change-email-verification.php
06fbd764
 <?php
 /**
  *  Copyright (C) 2021  Double Bastion LLC
  *
  *  This file is part of Roundpin, which is licensed under the
  *  GNU Affero General Public License Version 3.0. The license terms
  *  are detailed in the "LICENSE.txt" file located in the root directory.
  */
 
 $retrievedToken = $_GET['token'];
 $retrievedEmail = $_GET['newemail'];
 
 if (($retrievedToken != '') && (strlen($retrievedToken) == 55)) {
 
   define('ACCESSCONST', TRUE);
 
   require('db-connect.php');
 
     // Find the user who has the token identical with the one retrieved from the link that has been clicked
     $registered = 1;
     $enabled = 1;
     $query0 = $mysqli->prepare("SELECT id, username, registered, token, enabled FROM app_users WHERE registered=? AND token=? AND enabled=?");
     $query0->bind_param("isi", $registered, $retrievedToken, $enabled);
     $query0->execute();
     $fetcheddbdata = $query0->get_result()->fetch_assoc();
 
     if (!$fetcheddbdata) {
         die("Error !");
     } else {
         $userName = $fetcheddbdata['username'];
         $query0->close();
 
         $queryupemailandtoken = $mysqli->query("UPDATE app_users SET emailaddress = '$retrievedEmail', token = '' WHERE username = '$userName'");
 
         header("Location: email-address-changed.php");
     }
 }
 
 ?>