forked from scratch/seasonwatch
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathactivate.php
128 lines (119 loc) · 4.68 KB
/
activate.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
<?
include 'dbc.php';
/******** EMAIL ACTIVATION LINK**********************/
if(isset($_GET['user']) && !empty($_GET['activ_code']) && !empty($_GET['user']) ) {
$user = mysql_real_escape_string($_GET['user']);
$activ = mysql_real_escape_string($_GET['activ_code']);
//check if activ code and user is valid
$rs_check = mysql_query("select id from users where md5_id='$user' and activation_code='$activ'") or die (mysql_error());
$num = mysql_num_rows($rs_check);
// Match row found with more than 1 results - the user is authenticated.
if ( $num <= 0 ) {
$msg = urlencode("Sorry no such account exists or activation code invalid.");
header("Location: activate.php?msg=$msg");
exit();
}
// set the approved field to 1 to activate the account
$rs_activ = mysql_query("update users set approved='1' WHERE
md5_id='$user' AND activation_code = '$activ' ") or die(mysql_error());
$msg = urlencode("Thank you. Your account has been activated.");
header("Location: activate.php?done=1&msg=$msg");
exit();
}
/******************* ACTIVATION BY FORM**************************/
if ($_POST['doActivate']=='Activate')
{
$user_email = mysql_real_escape_string($_POST['user_email']);
$activ = mysql_real_escape_string($_POST['activ_code']);
//check if activ code and user is valid as precaution
$rs_check = mysql_query("select id from users where user_email='$user_email' and activation_code='$activ'") or die (mysql_error());
$num = mysql_num_rows($rs_check);
// Match row found with more than 1 results - the user is authenticated.
if ( $num <= 0 ) {
$msg = urlencode("Sorry no such account exists or activation code invalid.");
header("Location: activate.php?msg=$msg");
exit();
}
//set approved field to 1 to activate the user
$rs_activ = mysql_query("update users set approved='1' WHERE
user_email='$user_email' AND activation_code = '$activ' ") or die(mysql_error());
$msg = urlencode("Thank you. Your account has been activated.");
header("Location: activate.php?msg=$msg");
exit();
}
?>
<html>
<head>
<title>User Account Activation</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="JavaScript" type="text/javascript" src="js/jquery-1.3.2.min.js"></script>
<script language="JavaScript" type="text/javascript" src="js/jquery.validate.js"></script>
<script>
$(document).ready(function(){
$("#actForm").validate();
});
</script>
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
<body>
<table width="100%" border="0" cellspacing="0" cellpadding="5" class="main">
<tr>
<td colspan="3"> </td>
</tr>
<tr>
<td width="160" valign="top"><p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p></td>
<td width="732" valign="top">
<h3 class="titlehdr">Account Activation</h3>
<p>
<?
/******************** ERROR MESSAGES*************************************************
This code is to show error messages
**************************************************************************/
if (isset($_GET['msg'])) {
$msg = mysql_real_escape_string($_GET['msg']);
echo "<div class=\"msg\">$msg</div>";
}
/******************************* END ********************************/
?>
</p>
<p>Please enter your email and activation code sent to you to your email
address to activate your account. Once your account is activated you can
<a href="login.php">login here</a>.</p>
<form action="activate.php" method="post" name="actForm" id="actForm" >
<table width="65%" border="0" cellpadding="4" cellspacing="4" class="loginform">
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td width="36%">Your Email</td>
<td width="64%"><input name="user_email" type="text" class="required email" id="txtboxn" size="25"></td>
</tr>
<tr>
<td>Activation code</td>
<td><input name="activ_code" type="password" class="required" id="txtboxn" size="25"></td>
</tr>
<tr>
<td colspan="2"> <div align="center">
<p>
<input name="doActivate" type="submit" id="doLogin3" value="Activate">
</p>
</div></td>
</tr>
</table>
<div align="center"></div>
<p align="center"> </p>
</form>
<p> </p>
<p align="left"> </p></td>
<td width="196" valign="top"> </td>
</tr>
<tr>
<td colspan="3"> </td>
</tr>
</table>
</body>
</html>