Home/ Questions/Q 8572163
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-11T18:56:43+00:00

I am new at PHP and I created a login/registration area. All is working

  • 0

I am new at PHP and I created a login/registration area. All is working quite well, but I have one thing that keeps going wrong. After a user has successfully registered, an automated email is sent with their login details: Username= X and Password= Y. All is shown in the message, except the username. How can I get that info (=data) from my mysql database in the message?

Here is the complete code:

<?php

define('INCLUDE_CHECK',true);

require 'connect.php';
require 'functions.php';
// Those two files can be included only if INCLUDE_CHECK is defined


session_name('tzLogin');
// Starting the session

session_set_cookie_params(2*7*24*60*60);
// Making the cookie live for 2 weeks

session_start();

if($_SESSION['id'] && !isset($_COOKIE['tzRemember']) && !$_SESSION['rememberMe'])
{
// If you are logged in, but you don't have the tzRemember cookie (browser restart)
// and you have not checked the rememberMe checkbox:

$_SESSION = array();
session_destroy();

// Destroy the session
}


if(isset($_GET['logoff']))
{
$_SESSION = array();
session_destroy();

header("Location: default.php");
exit;
}

if($_POST['submit']=='Login')
{
// Checking whether the Login form has been submitted

$err = array();
// Will hold our errors


if(!$_POST['username'] || !$_POST['password'])
$err[] = 'All the fields must be filled in!';

if(!count($err))
{
$_POST['username'] = mysql_real_escape_string($_POST['username']);
$_POST['password'] = mysql_real_escape_string($_POST['password']);
$_POST['rememberMe'] = (int)$_POST['rememberMe'];

// Escaping all input data

$row = mysql_fetch_assoc(mysql_query("SELECT id,usr FROM tz_members WHERE usr='{$_POST['username']}' AND pass='".md5($_POST['password'])."'"));

if($row['usr'])
{
// If everything is OK login

$_SESSION['usr']=$row['usr'];
$_SESSION['id'] = $row['id'];
$_SESSION['rememberMe'] = $_POST['rememberMe'];

// Store some data in the session

setcookie('tzRemember',$_POST['rememberMe']);
}
else $err[]='Wrong username and/or password!';
}

if($err)
$_SESSION['msg']['login-err'] = implode('<br />',$err);
// Save the error messages in the session

header("Location: default.php");
exit;
}
else if($_POST['submit']=='Register')
{
// If the Register form has been submitted

$err = array();

if(strlen($_POST['username'])<4 || strlen($_POST['username'])>32)
{
$err[]='Your username must be between 3 and 32 characters!';
}

if(preg_match('/[^a-z0-9\-\_\.]+/i',$_POST['username']))
{
$err[]='Your username contains invalid characters!';
}

if(!checkEmail($_POST['email']))
{
$err[]='Your email is not valid!';
}

if(!count($err))
{
// If there are no errors

$pass = substr(md5($_SERVER['REMOTE_ADDR'].microtime().rand(1,100000)),0,6);
// Generate a random password

$_POST['email'] = mysql_real_escape_string($_POST['email']);
$_POST['username'] = mysql_real_escape_string($_POST['username']);
// Escape the input data


mysql_query("   INSERT INTO tz_members(usr,pass,email,regIP,dt)
VALUES(

'".$_POST['username']."',
'".md5($pass)."',
'".$_POST['email']."',
'".$_SERVER['REMOTE_ADDR']."',
NOW()

)");

//The message
$message =
"Hello, \n
Thank you for registering with us. \n
Here are your login details: \n

Username: ??? <--this is where I want the code for getting username \n
Password: $pass \n

Thank You

Administrator
www.***.com
______________________________________________________
THIS IS AN AUTOMATED RESPONSE. 
***DO NOT RESPOND TO THIS EMAIL****";

if(mysql_affected_rows($link)==1)
{
send_mail(  'admin@***.com',
$_POST['email'],
'Registration System - Your New Password',
$message);

$_SESSION['msg']['reg-success']='We sent you an email with your new password!';
}
else $err[]='This username is already taken!';
}

if(count($err))
{
$_SESSION['msg']['reg-err'] = implode('<br />',$err);
}   

header("Location: default.php");
exit;
}

Many thanks.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Well, even tho its not clear how you are accessing your database, the simplest way would be to query the information you need, using a select statement.

    //use a prepare statement for added security, and to prevent sql injection
if ($select_stmt = $mysqli->prepare("SELECT username, password FROM users WHERE email = ?")) 
{
  $select_stmt->bind_param("s", $email); //this is the email from our user
  $select_stmt->execute();
  $select_stmt->store_result();

  //if the query yield any result (thats to say the email is from a valid user)
  if ($select_stmt->num_rows() > 0) 
  {
     $select_stmt->bind_result($username,$password);
     $select_stmt->fetch();
  }
}

    Now you can use the values from the database stored on the variable as follows:

    $message = "Hello, \n Thank you for registering with us. \n Here are your login details: \n

Username:  $username \n
Password: $password \n

Thank You

Administrator
www.***.com
_____________________________________________________
THIS IS AN AUTOMATED RESPONSE. 
***DO NOT RESPOND TO THIS EMAIL****";

    Hope this is what you are looking for, and that you may learn even more in this journey.

    EDIT

    Well now that you posted the full code its even easier
    just do the following:

    $username = $_POST['username'];
$message = "Hello, \n Thank you for registering with us. \n Here are your login details: \n

Username:  $username \n
Password: $password \n

Thank You

Administrator
www.***.com
_____________________________________________________
THIS IS AN AUTOMATED RESPONSE. 
***DO NOT RESPOND TO THIS EMAIL****";
    • 0