diff --git a/master-site/common.php b/master-site/common.php
index e2d2ad8..1402bc8 100644
--- a/master-site/common.php
+++ b/master-site/common.php
@@ -487,6 +487,21 @@ function count_LastOn(int $userId)
return intval($v[0]);
}
+function get_email_activation_status(int $userId)
+{
+
+
+ include('config.php');
+ $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
+ $stmt = $connect->prepare("SELECT EmailActivated FROM Users WHERE Id=?");
+ $stmt->bind_param("i", $userId);
+ $stmt->execute();
+ $result = $stmt->get_result();
+ $v = $result->fetch_row();
+
+
+ return $v[0] === "YES";
+}
function get_LastOn(int $userId)
{
diff --git a/master-site/crosserver.php b/master-site/crosserver.php
index 4d078d8..06a3e4c 100644
--- a/master-site/crosserver.php
+++ b/master-site/crosserver.php
@@ -1,6 +1,4 @@
2 || $atype < 1)
$problems = [];
if(isset( $_GET["U"], $_GET["AC"] )){
- $verify_username = $GET["U"];
- $verify_token = $GET["AC"];
+ $verify_username = $_GET["U"];
+ $verify_token = $_GET["AC"];
$hmac = GenHmacMessage($verify_username, "UserActivation", false);
- $hmac_hash = bin2hex(base64_url_decode($hmac));
+ $hmac_hash = bin2hex(base64_url_decode($verify_token));
- if(hash_equals($hmac_hash, $verify_token)){
- // TODO: Activate account
+ if(strlen($hmac_hash) != 64){
+ print_r(strlen($hmac_hash));
+ echo("INCOMPLETE Activation Code!
");
+ include("footer.php");
+ exit();
}
-}
+ else{
+ print("
Attempting to Activate your account...
");
+ if(hash_equals($hmac_hash, $hmac)) {
+ if(user_exists($verify_username)) {
+ $user_id = get_userid($verify_username);
+ if(!get_email_activation_status($user_id)) {
+ $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
+ $stmt = $connect->prepare("UPDATE Users SET EmailActivated='YES' WHERE Id=?");
+ $stmt->bind_param("i", $user_id);
+ $stmt->execute();
+ echo(' COMPLETED: Successfully Enabled your Account. You may Log in with your name and password at the upper right.
+
+
+
-if(isset( $_POST['user'],$_POST['pass1'],$_POST['pass2'],$_POST['sex'],$_POST['email'],$_POST['age'],$_POST['passreqq'],$_POST['passreqa'] ,$_POST['A']))
+ ');
+ include("footer.php");
+ exit();
+
+ }
+ else{
+ echo("ACCOUNT ALREADY ACTIVATED: Your account has already been activated. Please login with your username and password.