-
Notifications
You must be signed in to change notification settings - Fork 107
/
verify.php
70 lines (57 loc) · 1.92 KB
/
verify.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<?php
/*
* Paste <https://github.com/jordansamuel/PASTE>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 3
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License in GPL.txt for more details.
*/
require_once('config.php');
// Database Connection
$con = mysqli_connect($dbhost, $dbuser, $dbpassword, $dbname);
if (mysqli_connect_errno()) {
die("Unable connect to database");
}
$username = htmlentities(trim($_GET['username']));
$code = htmlentities(trim($_GET['code']));
$query = "SELECT email_id, verified FROM users WHERE username=?";
if ($stmt = mysqli_prepare($con, $query)) {
mysqli_stmt_bind_param($stmt, "s", $username);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
if ( mysqli_stmt_num_rows($stmt) > 0 ) {
mysqli_stmt_bind_result($stmt, $db_email_id, $db_verified);
while (mysqli_stmt_fetch($stmt)) {
if ($db_verified == '1') {
die("Account already verified.");
}
$ver_code = Md5('4et4$55765' . $db_email_id . 'd94ereg');
if ($ver_code == $code) {
// Code okay - let's say the user is verified
$query = "UPDATE users SET verified='1' WHERE username=?";
$stmt = mysqli_prepare($con, $query);
mysqli_stmt_bind_param($stmt, "s", $username);
mysqli_stmt_execute($stmt);
if (mysqli_stmt_errno($stmt)) {
$error = "Something went wrong.";
} else {
header("Location: login.php?login");
exit();
}
} else {
die("Invalid verification code.");
}
}
} else {
die("Username not found.");
}
mysqli_stmt_close($stmt);
} else {
die('Things went terribly wrong.');
}