query("SELECT id, username, emailaddress, enabled FROM app_users WHERE username = '$username' AND enabled = 1"); $emailfromdb = $queryemail->fetch_row(); $fetchedemailfromdb = $emailfromdb[2]; // Check if there is any other user with the same email address as the new email address $getemails = $mysqli->query("SELECT emailaddress FROM app_users"); $duplicateemail = 0; while ($row = $getemails->fetch_row()) { if ($newEmail == $row[0]) { $duplicateemail = 1; break; } } if ($fetchedemailfromdb == $currentEmail) { if ($duplicateemail == 0) { /** * Send the verification email */ // Generate a random string to be used as the termination of the verification link function random_str($length, $keyspace = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ') { $pieces = []; $max = mb_strlen($keyspace, '8bit') - 1; for ($i = 0; $i < $length; ++$i) { $pieces []= $keyspace[random_int(0, $max)]; } return implode('', $pieces); } $token = random_str(55); // Enter the new token in the database $entertokenquery = $mysqli->query("UPDATE app_users SET token = '$token' WHERE username = '$username' AND registered = 1 AND enabled = 1"); // Create the verification email $verificationLink = $_SERVER['REQUEST_SCHEME'] . "://" . $_SERVER['HTTP_HOST'] . "/change-email-verification.php?token=" . $token . "&newemail=" . $newEmail; $domaininit = explode(".", $_SERVER['HTTP_HOST']); array_shift($domaininit); $domain = implode(".", $domaininit); $headers = "MIME-Version: 1.0" . "\r\n"; $headers .= "Content-type: text/html; charset=UTF-8" . "\r\n"; $headers .= "From: " . "no-reply@" . $domain . "\r\n"; $subject = "Roundpin email address verification"; $message = "Hello,

We have received your email address change request. To change your current Roundpin email address, please verify your address by clicking on the link from below:

".$verificationLink."

Alternatively, you can copy the link and paste it in the address bar of your browser.

After email address verification, your new email address will be assigned to your Roundpin account and saved to the database.

Thank you,
Roundpin
Host: '" . $_SERVER['HTTP_HOST'] . "'"; // Send the verification email mail($newEmail, $subject, $message, $headers); $emailchangemessage = "An email has been sent to your new email address. Please click on the link included in the received email to change your Roundpin user email address."; } else { $emailchangemessage = "The new email address is already used by another Roundpin user. Please, choose a different email address!"; } } else { $emailchangemessage = "The email address you have entered in the 'Current Email' field doesn't match your current email address!"; } echo json_encode($emailchangemessage); } else { header("Location: roundpin-login.php"); } ?>