Browse code

Created repository.

DoubleBastionAdmin authored on 26/01/2022 20:32:42
Showing 1 changed files
1 1
new file mode 100644
... ...
@@ -0,0 +1,39 @@
1
+<?php
2
+/**
3
+ *  Copyright (C) 2021  Double Bastion LLC
4
+ *
5
+ *  This file is part of Roundpin, which is licensed under the
6
+ *  GNU Affero General Public License Version 3.0. The license terms
7
+ *  are detailed in the "LICENSE.txt" file located in the root directory.
8
+ */
9
+
10
+$retrievedToken = $_GET['token'];
11
+$retrievedEmail = $_GET['newemail'];
12
+
13
+if (($retrievedToken != '') && (strlen($retrievedToken) == 55)) {
14
+
15
+  define('ACCESSCONST', TRUE);
16
+
17
+  require('db-connect.php');
18
+
19
+    // Find the user who has the token identical with the one retrieved from the link that has been clicked
20
+    $registered = 1;
21
+    $enabled = 1;
22
+    $query0 = $mysqli->prepare("SELECT id, username, registered, token, enabled FROM app_users WHERE registered=? AND token=? AND enabled=?");
23
+    $query0->bind_param("isi", $registered, $retrievedToken, $enabled);
24
+    $query0->execute();
25
+    $fetcheddbdata = $query0->get_result()->fetch_assoc();
26
+
27
+    if (!$fetcheddbdata) {
28
+        die("Error !");
29
+    } else {
30
+        $userName = $fetcheddbdata['username'];
31
+        $query0->close();
32
+
33
+        $queryupemailandtoken = $mysqli->query("UPDATE app_users SET emailaddress = '$retrievedEmail', token = '' WHERE username = '$userName'");
34
+
35
+        header("Location: email-address-changed.php");
36
+    }
37
+}
38
+
39
+?>