Confirming Email Address Is Confirmed

gogocode · January 24, 2013, 8:01pm

Hi,

I have created a membership script which seems to working well. However I cant add a piece of code which checks whether the user confirmed their account.

This should be the piece of code which checks if there is a Y ($accounty) in the ‘accountconfirmed’ row.

			  if(($accounty) != ($row['accountconfirmed'])) {
        $errors['confirmedaccount'] = "Your account has not yet been confirmed.  Please request a confirmation email.";
    }

This is the complete code. Any suggestions please on how I can compare what is being entered agains the database.

[code] <?php
if ($_SESSION[‘userLoggedIn’])

        session_start();
    $_SESSION['userLoggedIn'] = 0;
    $_SESSION['userEmail'] = '';
    $_SESSION['userID'] = '';

$_SESSION[‘userfirstname’] = ‘’;
$_SESSION[‘usersurname’] = ‘’;

    // Reset errors and success messages
    $errors = array();
    $success = array();


// Login attempt
if(isset($_POST['loginSubmit']) && $_POST['loginSubmit'] == 'true')
{
    $loginEmail = filter_var(trim($_POST['email']), FILTER_VALIDATE_EMAIL);
    $loginPassword    = trim($_POST['password']);

		$accounty = ('y'); 

	
    if(count($errors) === 0)
    {

$loginPassword = md5($loginPassword);
$query = ‘SELECT * FROM users WHERE email = "’ . mysql_real_escape_string($loginEmail) . ‘" AND password = "’ . $loginPassword . ‘" AND accountconfirmed = "’ . $accounty . ‘"LIMIT 1’;
$result = mysql_query($query);
if (!$result)
{
die('Invalid query: ’ . mysql_error());
}

        if(mysql_num_rows($result) === 1)
        {
            $row = mysql_fetch_assoc($result);
            $_SESSION['userLoggedIn'] = 1;
            $_SESSION['userEmail'] = $loginEmail;
            $_SESSION['userID'] = $row['id'];
            $_SESSION['userfirstname'] = $row['firstname'];
			$_SESSION['usersurname'] = $row['surname'];
			
            header('Location: /index1.php');
            exit;
        } else {
            $errors['login'] = 'No user was found with the details provided.1.';
        }
    }
}
/*
  The rest of your login page code
*/

// Reset errors and success messages
$errors = array();
$success = array();
// Login attempt
if(isset($_POST[‘loginSubmit’]) && $_POST[‘loginSubmit’] == ‘true’){
$loginEmail = trim($_POST[‘email’]);
$loginPassword = trim($_POST[‘password’]);

}  
  
  
  	if(!isset($loginEmail) || empty($loginEmail)) {   
    $errors['loginEmail'] = "Please enter your email.";
}	  
  
if(!isset($loginPassword) || empty($loginPassword)) { 
    $errors['loginPassword'] = "Please enter your password.";
}


$accounty = ('Y'); 


		  if(($accounty) != ($row['accountconfirmed'])) {
    $errors['confirmedaccount'] = "Your account has not yet been confirmed.  Please request a confirmation email.";
} 

			  if(($loginEmail) != ($row['email'])) {
    $errors['incorrectemail'] = "Your email address is incorrect.";
} 

	  	 if(($password) != ($row['password'])) {
    $errors['incorrectpassword'] = "Your password is incorrect.";
} 
[/code]