http://www.prise.tk/activate.php?x=roshnihi%40gmail.com&y=a588e697aac7814486ef589242ac8dbb
以上是我的激活網址,它被髮送給正在嘗試註冊的新用戶。但是在我的activate.php
代碼中,x和y的值沒有被$_GET
獲取。
下面是從我的代碼片段:
//Validate $_GET['x'] & $_GET['y']
$x = $y = FALSE;
if(isset($_GET['x']) && preg_match('/^[\w.-][email protected][\w.-]+\.[A-Za-z]{2,6}&/', $_GET['x'])){
$x = $_GET['x'];
}
if(isset($_GET['y']) && (strlen($_GET['y']) == 32)){
$y = $_GET['y'];
}
if($x && $y){ //Update Database
echo 'connected';
require('../db.php');
$q = "UPDATE dealers SET active=NULL WHERE (email='". mysqli_real_escape_string($handle, $x) . "' AND active='" . mysqli_real_escape_string($handle, $y) . "') LIMIT 1";
$r = mysqli_query($handle, $q) or trigger_error("Query : $q\n<br>MySql Error:" . mysqli_error($handle));
if (mysqli_affected_rows($handle) == 1){
echo "<h3> Your account is now active. You may now log in.</h3>";
}
AND below is my register.php code:
$a = md5(uniqid(rand(),true)); // Create activation code
$q = "INSERT INTO dealers (fname, lname, email, password, address, pincode, active) VALUES ('$fn','$ln','$e','$p','$add','$pin','$a')";
$r = mysqli_query ($handle,$q) or trigger_error("Query : $q\n<br>MySql Error:" . mysqli_error($handle)); //Run the query
if(mysqli_affected_rows($handle) == 1){ // if query ran ok
// Send Mail
$body = "Thankyou for registering. To activate, please click on the link:\n\n";
$body .= BASE_URL . 'activate.php?x='. urlencode($e) . "&y=$a" ;
mail($trimmed['email'], 'Registration Confirmation', $body, 'From: [email protected]');
解碼$ _GET ['x'],然後使用preg匹配... preg匹配返回false,因爲電子郵件ID是編碼且不包含@ –
請問您能否給我準確的代碼語法? @MASIDDIQUI –
將pregmatch改爲:'preg_match('/^[\ w .-] + @ [\ w .-] + \。[A-Za-z] {2,6}&/,urldecode($ GET ['x']))' –