06fbd764 |
<?php
/**
* Copyright (C) 2021 Double Bastion LLC
*
* This file is part of Roundpin, which is licensed under the
* GNU Affero General Public License Version 3.0. The license terms
* are detailed in the "LICENSE.txt" file located in the root directory.
*/
$retrievedToken = $_GET['token'];
if (($retrievedToken != '') && (strlen($retrievedToken) == 55)) {
define('ACCESSCONST', TRUE);
require('db-connect.php');
// Find the user who has a token identical with the one retrieved from the link that has been clicked
$registered = 0;
$enabled = 1;
$query0 = $mysqli->prepare("SELECT id, username, emailaddress, registered, token, temporarypass, enabled FROM app_users WHERE registered=? AND token=? AND enabled=?");
$query0->bind_param("isi", $registered, $retrievedToken, $enabled);
$query0->execute();
$fetchedrow = $query0->get_result()->fetch_assoc();
if (!$fetchedrow) {
exit("Error !");
} else {
$userID = $fetchedrow['id'];
$userName = $fetchedrow['username'];
$tempPassword = $fetchedrow['temporarypass'];
$useremail = $fetchedrow['emailaddress'];
$query1 = $mysqli->query("UPDATE app_users SET registered = '1', token = '', temporarypass = '' WHERE id = '$userID'");
header("Location: new-email-message.php");
// Send the new email
$domaininit = explode(".", $_SERVER['HTTP_HOST']);
array_shift($domaininit);
$domain = implode(".", $domaininit);
$reqHost = $_SERVER['HTTP_HOST'];
// Mention the content-type, since it's an HTML email
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type: text/html; charset=UTF-8" . "\r\n";
$headers .= "From: " . "no-reply@" . $domain . "\r\n";
$subject = "Roundpin account access";
$message = "Hello, <br><br>
You can log in to your Roundpin account using the following credentials:<br><br>
username: <b>".$userName."</b><br>
password: <b>".$tempPassword."</b><br><br>
We highly recommend to change the password provided in this email with a new strong password. After you log in to Roundpin, click on the 'Account Settings'
wheel, click on 'Configure Account', then click on the 'Change Password' tab; enter your current password and a new password of at least 10 characters,
containing at least one letter, one digit and one special character.<br><br>
Thank you,<br>
Roundpin<br>
Host: '" . $reqHost . "'";
mail($useremail, $subject, $message, $headers);
}
}
?>
|