingPassword2;

}else{

    $password2 = filter_var($_POST["password2"], FILTER_SANITIZE_STRING);



        if($password !== $password2){



        $errors .= $differentPassword;

    }

  }

}



//IF THERE ARE ANY ERRROR    PRINT ERRORS



if($errors){

    $resultMessage = '<div class="alert alert-danger">' . $errors . '</div>';

    echo $resultMessage;

}



//IF THERE ARE NO ERRORS



$username = mysqli_real_escape_string($link,$username);



$email = mysqli_real_escape_string($link,$email);



$password = mysqli_real_escape_string($link,$password);



//hashing password



//$_Password = md5($_Password);

$password = hash('sha256',$password);

//128 bits -> 32 characters

//256 bits ->64 characters



//IF *USERNAME* EXISTS IN THE USERS TABLE PRINT ERROR





$sql = "SELECT * FROM users WHERE username = '$username'";

$result = mysqli_query($link, $sql);

if(!$result){

    echo '<div class="alert alert-danger">Error running the query!</div>';



    //echo '<div class="alert alert-danger">'. mysqli_error($link).'</div>';



    exit;

}

$results = mysqli_num_rows($result);

if($results){

    echo '<div class="alert alert-danger">That username is already registered. Do you want to log in?</div>';



    exit;

}



//IF THE *EMAIL* exists in the users table print error    



  $sql = "SELECT * FROM users WHERE email = '$email'";

$result = mysqli_query($link, $sql);

if(!$result){

    echo '<div class="alert alert-danger">Error running the query!</div>';



    exit;

}

$results = mysqli_num_rows($result);

if($results){

    echo '<div class="alert alert-danger">That email is already registered. Do you want to login?</div>';



    exit;

}



//CREATE A UNIQUE ACTIVATION CODE



$activationKey =

 bin2hex(openssl_random_pseudo_bytes(16));

//     bytes:unit of data = 8 bits

//     bit: 0 or 1

//     16 bytes = 16 * 8= 128 bits

//     (2*2*2*2)*2*2*2*2...*2

//     16*16*...*16

//     32 characters



//INSERT USER DETAILS AND ACTIVATION CODE IN THE USERS TABLE



 $sql = "INSERT INTO users (username, email, password, activation) VALUES ('$username', '$email', '$password', '$activationKey')";   



 $result =  mysqli_query($link, $sql);



 if(!$result){

     echo '<div class="alert alert-danger">There was an error inserting users detail in the database!</div>';



     exit;

 }   



 //SEND THE USER AN EMAIL WITH A LINK TO ACTIVATE.PHP WITH THEIR EMAIL AND ACTIVATION CODE

$message = "Please click on this link to activate your account:nn";

$message .= "" . urlencode($email) . "&key=$activationKey";



if(mail($email, 'Confirm your registration', $message, 'From:'.'muharem22@gmail.com')){



    echo "<div class='alert alert-success'>Thank you for registering! A confirmation email has been sent to $email. Please click on the activation link to activate your account!</div>";

}



?>


Here is a screen shot of my register form



Thank you for any suggestions/advice






php







share|improve this question

























  • why is this tagged as javascript/jquery/ajax/twitter-bootstrap?

    – Funk Forty Niner
    Nov 19 '18 at 14:37








  • 1





    Suggestion: Use PHP's password_hash() and password_verify() instead of hash(). They come with proper hashing techniques like unique salts etc. Using sha256 straight off still makes the passwords open to rainbow table attacks if someone would get a hold of the hashed passwords.

    – Magnus Eriksson
    Nov 19 '18 at 14:44













  • Instead of if (!(strlen(($_POST["password"])>8 AND ..., do if (strlen($_POST['password']) < 8 AND .... Currently, you're actually passing the complete string $_POST["password"])>8 and preg_match('/[A-Z]/',$_POST["password"]) as the argument to strlen().

    – Magnus Eriksson
    Nov 19 '18 at 14:49
















-2












-2








-2








So i have been taking a course in webdevelopment and while building a website i started having issues when creating register/login page. When i leave values blank in the register form and hit "submit". I get the errors missing "username, email, password etc." however, it stores the empty values in my database. Another issue, is when i type in the password, it will prompt me how long the password should be even after i put the correct value for password, then it doesn't prompt me to confirm the new passwords so they match. Even putting any password it will accept it and i will get both the error that the password should be at least 8 char long, 1 capital letter etc. but i will also get a "success" message saying that i have received an "activation link" in email. When i click the activation link, it say "activated" and says so in database, but when i try to login with the info, it says "wrong username or password".



I am very new to all this but i just could not find the solution to this.



This is my code in register



<!--Start a session-->

<?php

session_start();





//here we are connecting to db by linking the file to connection.php

include('connections.php');



//Check user inputs

//    Define error message



$missingUsername = '<p><strong>Please enter the username!</strong></p>';

$missingEmail = '<p><strong>Please enter your email!</strong></p>';

$invalidEmail = '<p><strong>Please enter a valid email</strong></p>';

$missingPassword = '<p><strong>Please enter a password!</strong></p>';

$invalidPassword = '<p><strong>Your password should be at least 8 characters long and include one capital letter and one number!</strong></p>';

$differentPassword2 = '<p><strong>The passwords don't match!</strong></p>';

$missingPassword2 = '<p><strong>Please enter password again</strong></p>';





//Get username, email, password, passwowrd2



//GET USERNAME

if(empty($_POST["username"])){



    $errors .= $missingUsername;



}else{

    $username = filter_var($_POST["username"], FILTER_SANITIZE_STRING);

}



//GET EMAIL

if(empty($_POST["email"])){



$errors .= $missingEmail;



}else{

    $email = filter_var($_POST["email"], FILTER_SANITIZE_EMAIL);



//    VALIDATING EMAIL if email invalid

if(!filter_var($email, FILTER_VALIDATE_EMAIL)){



    $errors .= $invalidEmail;

}    



}

//GET PASSWORDs



if(empty($_POST["password"])){



    $errors .= $missingPassword;



}elseif(!(strlen($_POST["password"])>8 

         and preg_match('/[A-Z]/',$_POST["password"])

         and preg_match('/[0-9]/',$_POST["password"]))){



    $errors .= $invalidPassword;



}else{

        $password = filter_var($_POST["password"], FILTER_SANITIZE_STRING);



//IF SECOND PASSWORD MISSING 



    if(empty($_POST["password2"])){



    $errors .= $missingPassword2;

}else{

    $password2 = filter_var($_POST["password2"], FILTER_SANITIZE_STRING);



        if($password !== $password2){



        $errors .= $differentPassword;

    }

  }

}



//IF THERE ARE ANY ERRROR    PRINT ERRORS



if($errors){

    $resultMessage = '<div class="alert alert-danger">' . $errors . '</div>';

    echo $resultMessage;

}



//IF THERE ARE NO ERRORS



$username = mysqli_real_escape_string($link,$username);



$email = mysqli_real_escape_string($link,$email);



$password = mysqli_real_escape_string($link,$password);



//hashing password



//$_Password = md5($_Password);

$password = hash('sha256',$password);

//128 bits -> 32 characters

//256 bits ->64 characters



//IF *USERNAME* EXISTS IN THE USERS TABLE PRINT ERROR





$sql = "SELECT * FROM users WHERE username = '$username'";

$result = mysqli_query($link, $sql);

if(!$result){

    echo '<div class="alert alert-danger">Error running the query!</div>';



    //echo '<div class="alert alert-danger">'. mysqli_error($link).'</div>';



    exit;

}

$results = mysqli_num_rows($result);

if($results){

    echo '<div class="alert alert-danger">That username is already registered. Do you want to log in?</div>';



    exit;

}



//IF THE *EMAIL* exists in the users table print error    



  $sql = "SELECT * FROM users WHERE email = '$email'";

$result = mysqli_query($link, $sql);

if(!$result){

    echo '<div class="alert alert-danger">Error running the query!</div>';



    exit;

}

$results = mysqli_num_rows($result);

if($results){

    echo '<div class="alert alert-danger">That email is already registered. Do you want to login?</div>';



    exit;

}



//CREATE A UNIQUE ACTIVATION CODE



$activationKey =

 bin2hex(openssl_random_pseudo_bytes(16));

//     bytes:unit of data = 8 bits

//     bit: 0 or 1

//     16 bytes = 16 * 8= 128 bits

//     (2*2*2*2)*2*2*2*2...*2

//     16*16*...*16

//     32 characters



//INSERT USER DETAILS AND ACTIVATION CODE IN THE USERS TABLE



 $sql = "INSERT INTO users (username, email, password, activation) VALUES ('$username', '$email', '$password', '$activationKey')";   



 $result =  mysqli_query($link, $sql);



 if(!$result){

     echo '<div class="alert alert-danger">There was an error inserting users detail in the database!</div>';



     exit;

 }   



 //SEND THE USER AN EMAIL WITH A LINK TO ACTIVATE.PHP WITH THEIR EMAIL AND ACTIVATION CODE

$message = "Please click on this link to activate your account:nn";

$message .= "" . urlencode($email) . "&key=$activationKey";



if(mail($email, 'Confirm your registration', $message, 'From:'.'muharem22@gmail.com')){



    echo "<div class='alert alert-success'>Thank you for registering! A confirmation email has been sent to $email. Please click on the activation link to activate your account!</div>";

}



?>


Here is a screen shot of my register form



Thank you for any suggestions/advice






php







share|improve this question
















So i have been taking a course in webdevelopment and while building a website i started having issues when creating register/login page. When i leave values blank in the register form and hit "submit". I get the errors missing "username, email, password etc." however, it stores the empty values in my database. Another issue, is when i type in the password, it will prompt me how long the password should be even after i put the correct value for password, then it doesn't prompt me to confirm the new passwords so they match. Even putting any password it will accept it and i will get both the error that the password should be at least 8 char long, 1 capital letter etc. but i will also get a "success" message saying that i have received an "activation link" in email. When i click the activation link, it say "activated" and says so in database, but when i try to login with the info, it says "wrong username or password".



I am very new to all this but i just could not find the solution to this.



This is my code in register



<!--Start a session-->

<?php

session_start();





//here we are connecting to db by linking the file to connection.php

include('connections.php');



//Check user inputs

//    Define error message



$missingUsername = '<p><strong>Please enter the username!</strong></p>';

$missingEmail = '<p><strong>Please enter your email!</strong></p>';

$invalidEmail = '<p><strong>Please enter a valid email</strong></p>';

$missingPassword = '<p><strong>Please enter a password!</strong></p>';

$invalidPassword = '<p><strong>Your password should be at least 8 characters long and include one capital letter and one number!</strong></p>';

$differentPassword2 = '<p><strong>The passwords don't match!</strong></p>';

$missingPassword2 = '<p><strong>Please enter password again</strong></p>';





//Get username, email, password, passwowrd2



//GET USERNAME

if(empty($_POST["username"])){



    $errors .= $missingUsername;



}else{

    $username = filter_var($_POST["username"], FILTER_SANITIZE_STRING);

}



//GET EMAIL

if(empty($_POST["email"])){



$errors .= $missingEmail;



}else{

    $email = filter_var($_POST["email"], FILTER_SANITIZE_EMAIL);



//    VALIDATING EMAIL if email invalid

if(!filter_var($email, FILTER_VALIDATE_EMAIL)){



    $errors .= $invalidEmail;

}    



}

//GET PASSWORDs



if(empty($_POST["password"])){



    $errors .= $missingPassword;



}elseif(!(strlen($_POST["password"])>8 

         and preg_match('/[A-Z]/',$_POST["password"])

         and preg_match('/[0-9]/',$_POST["password"]))){



    $errors .= $invalidPassword;



}else{

        $password = filter_var($_POST["password"], FILTER_SANITIZE_STRING);



//IF SECOND PASSWORD MISSING 



    if(empty($_POST["password2"])){



    $errors .= $missingPassword2;

}else{

    $password2 = filter_var($_POST["password2"], FILTER_SANITIZE_STRING);



        if($password !== $password2){



        $errors .= $differentPassword;

    }

  }

}



//IF THERE ARE ANY ERRROR    PRINT ERRORS



if($errors){

    $resultMessage = '<div class="alert alert-danger">' . $errors . '</div>';

    echo $resultMessage;

}



//IF THERE ARE NO ERRORS



$username = mysqli_real_escape_string($link,$username);



$email = mysqli_real_escape_string($link,$email);



$password = mysqli_real_escape_string($link,$password);



//hashing password



//$_Password = md5($_Password);

$password = hash('sha256',$password);

//128 bits -> 32 characters

//256 bits ->64 characters



//IF *USERNAME* EXISTS IN THE USERS TABLE PRINT ERROR





$sql = "SELECT * FROM users WHERE username = '$username'";

$result = mysqli_query($link, $sql);

if(!$result){

    echo '<div class="alert alert-danger">Error running the query!</div>';



    //echo '<div class="alert alert-danger">'. mysqli_error($link).'</div>';



    exit;

}

$results = mysqli_num_rows($result);

if($results){

    echo '<div class="alert alert-danger">That username is already registered. Do you want to log in?</div>';



    exit;

}



//IF THE *EMAIL* exists in the users table print error    



  $sql = "SELECT * FROM users WHERE email = '$email'";

$result = mysqli_query($link, $sql);

if(!$result){

    echo '<div class="alert alert-danger">Error running the query!</div>';



    exit;

}

$results = mysqli_num_rows($result);

if($results){

    echo '<div class="alert alert-danger">That email is already registered. Do you want to login?</div>';



    exit;

}



//CREATE A UNIQUE ACTIVATION CODE



$activationKey =

 bin2hex(openssl_random_pseudo_bytes(16));

//     bytes:unit of data = 8 bits

//     bit: 0 or 1

//     16 bytes = 16 * 8= 128 bits

//     (2*2*2*2)*2*2*2*2...*2

//     16*16*...*16

//     32 characters



//INSERT USER DETAILS AND ACTIVATION CODE IN THE USERS TABLE



 $sql = "INSERT INTO users (username, email, password, activation) VALUES ('$username', '$email', '$password', '$activationKey')";   



 $result =  mysqli_query($link, $sql);



 if(!$result){

     echo '<div class="alert alert-danger">There was an error inserting users detail in the database!</div>';



     exit;

 }   



 //SEND THE USER AN EMAIL WITH A LINK TO ACTIVATE.PHP WITH THEIR EMAIL AND ACTIVATION CODE

$message = "Please click on this link to activate your account:nn";

$message .= "" . urlencode($email) . "&key=$activationKey";



if(mail($email, 'Confirm your registration', $message, 'From:'.'muharem22@gmail.com')){



    echo "<div class='alert alert-success'>Thank you for registering! A confirmation email has been sent to $email. Please click on the activation link to activate your account!</div>";

}



?>


Here is a screen shot of my register form



Thank you for any suggestions/advice






php




php






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 19 '18 at 15:36







Muharem S

















asked Nov 19 '18 at 14:28









Muharem SMuharem S

112




112













  • why is this tagged as javascript/jquery/ajax/twitter-bootstrap?

    – Funk Forty Niner
    Nov 19 '18 at 14:37








  • 1





    Suggestion: Use PHP's password_hash() and password_verify() instead of hash(). They come with proper hashing techniques like unique salts etc. Using sha256 straight off still makes the passwords open to rainbow table attacks if someone would get a hold of the hashed passwords.

    – Magnus Eriksson
    Nov 19 '18 at 14:44













  • Instead of if (!(strlen(($_POST["password"])>8 AND ..., do if (strlen($_POST['password']) < 8 AND .... Currently, you're actually passing the complete string $_POST["password"])>8 and preg_match('/[A-Z]/',$_POST["password"]) as the argument to strlen().

    – Magnus Eriksson
    Nov 19 '18 at 14:49





















  • why is this tagged as javascript/jquery/ajax/twitter-bootstrap?

    – Funk Forty Niner
    Nov 19 '18 at 14:37








  • 1





    Suggestion: Use PHP's password_hash() and password_verify() instead of hash(). They come with proper hashing techniques like unique salts etc. Using sha256 straight off still makes the passwords open to rainbow table attacks if someone would get a hold of the hashed passwords.

    – Magnus Eriksson
    Nov 19 '18 at 14:44













  • Instead of if (!(strlen(($_POST["password"])>8 AND ..., do if (strlen($_POST['password']) < 8 AND .... Currently, you're actually passing the complete string $_POST["password"])>8 and preg_match('/[A-Z]/',$_POST["password"]) as the argument to strlen().

    – Magnus Eriksson
    Nov 19 '18 at 14:49



















why is this tagged as javascript/jquery/ajax/twitter-bootstrap?

– Funk Forty Niner
Nov 19 '18 at 14:37







why is this tagged as javascript/jquery/ajax/twitter-bootstrap?

– Funk Forty Niner
Nov 19 '18 at 14:37






1




1





Suggestion: Use PHP's password_hash() and password_verify() instead of hash(). They come with proper hashing techniques like unique salts etc. Using sha256 straight off still makes the passwords open to rainbow table attacks if someone would get a hold of the hashed passwords.

– Magnus Eriksson
Nov 19 '18 at 14:44







Suggestion: Use PHP's password_hash() and password_verify() instead of hash(). They come with proper hashing techniques like unique salts etc. Using sha256 straight off still makes the passwords open to rainbow table attacks if someone would get a hold of the hashed passwords.

– Magnus Eriksson
Nov 19 '18 at 14:44















Instead of if (!(strlen(($_POST["password"])>8 AND ..., do if (strlen($_POST['password']) < 8 AND .... Currently, you're actually passing the complete string $_POST["password"])>8 and preg_match('/[A-Z]/',$_POST["password"]) as the argument to strlen().

– Magnus Eriksson
Nov 19 '18 at 14:49







Instead of if (!(strlen(($_POST["password"])>8 AND ..., do if (strlen($_POST['password']) < 8 AND .... Currently, you're actually passing the complete string $_POST["password"])>8 and preg_match('/[A-Z]/',$_POST["password"]) as the argument to strlen().

– Magnus Eriksson
Nov 19 '18 at 14:49














1 Answer
1






active

oldest

votes


















0














The problem with empty entry in the database is because the code don't stop when found any error.



you have to add exit when found any error.



if($errors)

{

    $resultMessage = '<div class="alert alert-danger">' . $errors . '</div>';

    echo $resultMessage;

    exit;

}





share|improve this answer
























  • Thank you, i must have looked over this code like 100x and didn't see that part :).

    – Muharem S
    Nov 19 '18 at 15:07











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53376747%2fregister-login-form-activation-link%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









0














The problem with empty entry in the database is because the code don't stop when found any error.



you have to add exit when found any error.



if($errors)

{

    $resultMessage = '<div class="alert alert-danger">' . $errors . '</div>';

    echo $resultMessage;

    exit;

}





share|improve this answer
























  • Thank you, i must have looked over this code like 100x and didn't see that part :).

    – Muharem S
    Nov 19 '18 at 15:07
















0














The problem with empty entry in the database is because the code don't stop when found any error.



you have to add exit when found any error.



if($errors)

{

    $resultMessage = '<div class="alert alert-danger">' . $errors . '</div>';

    echo $resultMessage;

    exit;

}





share|improve this answer
























  • Thank you, i must have looked over this code like 100x and didn't see that part :).

    – Muharem S
    Nov 19 '18 at 15:07














0












0








0







The problem with empty entry in the database is because the code don't stop when found any error.



you have to add exit when found any error.



if($errors)

{

    $resultMessage = '<div class="alert alert-danger">' . $errors . '</div>';

    echo $resultMessage;

    exit;

}





share|improve this answer













The problem with empty entry in the database is because the code don't stop when found any error.



you have to add exit when found any error.



if($errors)

{

    $resultMessage = '<div class="alert alert-danger">' . $errors . '</div>';

    echo $resultMessage;

    exit;

}






share|improve this answer












share|improve this answer



share|improve this answer










answered Nov 19 '18 at 14:39









ErDiabloErDiablo

1354




1354













  • Thank you, i must have looked over this code like 100x and didn't see that part :).

    – Muharem S
    Nov 19 '18 at 15:07



















  • Thank you, i must have looked over this code like 100x and didn't see that part :).

    – Muharem S
    Nov 19 '18 at 15:07

















Thank you, i must have looked over this code like 100x and didn't see that part :).

– Muharem S
Nov 19 '18 at 15:07





Thank you, i must have looked over this code like 100x and didn't see that part :).

– Muharem S
Nov 19 '18 at 15:07




















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53376747%2fregister-login-form-activation-link%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

這個網誌中的熱門文章

Academy of Television Arts & Sciences

圖片
American television organization Academy of Television Arts & Sciences Founded 1946 ; 73 years ago  ( 1946 ) Location North Hollywood, California, United States Area served Television industry Product Emmy Awards Key people Frank Scherma ( Chairman and CEO ) Website televisionacademy.com [redirects to emmys.com , official website of the Emmys and the Television Academy The Academy of Television Arts & Sciences ( ATAS ), also colloquially known as the Television Academy , is a professional honorary organization dedicated to the advancement of the television industry in the United States. Founded in 1946, the organization presents the Primetime Emmy Awards, an annual ceremony honoring achievement in U.S. primetime television. Contents 1 History 2 Emmy Award 3 Publications and programs 4 Current governance 4.1 Board of Governors 5 Television Academy honors 5.1 1st Annual (2008) 5.2 2nd Annual (2009)...
閱讀完整內容

L'Équipe

圖片
For other uses, see Équipe (disambiguation). L'Équipe The front page of L'Équipe on 4 July 2011 Type Daily newspaper Format Tabloid Owner(s) Éditions Philippe Amaury Editor François Morinière Editor-in-chief Fabrice Jouhaud Founded 1946 Language French Headquarters Boulogne-Billancourt ISSN 0153-1069 Website www.lequipe.fr L'Équipe ( pronounced  [lekip] , French for "the team") is a French nationwide daily newspaper devoted to sport, owned by Éditions Philippe Amaury. The paper is noted for coverage of association football , rugby, motorsport and cycling. Its predecessor was L'Auto , a general sports paper whose name reflected not any narrow interest but the excitement of the time in car racing. L'Auto originated the Tour de France cycling stage race in 1903 as a circulation booster. The race leader's yellow jersey (French: maillot jaune ) was instituted in 1919, probably to reflect the dist...
閱讀完整內容

1995 France bombings

圖片
This article is a rough translation from French . It may have been generated by a computer or by a translator without dual proficiency. Please help to enhance the translation. The original article is under "français" in the "languages" sidebar. See this article's entry on Pages needing translation into English for discussion. 1995 France bombings Part of Algerian Civil War (spillover) Plaque commemorating the victims of the Saint-Michel station bombing on 25 July 1995 Location Paris and Lyon, France Date 25 July 1995  ( 1995-07-25 ) – 17 October 1995  ( 1995-10-17 ) Weapons Improvised explosive devices, school bombing Deaths 8 Non-fatal injuries 157 Perpetrator Armed Islamic Group Motive To induce the French government to withdraw support from the Algerian government during the Algerian Civil War The 1995 bombings in France were carried out by the Armed Islamic Group (GIA), who were broadening the Alger...
閱讀完整內容