Tag: php

Email Verification in PHP: Part 2

This video to illustrates, verification of user email ID by sending a unique URL to be clicked by the user inorder to active his account, to further use the application.

Continuation of Email Verification in PHP: Part 1

login form
login.php

This is bit more than just a simple login form. Because, here we need to check if the user is present in our database, and next, if present, whether the user has activated his/her account or not.

1
2
3
4
5

<form action="log.php" method=post>
email: <input type="text" name="u"/>
Pwd: <input type="password" name="p"/>
<input type="submit"/>
</form>

This is just the login form. Below is the coding of log.php file which does all the decision making activities.

login action page
log.php

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49

< ?php
 
include_once('db.php');
 
?>
 
< ?php
 
 $u = $_POST['u'];
 $p = md5($_POST['p']);
 
 $res = mysql_query("SELECT count(*) from login where(email='$u' and pass='$p')");
 
  $row = mysql_fetch_array($res);
 
 if($row[0]>0)
 {
   echo '<b>Successfully logged in</b><br />';
 
   $rs =  mysql_query("SELECT actv from login where email='$u'");
   $rw =  mysql_fetch_array($rs);
 
   if($rw[0] == 0)
   {
 echo '<b>But please activate your email ID, before proceeding</b>';
 exit();
   } 
   else
   {
              $rs = mysql_query("SELECT name from login where email='$u'");
              $rw= mysql_fetch_array($rs);
 echo "Account activated......<br /> <br /> <blockquote><span color=red >
              Welcome ".$rw[0].",</span><br /><br /> This website will be ready 
              soon, and you'll be among the first to hear from us!<br /> 
              Until then, you can browse through our extensive collection of 
              quality tweets submitted by our present members 
              <a href=http://www.twitfever.com>Retweet Club</a><br /><br /> 
              Regards,<br />Satish, CEO Technotip IT Solutions and Training 
              Center</blockquote>";
 
exit();
    }
 
 }
 else
   echo "<br />Login Failed";
 
 
?>

again, we are making use of md5() encryption, inorder to check with the already encrypted data present inside the database.

1
2
3
4
5
6
7
8
9
10

$res = mysql_query("SELECT count(*) from login where(email='$u' and pass='$p')");
 
  $row = mysql_fetch_array($res);
 
 if($row[0]>0)
 {
   echo '<b>Successfully logged in</b><br />';
 }
 else
   echo "<br />Login Failed";

with this we are checking if the user has already registered or not.

If he/she is a registered user, then we check if the account has been activated or not..

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

$rs =  mysql_query("SELECT actv from login where email='$u'");
   $rw =  mysql_fetch_array($rs);
 
   if($rw[0] == 0)
   {
 echo '<b>But please activate your email ID, before proceeding</b>';
 exit();
   } 
   else
   {
              $rs = mysql_query("SELECT name from login where email='$u'");
              $rw= mysql_fetch_array($rs);
 echo "Account activated......<br /> <br /> <blockquote><span color=red >
              Welcome ".$rw[0].",</span><br /><br /> This website will be ready 
              soon, and you'll be among the first to hear from us!<br /> 
              Until then, you can browse through our extensive collection of 
              quality tweets submitted by our present members 
              <a href=http://www.twitfever.com>Retweet Club</a><br /><br /> 
              Regards,<br />Satish, CEO Technotip IT Solutions and Training Center
              </blockquote>";
 
exit();
    }

Depending on whether the user has activated his/her account we display the appropriate message.

activate.php
This is the file to which the values will be sent to, once the user clicks on the link sent to his/her email.

Using the values sent by the user(upon clicking the link), this script checks the value against the database to see if its valid. If valid, it updates the act attribute value to 1, which indicated the user verified his/her account.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

< ?php include_once('db.php'); ?>
 
< ?php
 
 $act = $_GET['act'];
 $email = $_GET['email'];
 
 $sql = "SELECT rndm from login where email='$email'";
 
 $res = mysql_query($sql);
 $row = mysql_fetch_array($res);
 
 if($row[0] == $act)
 {
  mysql_query("Update login SET actv=1 WHERE email='$email'");
  echo '<b>Your account activated<br /><a href="login.php">Login now</a>';
 }
 else
  echo "Wrong link bro!";
?>

Video Tutorial: Part 2


[youtube https://www.youtube.com/watch?v=Cm5Q0xlir-Q]

YouTube Link: https://www.youtube.com/watch?v=Cm5Q0xlir-Q [Watch the Video In Full Screen.]



Other users:
We can make use of this application and allow or disallow some of the features of our application.
This technique highly helps in combating with the spam issues on the web.

You can purchase this simple script directly for as less as $1.95 get here.

Email Verification in PHP: Part 1

This video to illustrates, verification of user email ID by sending a unique URL to be clicked by the user inorder to active his account, to further use the application.

Use
We can restrict certain features of our application for the accounts which has not been verified.
By this we can know if the email ID is valid and authorized user is using it and no one else.

Database

1
2
3
4
5
6
7
8
9

mysql> create database test;
mysql> use test;
mysql> create table login(
   name varchar(25) not null, 
   pass varchar(60) not null, 
   email varchar(30) primary key,
   phn varchar(15), 
   rndm varchar(20) not null, 
   actv int not null);

Note: Do not make phno as integer, as it can’t handle huge numbers like 9844552841 (if its a phone number!)
email is concede red as Primary Key, as we can identify each user uniquely via this attribute. No two user can have the same email id.

Database connection script
db.php

1
2
3
4

< ?php
 mysql_connect('localhost','DatabaseUsername','DatabasePassword');
 mysql_select_db('DatabaseName');
?>

Registration Code:
register.php

1
2
3
4
5
6
7

<form action="save.php" method="post">
Name: <input type="text" name="n"/>
eMail ID: <input type="text" name="email"/>
password: <input type="password" name="password"/>
Phn number: <input type="text" name="phn"/>
<input type="SUBMIT"/>
</form>

The user input will be passed to save.php via post method.

save.php

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

< ?php include_once('db.php'); ?>
< ?php
 
$n = $_POST['n'];
$p = md5($_POST['password']);
$email = $_POST['email'];
$phn = $_POST['phn'];
$rndm = rand(34565, 993240);
 
$sql ="INSERT into login values('$n','$p','$email','$phn', '$rndm', '0')";
 
if(!mysql_query($sql))
 echo "Not updated..".mysql_error();
else
{
 
  $url = "http://yourdomainname.com/reg/activate.php?act=$rndm&email=$email";
  $cont = "click this link $url To activate your account";
 
  if( mail($email, "Activate Account!", $cont, "From: [email protected]") )
   echo '<b>Please visit your email to activate your account
         <br />After Activation, <a href="login.php">log into your account</a>';
  else
   echo '<b>Registration failed..<a href="register.php">please try again</a></b>';
 
}
?>

change yourdomainname.com to the actual domain name the application is hosted on.

md5() is a built-in function. It is a encryption technique for securing the user passwords from intruders.
rand( initialValue, finalValue) is a built-in PHP function which takes range as its parameter and generates a random number between them.

mail() is a built-in PHP function for sending emails.

General Syntax:
mail(To, Subject, Content, From)

Video Tutorial: Part 1


[youtube https://www.youtube.com/watch?v=BwgOn5sbK4c]

YouTube Link: https://www.youtube.com/watch?v=BwgOn5sbK4c [Watch the Video In Full Screen.]



Also look at: Email Verification in PHP: Part 2

You can purchase this simple script directly for as less as $1.95 get here.

POST Method In Action: Simple Form

This Basic PHP tutorial illustrates the usage of POST method, with the help of a simple HTML form. It echo’s/print’s the user entered information on to the browser by passing it via POST method.

If you are sending sensitive information like credit card number or your password, then make sure to use POST method. If you use GET method, it will reveal all the information in the address bar. With POST method, the parameters are not shown and hence not visible for people who might be stalking you!

Source Code: POST Method In Action: Simple Form

We have purposefully kept this example super simple, as this is a basic thing in PHP and complex things may confuse beginners.

postform.php

<html>
 <head><title>POST Method in Action</title></head>
 <body>
<form action="post.php" method="post">
Name <input type="text" name="user"><br />
Company<input type="text" name="comp"><br />
<input type="submit" value=" Submit Info">
</form>
 </body>
</html>

This is a simple form which contains 2 input fields(user and comp) and a submit button. Observe the method used: its POST method.
We have given unique name to each input fields, so that the values are passed to the post.php

post.php

<?php
 
$name       =  $_POST['user'];
$company  =   $_POST['comp'];
 
echo "My name is $name <br /> And I'm the CEO of my company {$company}";
 
?>

This is the actual file where the action takes place. All the information is passed on to post.php via postform.php file. Using $_POST[] we receive the values and store it in the local variables. Using the values in these local variables we can do whatever we want to do: like print it on the browser(as we do in this tutorial), insert it into database etc.

Video Tutorial: POST Method In Action: Simple Form


[youtube https://www.youtube.com/watch?v=XrX02OSbPt4]

YouTube Link: https://www.youtube.com/watch?v=XrX02OSbPt4 [Watch the Video In Full Screen + HD]


Advantages of using POST method over GET method

The POST method does not have any restriction on data size to be sent.
The POST method can be used to send ASCII as well as binary data.
The data sent by POST method goes through HTTP header so security depends on HTTP protocol. By using Secure HTTP you can make sure that your information is secure.

GET Method In Action: Simple Form

This Basic PHP tutorial illustrates the usage of GET method, with the help of a simple HTML form. It echo’s/print’s the user entered information on to the browser by passing it via GET method.
It also tells one big advantage of GET method over POST method.

Source Code
We have purposefully kept this example super simple, as this is a basic thing in PHP and complex things may confuse beginners.

Source Code: GET Method In Action: Simple Form

getForm.php

<html>
 <head><title>Form using GET method</title></head>
 <body>
<form action="get.php" method="get">
Name <input type="text" name="uname"><br />
Age    <input type="text" name="age"><br />
<input type="submit" value="Submit Info">
</form>
 </body>
</html>

This is a simple form which contains 2 input fields and a submit button. Observe the method used: its GET method.
We have given unique name to each input fields, so that the values are passed to the get.php

get.php

<?php
 
$name = $_GET['uname'];
$age     = $_GET['age'];
 
echo "Name is $name <br /> Age is $age";
 
?>

This is the actual file where the action takes place. All the information is passed on to this file via getForm.php file. Using $_GET[] we receive the values and store it in the local variables. Using the values in these local variables we can do whatever we want to do: like print it on the browser(as we do in this tutorial), insert it into database etc.

Video Tutorial: GET Method In Action: Simple Form


[youtube https://www.youtube.com/watch?v=3zmH6zXyrx8]

YouTube Link: https://www.youtube.com/embed/3zmH6zXyrx8 [Watch the Video In Full Screen + HD]


Advantages of using GET method over POST method

One of the biggest advantage of using GET method is, we can send the URL in the address bar to a friend over email as it contains the name and associated value in the URL. But in post method, you will neither get the name nor the value in the address bar, hence you can’t send it over to any one. If you still send, it may not make any sense!

Ex: You Google for the term “technotip”. Copy the URL in the address bar and can send it to your friend. Many bookmarking sites use GET method, because users must be able to copy and paste the url and pass it on to their friends. If they used POST method, then its of no use to send the url, since the URL before and after querying remains same!

Dynamic Page Creation: PHP

In this PHP program we will not be generating pages, but creating the illusion of dynamic page creation!
i.e., we will have a bunch of files inside a directory. We will fetch the contents of these files and display on a single file(index.php).

Advantages:
1. Eliminating duplicate coding: Since, we will display the contents on single page, all the common content will be written in that single page.
2. Common user will not be able to track the exact location of the individual files.
3. We can track, if the user is trying to access a file that does not exist, and then we can show appropriate messages: This will be user friendly and also helps in Search Engine Optimization(SEO), as we can specially design our 404 pages.

Note: Even though this dynamic page creation may not be something you are looking for right now, I am sure, you will encounter a situation in your project development where this technique will come handy. So nevertheless, have it in your tool box!


[youtube https://www.youtube.com/watch?v=RrSRO248NOQ]

YouTube Link: https://www.youtube.com/watch?v=RrSRO248NOQ [Watch the Video In Full Screen.]


PHP Program with CSS implemented:

(index.php)

<html>
 <head><title> Dynamic Pages </title>
 
<style type="text/css">
 
* {
font-family: Verdana;
font-size: 24pt;
 
}
#menu {
position: absolute;
top: 50px;
left: 200px;
 
padding: 10px;
margin:  10px;
 
background-color: pink;
 
}
 
#content {
position: absolute;
top: 50px;
left: 450px;
 
padding: 10px;
margin:  10px;
 
background-color: yellow;
color: red;
 
}
 
 
</style>
 </head>
 <body>
 
  <div id="menu">
 
<a href="index.php">Home</a><br />
<a href="index.php?page=js">Javascript</a><br />
<a href="index.php?page=cSharp">C Sharp</a><br />
<a href="index.php?page=css">CSS</a><br />
 
  </div>
 
 <div id="content">
 
<?php
 $p = $_GET['page'];
 
$page = "sub/".$p.".php";
 
if(file_exists($page))
include($page);
elseif($p=="")
echo "This is Home Page";
else
echo "what are you looking for! ?";
 
?>
  </div>
 
 
 </body>
</html>

In the menu div, we are having some anchor tags, using which we are passing the file names to the variable page. Which we receive in the php code(same page) and add the exact file location and check whether the file exists in the specified location or not.

Based on the file name passed, we will include the corresponding file content in the content div section. If nothing is passed, then its home page. If some irrelevant file names are passed, then we will show some messages: Here we can design a 404 error message page and show it – each time someone tries to access a page that does not exists.

File Structure:

file-structure
Save all these below files ( js.php, cSharp.php, css.php and index.php ) as shown in above image.

js.php Content:

This is Javascript File...

cSharp.php Content:

This is C Sharp....

css.php Content:

This is Cascading StyleSheet...

[ Above files are kept simple in-order to save time and to keep the program explanation simple. You can use your web designing skills to make the pages as you like. ]

PHP Code Explanation:

$p = $_GET['page'];

This line of code accepts the parameter sent by the anchor tags and stores it in a variable by name p.

       $page = "sub/".$p.".php";

sub is the folder name, inside which we have our js.php, cSharp.php and css.php files.

Ex:
If the link corresponding to cSharp is clicked. Then variable p will have the string cSharp in it.
So, variable page will have sub/cSharp.php in it.

if-elseif-else Statement:

       if(file_exists($page))
            include($page);
        elseif($p=="")
            echo "This is Home Page";
        else
            echo "what are you looking for! ?";

file_exists is a built-in php function, which checks if the specified page/file exists or not.
If it exists, then we will include that page. i.e., the content of the page will be displayed.
If variable p has nothing in it, then the clicked link is home page.
If some non-existing page is passed, then we display the message “What are you looking for! ?”.