I've installed . . . like 20 hacks on my forums if not more and the email verification system won't work! If a new person wants to regsiter, he fills the form, it's all good, he gets the email notification, he clicks the link to verify it, but he can't login in! it says his password is wrong. I'm thinking somewhere along the lines of something being wrong with register.php in the last part of the file so someone PLEASE PLEASE PLEASE help me because after this, it'll be the end of my blasted problems! Also, i don't really wanna replace it with a unhacked register.php because all that stuff i've hacked into it won't work and only god knows how many i had in their, i definitely don't remember them all.

Btw: I posted this at vbulletin.com and they told me to come down here cause my forums hacked.

This is the last part of register.php that i currently have:

// ############################### start activate form ###############################
if ($a=="ver") {
// get username and password
if ($bbuserinfo[userid]==0) {
$bbuserinfo[username]="";
}
eval("dooutput(\"".gettemplate("activateform")."\");");
}

// ############################### start activate ###############################
if ($action=="activate") {
if ($userinfo=$DB_site->query_first("SELECT userid FROM user WHERE username='".addslashes(htmlspecialchars($username))."'")) {

$u=$userinfo[userid];
$a="act";
$i=$activateid;
} else {
eval("standarderror(\"".gettemplate("error_wrongusername")."\");");
}
}
if ($a=="act") {
// do activate account
$u = intval($u);

$userinfo=verifyid("user",$u,1,1);

if ($userinfo[usergroupid]==3) {
$user=$DB_site->query_first("SELECT activationid FROM useractivation WHERE userid='$userinfo[userid]' AND type=0");
if ($i!=$user[activationid]) {
// send email again
eval("standarderror(\"".gettemplate("error_invalidactivateid")."\");");
exit;
}

// delete activationid
$DB_site->query("DELETE FROM useractivation WHERE userid='$userinfo[userid]' AND type=0");

if ($userinfo[coppauser] or ($moderatenewmembers and !$bbuserinfo['posts'])) {

// put user in moderated group
$DB_site->query("UPDATE user SET usergroupid=4 WHERE userid='$u'");

eval("standarderror(\"".gettemplate("error_moderateuser")."\");");
} else {
// activate account
$DB_site->query("UPDATE user SET usergroupid=2 WHERE userid='$u'");

$username=$userinfo[username];
// send default PM to new user
$originating_user = 1;
$PM_file = "admin/default_pm.txt";
$fp = fopen($PM_file, 'r');
$PM_title = str_replace ('$username', $username, fgets($fp, 4096));
$PM_content = str_replace ('$username',$username,fread($fp, filesize ($PM_file)));

$DB_site->query("INSERT INTO privatemessage (privatemessageid,userid,touserid,fromuserid,title ,message,dateline,messageread, folderid) VALUES (NULL,$u,$u,$originating_user,'".addslashes(htmlspecialchars($PM_title))."','".a ddslashes($PM_content)."',".time().",0,0)");
// send default PM to new user
eval("standarderror(\"".gettemplate("error_activatedthanks")."\");");
}
} else {
if ($userinfo[usergroupid]==4) {
// In Moderation Queue
eval("standarderror(\"".gettemplate("error_activate_moderation")."\");");
exit;
} else {
// Already activated
eval("standarderror(\"".gettemplate("error_activate_wrongusergroup")."\");");
exit;
}
}

}

// ############################### start request activation email ###############################
if ($action=="requestemail") {
eval("dooutput(\"".gettemplate("activate_requestemail")."\");");
}

if ($HTTP_POST_VARS['action']=="emailcode") {
$users=$DB_site->query("SELECT user.userid,usergroupid,username,email,password,ac tivationid FROM user LEFT JOIN useractivation ON (user.userid=useractivation.userid AND type=0) WHERE email='".addslashes(htmlspecialchars($email))."'");

if ($DB_site->num_rows($users)) {

while ($user=$DB_site->fetch_array($users)) {
if ($user[usergroupid]==3) { // only do it if the user is in the correct usergroup
if ($user[activationid]=="") {
// generate new one!
// delete old activation id
$DB_site->query("DELETE FROM useractivation WHERE userid='$user[userid]' AND type=0");

// make random number
mt_srand ((double) microtime() * 1000000);
$user[activationid]=mt_rand(0,100000000);

//save to DB
$DB_site->query("INSERT INTO useractivation VALUES (NULL,'$user[userid]','".time()."','$user[activationid]',0)");
}

$userid=$user[userid];
$username=$user[username];
$password=$user[password];
$activateid=$user[activationid];

eval("\$message = \"".gettemplate("email_activateaccount",1,0)."\";");
eval("\$subject = \"".gettemplate("emailsubject_activateaccount",1,0)."\";");

mail ($user[email],$subject,$message,"From: \"$bbtitle Mailer\" <$webmasteremail>");
}
}
$url=urldecode($url);
if ($url=="") {
$url="index.php?s=$session[sessionhash]";
}

$url = str_replace("\"", "", $url);
eval("standardredirect(\"".gettemplate("redirect_lostactivatecode")."\",\"$url\" );");
} else {
eval("standarderror(\"".gettemplate("error_invalidemail")."\");");
}

}

// ############################### start coppa form ###############################
if ($action=="coppaform") {
if ($bbuserinfo[userid]!=0) {

$bbuserinfo[signature]=nl2br($bbuserinfo[signature]);

if ($bbuserinfo[showemail]) {
$bbuserinfo[showemail]="no";
} else {
$bbuserinfo[showemail]="yes";
}

} else {
$bbuserinfo[username]="";
$bbuserinfo[homepage]="http://";

}

eval("dooutput(\"".gettemplate("coppaform")."\");");

}

?>

You're not supposed to post vB files. You should delete that.

umm . . i guess . .but where would i post my problem then?