$hash = substr(md5(time()), 0, 10); $user_id = mysql_insert_id($conn); //put confirm code in the database $query = "INSERT INTO email_registration SET user_id=" . $user_id . ", registration_code='{$hash}'"; print "\n\r\n\r" . $query; $result = mysql_query($query) or die(mysql_error()); //send email $emailbody = "Hi {$name}, please go to friendface/confirm_registration.php?reg_id={$hash}"; $headers = 'From: registration@git.huntlycameron.co.uk' . "\r\n" . 'Reply-To: huntly@huntlycameron.co.uk' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($email, "Confirm FriendFace Registration", $emailbody); mysql_close($conn); header("Location: ../login.php?reg=success"); } } else { print "Error, username taken \n"; mysql_close($conn); returnWithError("usernametaken"); } } else { print "There has been an error."; } } else { print "Error, post vars not there \n"; returnWithError("postvars"); } function returnWithError($error) { print "Redirecting with error, \n"; header("Location: ../register.php?error={$error}"); exit; }
<?php include_once 'sessioncheck.php'; if (isset($_GET['id'])) { include_once '../objects/AuthorisedUser.php'; $user = unserialize($_SESSION['user']); $success = $user->sendFriendRequest($_GET['id']); if ($success) { header("Location: ../users.php?success=true"); } else { returnWithError("db"); } } else { returnWithError("error"); } function returnWithError($errorMsg) { header("Location: ../users.php?error={$errorMsg}"); }