Resend Password not working with Email Validation

[jedigunz]

Hello Community maybe you can help or maybe I've overlooked something

So i have an email validation mod that was working fine but i've tried to add this reset password mod alongside it Link Below

http://makewebgames.io/showthre...orget+password

the verification email sends fine but im getting this error when it goes to validate.php ,. Sorry the email is invalid ,..

ill describe what i've done below and provide some images to show what i mean. Screens below and a walkthrough of what I've done.

 

Validate Change I added --- ('{$_POST['squestion']}'), ---- & --- squestion, ----

$db->query("INSERT INTO users (username, login_name, userpass, squestion, level, money, crystals, donatordays, user_level, energy, maxenergy, will, maxwill, brave, maxbrave, hp, maxhp, location, gender, signedup, email, bankmoney, lastip, lastip_signup) VALUES( '{$username}', '{$username}', md5('{$_POST['password']}'), ('{$_POST['squestion']}'), 1, $sm, 0, 0, 1, 12, 12, 100, 100, 5, 5, 100, 100, 1, '{$_POST['gender']}', unix_timestamp(), '{$_POST['email']}', -1, '$IP', '$IP')");
$i=$db->insert_id();

 

 

also added into validate.php & register.php

function QuestionMatch()
{
sqt1=document.getElementById('sq1').value;
sqt2=document.getElementById('sq2').value;
if(sqt1 == sqt2)
{
document.getElementById('squestionresult').innerHTML="<font color='green'>OK</font>";
}
else
{
document.getElementById('squestionresult').innerHTML="<font color='red'>Not Matching</font>";
}
}

also added into validate.php & register.php

<tr>
<td>Favourite Colour</td>

<td><input type=text id='sq1' name=squestion onkeyup='QuestionMatch();'></td>
<td>For Password Reset</td>
 </tr>
 <tr>
<td>Confirm Favourite Colour</td>
<td><input type=text name=csquestion id='sq2' onkeyup='QuestionMatch();'></td>
<td><div id='squestionresult'></div></td>
 </tr>
<tr>

 

 

Okay now lets move onto what I've changed in the register ,. added -- '{$_POST['squestion']}' , ---

 

$db->query("INSERT INTO validating VALUES ( '$key' , '$username' , '{$_POST['password']}' , '{$_POST['squestion']}' , '{$_POST['email']}', '{$_POST['promo']}', '{$_POST['gender']}', '{$_POST['ref']}')", $c);

 

 

Added this to the email section of the register.php

Username: $username
Password: {$_POST['password']}
Favourite Colour: {$_POST['squestion']}

 

 

added this below the password section of the register.php

else if($_POST['squestion'] != $_POST['csquestion'])
{
print "<h1>ERROR! The Questions Dont Match</h1>

>Back";
}

 

 

SQL's Added,.

ALTER TABLE `users` ADD `squestion` VARCHAR( 255 ) NOT NULL ;

ALTER TABLE `validating` ADD `squestion` VARCHAR( 255 ) NOT NULL ;

Edited January 12, 2016 by jedigunz

[NonStopCoding]

I did noticed you never escaped your question also the error is in validate.php can you post that file or 5 lines above and 5 lines below the error please

[jedigunz]

I did noticed you never escaped your question also the error is in validate.php can you post that file or 5 lines above and 5 lines below the error please

 

sure ,.. to be honest this part of this script has not been touched and was working fine before the resend password mod was added,.

 

if(file_exists('ipbans/'.$IP))
{
die("<b><font color=red size=+1>Your IP has been banned, there is no way around this.</font></b></body></html>");
}
if($_POST['username'])
{
if(!valid_email($_POST['email']))
{
die("<font color='white'>Sorry, the email is invalid.<br />
><a href='register.php'<font color='white'>>Back</a>");
}
if(strlen($_POST['username']) < 4)
{
die("<font color='white'>Sorry, the username is too short.<br />
><a href='register.php'><font color='white'>Back</a>");
}
$sm=100;

 

 

and im not sure if this was neccesary in the SQL,. i just added it myself you can refer to the resend mod in the link at the top of the page and see what i've added differently to what they have said,. maybe i've added something i didnt need im not sure ,...

ALTER TABLE `validating` ADD `squestion` VARCHAR( 255 ) NOT NULL ;