1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Make A Quick $10 Via Paypal (PHP)

Discussion in 'Hire a Freelancer' started by unknown00, Feb 17, 2014.

Tags:
  1. unknown00

    unknown00 Regular Member

    Joined:
    Jun 6, 2009
    Messages:
    212
    Likes Received:
    74
    i bought a script that was not well developed. It does not send a confirmation email upon sign up and i need this feature, below is what seems like the signup code.
    Is there any way to add some php coding to this so it auto sends a confirmation upon join?? I would like for it to include a subject & message. I will paypal $10 to whoever can provide me with the missing code

    Code:
    <?phprequire_once '../config.php';
    
    
    if(!isset($_POST['sb_signup'])) die('No direct request to signup page please use the form on Signup Page');
    
    
    //initialize users class
    if(!$usersObject) {
        $usersObject = new Users();
    }
    
    
    
    
    //prepare data to be inserted
    unset($_POST['sb_signup']);
    
    
    foreach ($_POST as $key => $value) {
        $_POST[$key] = $db->escape(trim(strip_tags($value)));
    }
    
    
    //validate info
    foreach($_POST as $key => $value) {
        if(empty($value)) {
            printf("<span class=alert alert-warning><strong>%s</strong> - emtpy field</span>", $key);
            exit;
        }
    }
    
    
    $_POST['password'] = md5($_POST['password']);
    
    
    //check if already existing email/username and insert the new user
    
    
    if($db->get_row("SELECT * FROM users WHERE email = '".$_POST['email']."'")) 
    {
        printf('<span class="alert alert-error">'.translate('email_exists').'</div>', $_POST['email']);
    }else{
        if($usersObject->add($_POST)) {
            $_SESSION['userID'] = $db->insert_id;
            printf('<span class="alert alert-success">'.translate('logged_in').' as <strong>%s</strong>.</div>', $_POST['email']);
        }else{
            print '<span class="alert alert-warning">MySQL Error occurred.</div>';
        }   
    }
    
    
    
     
  2. ttrox

    ttrox Regular Member

    Joined:
    Jun 28, 2013
    Messages:
    217
    Likes Received:
    75
    Here you go:

    PHP:

    <?phprequire_once '../config.php';


    if(!isset($_POST['sb_signup'])) die('No direct request to signup page please use the form on Signup Page');


    //initialize users class
    if(!$usersObject) {
        $usersObject = new Users();
    }




    //prepare data to be inserted
    unset($_POST['sb_signup']);


    foreach ($_POST as $key => $value) {
        $_POST[$key] = $db->escape(trim(strip_tags($value)));
    }


    //validate info
    foreach($_POST as $key => $value) {
        if(empty($value)) {
            printf("<span class=alert alert-warning><strong>%s</strong> - emtpy field</span>", $key);
            exit;
        }
    }


    $_POST['password'] = md5($_POST['password']);


    //check if already existing email/username and insert the new user


    if($db->get_row("SELECT * FROM users WHERE email = '".$_POST['email']."'")) 
    {
        printf('<span class="alert alert-error">'.translate('email_exists').'</div>', $_POST['email']);
    }else{
        if($usersObject->add($_POST)) {
            $_SESSION['userID'] = $db->insert_id;
            printf('<span class="alert alert-success">'.translate('logged_in').' as <strong>%s</strong>.</div>', $_POST['email']);
    $subject = 'Registration succesfull';
    $message = 'You have registered successfully';
    $headers = 'From: webmaster@mysite.com' . "\r\n" .
        'Reply-To: webmaster@mysite.com' . "\r\n" .
        'X-Mailer: PHP/' . phpversion();

    mail($_POST['email'], $subject, $message, $headers);  
    }else{
            print '<span class="alert alert-warning">MySQL Error occurred.</div>';
        }   
    }


    note: change the $message, $headers mail and $subject according to what you want.
     
    • Thanks Thanks x 1
  3. cyrix

    cyrix Junior Member

    Joined:
    Sep 19, 2008
    Messages:
    179
    Likes Received:
    61
    Occupation:
    Full Time Internet Marketer\Developer
    Location:
    United States
    Just wanted to let you know that your code is vulnerable to SQL injection attacks.

    To fix it change this line:

    Code:
    if($db->get_row("SELECT * FROM users WHERE email = '".$_POST['email']."'"))
    to this:

    Code:
    if($db->get_row("SELECT * FROM users WHERE email = '" . mysql_real_escape_string($_POST['email']) . "'"))
     
    • Thanks Thanks x 1
  4. artizhay

    artizhay BANNED BANNED

    Joined:
    Nov 21, 2010
    Messages:
    1,867
    Likes Received:
    1,335
    This should be done in the User class, not this file.
     
    • Thanks Thanks x 1
  5. unknown00

    unknown00 Regular Member

    Joined:
    Jun 6, 2009
    Messages:
    212
    Likes Received:
    74
    its working..... inbox me your paypal ttrox
     
    Last edited: Feb 17, 2014
  6. artizhay

    artizhay BANNED BANNED

    Joined:
    Nov 21, 2010
    Messages:
    1,867
    Likes Received:
    1,335
    You could actually just copy one of the existing mailing functions like reset_email() and call it something like join_email, then modify it to your needs. Then in the add() function, you'd call $this->join_email().