-
Notifications
You must be signed in to change notification settings - Fork 10
/
confirmemail.php
54 lines (53 loc) · 2.25 KB
/
confirmemail.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
<?php
/**
* ------- U-232 Codename Trinity ----------*
* ---------------------------------------------*
* -------- @authors U-232 Team --------------*
* ---------------------------------------------*
* ----- @site https://u-232.duckdns.org/ ----*
* ---------------------------------------------*
* ----- @copyright 2020 U-232 Team ----------*
* ---------------------------------------------*
* ------------ @version V6 ------------------*
*/
require_once(__DIR__.DIRECTORY_SEPARATOR.'include'.DIRECTORY_SEPARATOR.'bittorrent.php');
require_once(INCL_DIR.'user_functions.php');
$lang = array_merge(load_language('global'), load_language('confirmemail'));
if (!isset($_GET['uid']) || !isset($_GET['key']) || !isset($_GET['email'])) {
stderr("{$lang['confirmmail_user_error']}", "{$lang['confirmmail_idiot']}");
}
//if (!preg_match("/^(?:[\d\w]){32}$/", $_GET['key'])) {
// stderr("{$lang['confirmmail_user_error']}", "{$lang['confirmmail_no_key']}");
//}
if (!preg_match("/^(?:\d){1,}$/", $_GET['uid'])) {
stderr("{$lang['confirmmail_user-error']}", "{$lang['confirmmail_no_id']}");
}
$id = (int)$_GET['uid'];
$confirm = $_GET['key'];
$email = urldecode($_GET['email']);
if (!validemail($email)) {
stderr("{$lang['confirmmail_user_error']}", "{$lang['confirmmail_false_email']}");
}
dbconn();
$res = sql_query("SELECT editsecret, added FROM users WHERE id =".sqlesc($id));
$row = $res->fetch_assoc();
if (!$row) {
stderr("{$lang['confirmmail_user_error']}", "{$lang['confirmmail_not_complete']}");
}
if (!password_verify($email.$row['added'], $confirm)) {
stderr("{$lang['confirmmail_user_error']}", "{$lang['confirmmail_not_complete']}");
}
sql_query("UPDATE users SET editsecret='', email=".sqlesc($email)." WHERE id=".sqlesc($id)." AND editsecret=".sqlesc($row["editsecret"]));
$cache->update_row($cache_keys['my_userid'].$id, [
'editsecret' => '',
'email' => $email,
], $TRINITY20['expires']['curuser']);
$cache->update_row($cache_keys['user'].$id, [
'editsecret' => '',
'email' => $email,
], $TRINITY20['expires']['user_cache']);
if (!$mysqli->affected_rows) {
stderr("{$lang['confirmmail_user_error']}", "{$lang['confirmmail_not_complete']}");
}
header("Refresh: 0; url={$TRINITY20['baseurl']}/usercp.php?action=security&emailch=1");
?>