diff --git a/master-site/common.php b/master-site/common.php
index 038046e..62f2232 100644
--- a/master-site/common.php
+++ b/master-site/common.php
@@ -1,4 +1,5 @@
alert('Please set HMAC_SECRET !')");
+ echo("
Set \$hmac_secret in config.php!
");
+ exit();
+ }
+
+ $secret = $hmac_secret.$channel;
+
+ if($restricted)
+ $secret .= $_SERVER['REMOTE_ADDR'].date('mdy');
+
+ $hmac = hash_hmac('sha256', $data, $secret);
+ return $hmac;
+}
+
+function send_activation_email(string $email, string $username, string $password){
+ $hmac = GenHmacMessage($username, "UserActivation", false);
+ $hmacKey = base64_encode(hex2bin($hmac));
+ $activateUrl = get_protocol().get_host()."/web/newuser.php?U=".htmlspecialchars($username, ENT_QUOTES)."&AC=".htmlspecialchars($hmacKey, ENT_QUOTES);
+ $body = "Welcome New Horse Isle Member!
\r\nTo Activate your account, Click the following link, or Copy-Paste/Type it in your browser.
\r\n\r\n".$activateUrl."
\r\n or
\r\n( ".$activateUrl." )\r\n
We hope you enjoy the game! Be sure you have written down your Username: ".htmlspecialchars($username, ENT_QUOTES)." and Password: ".htmlspecialchars($password, ENT_QUOTES)." someplace safe!
\r\nNEVER give your password out to ANYONE, even someone claiming to work for Horse Isle.
";
+ mail($email, "Horse Isle Account Verification", $body);
+}
+
function count_topics(string $fourm)
{
@@ -478,7 +522,7 @@ function populate_db()
{
include('config.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
- mysqli_query($connect, "CREATE TABLE IF NOT EXISTS Users(Id INT, Username TEXT(16),Email TEXT(128),Country TEXT(128),SecurityQuestion Text(128),SecurityAnswerHash TEXT(128),Age INT,PassHash TEXT(128), Salt TEXT(128),Gender TEXT(16), Admin TEXT(3), Moderator TEXT(3))");
+ mysqli_query($connect, "CREATE TABLE IF NOT EXISTS Users(Id INT, Username TEXT(16),Email TEXT(128),Country TEXT(128),SecurityQuestion Text(128),SecurityAnswerHash TEXT(128),Age INT,PassHash TEXT(128), Salt TEXT(128),Gender TEXT(16), Admin TEXT(3), Moderator TEXT(3), EmailActivated TEXT(3))");
mysqli_query($connect, "CREATE TABLE IF NOT EXISTS LastOn(Id INT, ServerId TEXT(1028))");
mysqli_query($connect, "CREATE TABLE IF NOT EXISTS FourmThread(ThreadId INT, Title TEXT(100), Fourm TEXT(10), UpdateTime INT, Locked TEXT(3))");
mysqli_query($connect, "CREATE TABLE IF NOT EXISTS FourmReply(ReplyId INT, ThreadId INT, CreatedBy TEXT(1028), Contents TEXT(65565), Fourm TEXT(10), CreationTime INT, MadeByAdmin TEXT(3))");
diff --git a/master-site/crosserver.php b/master-site/crosserver.php
index 31ba1b6..4d078d8 100644
--- a/master-site/crosserver.php
+++ b/master-site/crosserver.php
@@ -1,18 +1,5 @@
alert('Please set HMAC_SECRET !')");
- echo("Set \$hmac_secret in config.php!
");
- exit();
- }
- $secret = $hmac_secret.$channel.$_SERVER['REMOTE_ADDR'].date('mdy');
- $hmac = hash_hmac('sha256', $data, $secret);
- return $hmac;
-}
-
function getPlayerList($database)
{