My Website Keep Listening On HTTP Error 500

Hello! Iam Having Problem In My Website: https://growweeb.xyz/ It keeps listening on a problem HTTP Error 500 When I Upload This File: controllerUserData.php Which Controls all login form, etc.

I tried Changing The .htaccess or Php version but the problem was this file and its code:

<?php 

use PHPMailer\PHPMailer\PHPMailer;

require_once 'phpmailer/Exception.php';
require_once 'phpmailer/PHPMailer.php';
require_once 'phpmailer/SMTP.php';

$mail = new PHPMailer(true);

$alert = '';

session_start();
require "connection.php";
$cpassword = "";
$password = "";
$email = "";
$name = "";
$errors = array();

//if user signup button
if(isset($_POST['signup'])){
    $name = mysqli_real_escape_string($conn, $_POST['username']);
    $email = mysqli_real_escape_string($conn, $_POST['email']);
    $password = mysqli_real_escape_string($conn, $_POST['password']);
    $cpassword = mysqli_real_escape_string($conn, $_POST['cpassword']);
    if($password !== $cpassword){
        $errors['password'] = "Confirm password not matched!";
    }
    $name_check = "SELECT * FROM usertable WHERE name = '$name'";
    $res = mysqli_query($conn, $name_check);
    if(mysqli_num_rows($res) > 0){
        $errors['username'] = "username that you have entered is already exist!";
    }
    if(count($errors) === 0){
        $encpass = password_hash($password, PASSWORD_BCRYPT);
        $code = rand(999999, 111111);
        $status = "notverified";
        $insert_data = "INSERT INTO usertable (name, email, password, code, status)
                        values('$name', '$email', '$encpass', '$code', '$status')";
        $data_check = mysqli_query($conn, $insert_data);
        if($data_check){
            $info = "We've sent a verification code to your email - $email";
            $mail->isSMTP();
            $mail->Host = 'ursmtpserver';
            $mail->SMTPAuth = true;
            $mail->Username = 'urgmail'; // Gmail address which you want to use as SMTP server
            $mail->Password = 'urpass'; // Gmail address Password
            $mail->SMTPSecure = 'ssl';
            $mail->Port = '465';
        
            $mail->setFrom('ur gmail'); // Gmail address which you used as SMTP server
            $mail->addAddress("$email"); // Email address where you want to receive emails (you can use any of your gmail address including the gmail address which you used as SMTP server)
        
            $mail->isHTML(true);
            $mail->Subject = 'OTP Received from ur website';
            $mail->Body = "<h3>Hello $email You Just Received An OTP: $code<br><br>If You Didn't Request This Please immediately Contact us so we can remove you to our database!</h3>";

            $_SESSION['info'] = $info;
            $_SESSION['username'] = $name;
            $_SESSION['password'] = $password;
            $mail->send();
            header('Location: /UserOtp');
            exit();
          } else {
            $errors['otp-error'] = "Failed while sending code!";
          }
    } else {
        $errors['db-error'] = "Failed while inserting data into database!";
    }
}
    //if user click verification code submit button
    if(isset($_POST['check'])){
        $_SESSION['info'] = "";
        $otp_code = mysqli_real_escape_string($conn, $_POST['otp']);
        $check_code = "SELECT * FROM usertable WHERE code = $otp_code";
        $code_res = mysqli_query($conn, $check_code);
        if(mysqli_num_rows($code_res) > 0){
            $fetch_data = mysqli_fetch_assoc($code_res);
            $fetch_code = $fetch_data['code'];
            $name = $fetch_data['name'];
            $code = 0;
            $status = 'verified';
            $update_otp = "UPDATE usertable SET code = $code, status = '$status' WHERE code = $fetch_code";
            $update_res = mysqli_query($conn, $update_otp);
            if($update_res){
                $_SESSION['name'] = $name;
                $_SESSION['email'] = $email;
                header('Location: /');
                exit();
            }else{
                $errors['otp-error'] = "Failed while updating code!";
            }
        }else{
            $errors['otp-error'] = "You've entered incorrect code!";
        }
    }

    //if user click login button
    if(isset($_POST['login'])){
        $name = mysqli_real_escape_string($conn, $_POST['username']);
        $password = mysqli_real_escape_string($conn, $_POST['password']);
        $name_check = "SELECT * FROM usertable WHERE name = '$name'";
        $res = mysqli_query($conn, $name_check);
        if(mysqli_num_rows($res) > 0){
            $fetch = mysqli_fetch_assoc($res);
            $fetch_pass = $fetch['password'];
            if(password_verify($password, $fetch_pass)){
                $_SESSION['username'] = $name;
                $status = $fetch['status'];
                if($status == 'verified'){
                  $_SESSION['username'] = $name;
                  $_SESSION['password'] = $password;
                    header('Location: /');
                }else{
                    $info = "It's look like you haven't still verify your Email. Please Check ur email.";
                    $mail->isSMTP();
                    $mail->Host = 'urstmpserver';
                    $mail->SMTPAuth = true;
                    $mail->Username = 'urgmail'; // Gmail address which you want to use as SMTP server
                    $mail->Password = 'urpass'; // Gmail address Password
                    $mail->SMTPSecure = 'ssl';
                    $mail->Port = '465';
                
                    $mail->setFrom('urgmail'); // Gmail address which you used as SMTP server
                    $mail->addAddress("$email"); // Email address where you want to receive emails (you can use any of your gmail address including the gmail address which you used as SMTP server)
                
                    $mail->isHTML(true);
                    $mail->Subject = 'Signup Confirmation OTP Received from ur website';
                    $mail->Body = "<h3>Hello $email You Just Received An OTP: $code<br><br>If You Didn't Request This Please immediately Contact us so we can remove you to our database!</h3>";
        
                    $_SESSION['info'] = $info;
                    $mail->send();
                    header('Location: /UserOtp?success');
                    exit();
                }
            }else{
                $errors['username'] = "Incorrect username or password!";
            }
        }else{
            $errors['username'] = "It's look like you're not yet a member! Click on the bottom link to signup.";
        }
    }

    //if user click continue button in forgot password form
    if(isset($_POST['check-email'])){
        $email = mysqli_real_escape_string($conn, $_POST['email']);
        $check_email = "SELECT * FROM usertable WHERE email='$email'";
        $run_sql = mysqli_query($conn, $check_email);
        if(mysqli_num_rows($run_sql) > 0){
            $code = rand(999999, 111111);
            $insert_code = "UPDATE usertable SET code = $code WHERE email = '$email'";
            $run_query =  mysqli_query($conn, $insert_code);
            if($run_query){
                $info = "We've sent a password reset otp to your email - $email";
                $mail->isSMTP();
                $mail->Host = 'gmail smtp server, etc';
                $mail->SMTPAuth = true;
                $mail->Username = 'urgmail'; // Gmail address which you want to use as SMTP server
                $mail->Password = 'yourpass'; // Gmail address Password
                $mail->SMTPSecure = 'ssl';
                $mail->Port = '465';
            
                $mail->setFrom('ur gmail'); // Gmail address which you used as SMTP server
                $mail->addAddress("$email"); // Email address where you want to receive emails (you can use any of your gmail address including the gmail address which you used as SMTP server)
            
                $mail->isHTML(true);
                $mail->Subject = 'Reset Password OTP Received from ur website';
                $mail->Body = "<h3>Hello $email You Just Received An Reset Password OTP: $code<br><br>If You Didn't Request This Please immediately Contact us so we can remove you to our database!</h3>";
    
                $_SESSION['info'] = $info;
                $_SESSION['email'] = $email;
                $mail->send();
                header('Location: /ResetCode?success');
                exit();
            } else {
                $errors['otp-error'] = "Failed while sending code!";
            }
        } else {
            $errors['email'] = "This Email Doesn't Exists!";
        }
    }

    //if user click check reset otp button
    if(isset($_POST['check-reset-otp'])){
        $_SESSION['info'] = "";
        $otp_code = mysqli_real_escape_string($conn, $_POST['otp']);
        $check_code = "SELECT * FROM usertable WHERE code = $otp_code";
        $code_res = mysqli_query($conn, $check_code);
        if(mysqli_num_rows($code_res) > 0){
            $fetch_data = mysqli_fetch_assoc($code_res);
            $email = $fetch_data['email'];
            $_SESSION['email'] = $email;
            $info = "Please create a new password that you don't use on any other site.";
            $_SESSION['info'] = $info;
            header('Location: /NewPassword?success');
            exit();
        }else{
            $errors['otp-error'] = "You've entered incorrect code!";
        }
    }

    //if user click change password button
    if(isset($_POST['change-password'])){
        $_SESSION['info'] = "";
        $password = mysqli_real_escape_string($conn, $_POST['password']);
        $cpassword = mysqli_real_escape_string($conn, $_POST['cpassword']);
        if($password !== $cpassword){
            $errors['password'] = "Confirm password not matched!";
        }else{
            $code = 0;
            $name = $_SESSION['name'];
            $encpass = password_hash($password, PASSWORD_BCRYPT);
            $update_pass = "UPDATE usertable SET code = $code, password = '$encpass' WHERE name = '$name'";
            $run_query = mysqli_query($conn, $update_pass);
            if($run_query){
                $info = "Your password changed. Now you can login with your new password.";
                $_SESSION['info'] = $info;
                header('Location: /PasswordChanged?success');
            }else{
                $errors['db-error'] = "Failed to change your password!";
            }
        }
    }
    
   //if login now button click
    if(isset($_POST['login-now'])){
        header('Location: /Login?successResetPassword');
    }
?>

The

$mail->addAddress("$email"); is where the user gets otp from my business mail: [email protected]

And Its now This

Its now working!

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.