From ab50fd5d38fa5ccc40f8174006d2ed5e8888de05 Mon Sep 17 00:00:00 2001
From: Li
Date: Tue, 14 Jun 2022 19:53:14 +1200
Subject: [PATCH] Add email validation
---
master-site/account.php | 44 ++++++++++++++++++++++++++++++++++++++++-
master-site/common.php | 12 +++++++++++
2 files changed, 55 insertions(+), 1 deletion(-)
diff --git a/master-site/account.php b/master-site/account.php
index e977cb9..547359f 100644
--- a/master-site/account.php
+++ b/master-site/account.php
@@ -3,8 +3,35 @@ session_start();
include("servers.php");
include("common.php");
include("crosserver.php");
+include("config.php");
+$eml_err = NULL;
+if(isset($_POST["RESENDEMAIL"], $_POST["USER"], $_POST["PASS"])){
+ $username = $_POST["USER"];
+ $password = $_POST["PASS"];
+ if(!user_exists($username))
+ goto improper_auth;
+
+ $id = get_userid($username);
+ //TODO: $eml_err = "Email account has been banned.";
+ if(check_password($id, $password)){
+ if(!preg_match('/^[A-Za-z0-9_.+-]*\@[A-Za-z0-9_.+-]*\.[A-Za-z0-9_.+-]{1,4}$/',$_POST["RESENDEMAIL"])){
+ $eml_err = "Email does not appear to be a valid format.";
+
+ goto email_error;
+ }
+ send_activation_email($_POST["RESENDEMAIL"], $username, $password);
+ include("web/header.php");
+ echo("Your activation email has been re-sent to ".htmlspecialchars($_POST["RESENDEMAIL"])." Look for the email from ".htmlspecialchars($from_email)." with your activation code! You cannot login until you CLICK the link with your code in the email. Be sure to check your Spam email box in case it goes there.
Go Back to Main Page
|
");
+ include("web/footer.php");
+ exit();
+ }
+
+improper_auth:
+ echo("Improper Account info.");
+ exit();
+}
if(isset($_POST["USER"], $_POST["PASS"]))
{
$username = $_POST["USER"];
@@ -14,15 +41,28 @@ if(isset($_POST["USER"], $_POST["PASS"]))
$id = get_userid($username);
if(check_password($id, $password))
{
+
+ if($email_activation === true) {
+ if(!get_email_activation_status($id)){
+email_error:
+ include("web/header.php");
+ if($eml_err !== NULL){
+ echo("Errors in Sending Activation Email:
".htmlspecialchars($eml_err, ENT_QUOTES)."
");
+ }
+ echo('You still need to click the Activation link that was emailed to you at '.htmlspecialchars(get_email($id), ENT_QUOTES).'.
Please check your spam mailbox just in case. The email will be from '.htmlspecialchars($from_email, ENT_QUOTES).'.
If you would like to resend the authentication email somewhere else: