verify email address by clicking on email link

Question

i am trying to set up a email verification form when someone registers on the form a link is emailed to their email address that the user clicks on and it actives their account.

I have the email verification working but for some reason its not showing the echo $realname;

<?php error_reporting(E_ALL); ini_set('display_errors', 1);?>
<?php include("includes/header.php"); ?>
<?php include("includes/menu.php"); ?>
<?php include("includes/connect.php"); ?>

<?php 
     $email = $_GET['email']; 

//check if email is empty
if (isset($email)){
    //check if email has account

    $sql="SELECT * FROM `apply` WHERE email = '$email'";

    $result=mysqli_query($sql);

    $row=mysqli_fetch_array($result);

    $realname   =$row['real_name'];
    $address    =$row['address'];
    $telephone  =$row['telephone'];
    $email      =$row['email'];

    echo $realname;     

}else{
    echo "email problem";
}
?>

Your code is vulnerable to [**SQL injection attacks**](https://en.wikipedia.org/wiki/SQL_injection). You should use [**mysqli**](https://secure.php.net/manual/en/mysqli.prepare.php) or [**PDO**](https://secure.php.net/manual/en/pdo.prepared-statements.php) prepared statements with bound parameters as described in [**this post**](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php). — Alex Howansky, Apr 26 '17 at 15:11
Stop using the `mysql_*` functions. They have been deprecated since v5.5 (Jun 2013) and removed since v7.0 (Dec 2015). Instead use the [**mysqli_***](https://secure.php.net/manual/en/book.mysqli.php) or [**PDO**](https://secure.php.net/manual/en/book.pdo.php) functions with [**prepared statements**](https://secure.php.net/manual/en/pdo.prepare.php) and [**bound parameters**](https://secure.php.net/manual/en/pdostatement.bindparam.php). — Alex Howansky, Apr 26 '17 at 15:12
When you ask a question about an error **ALWAYS** include the **error log**. Add `error_reporting(E_ALL); ini_set('display_errors', 1);` at the top of your `php` script, what does it return? — Pedro Lobito, Apr 26 '17 at 15:13
Is there an error? Is the variable blank or does it toss a fatal error? — Andrew Rayner, Apr 26 '17 at 15:14
The page displays blank except the header and the email problem shows when i run the page without the email — Derek Kennedy, Apr 26 '17 at 15:18
Add [error reporting](http://stackoverflow.com/questions/845021/how-to-get-useful-error-messages-in-php/845025#845025) to the top of your file(s) _while testing_ right after your opening PHP tag for example ` — RiggsFolly, Apr 26 '17 at 15:19
Fatal error: Uncaught Error: Call to undefined function mysql_query() in /storage/h10/399/1431399/public_html/verify.php:15 Stack trace: #0 {main} thrown in /storage/h10/399/1431399/public_html/verify.php on line 15 — Derek Kennedy, Apr 26 '17 at 15:21
And edit your question to add additional information to it, noone can read code or errors in comments — RiggsFolly, Apr 26 '17 at 15:24
If you are using **PHP7** the `mysql_` database extension has been removed. ___Gone forever___ So you will have to learn the `mysqli_` or `PDO` database extension! — RiggsFolly, Apr 26 '17 at 15:30
ive inserted the new code above and the new errors are now Warning: mysqli_query() expects at least 2 parameters, 1 given in /storage/h10/399/1431399/public_html/verify.php on line 15 Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, null given in /storage/h10/399/1431399/public_html/verify.php on line 17 — Derek Kennedy, Apr 26 '17 at 15:34
@DerekKennedy — (1) Don't completely rewrite your question when you get an answer but then encounter a different problem when trying to implement that answer. You could ask a *new* question **but** (2) There are many duplicates of your new question. Type the error message into Google. — Quentin, Apr 26 '17 at 15:35

verify email address by clicking on email link

0 Answers0