<?php
/**
 *  Copyright (C) 2022, 2024  Double Bastion LLC
 *
 *  This file is part of Roundpin, which is licensed under the
 *  GNU Affero General Public License Version 3.0. The license terms
 *  are detailed in the "LICENSE.txt" file located in the root directory.
 */

session_start();

$retrieved = $_GET['key'];

if (($retrieved != '') && (strlen($retrieved) == 50)) {

  define('ACCESSCONST', TRUE);

  require('db-connect.php');

    // Find the user who has a token identical with the one retrieved from the link that has been clicked
    $registereduser = '0';
    $enabled = 1;
    $query0 = $mysqli->prepare("SELECT id, registered, token, enabled FROM app_users WHERE registered = ? AND token = ? AND enabled = ?");
    $query0->bind_param("ssi", $registereduser, $retrieved, $enabled);
    $query0->execute();
    $fetchdata = $query0->get_result()->fetch_assoc();

    if (!$fetchdata) {
        $query0->close();
        exit("Error !");
    } else {
        $ID = $fetchdata['id'];
        $registered = 1;
        $crtoken = '';
        $query1 = $mysqli->prepare("UPDATE app_users SET registered = ?, token = ?  WHERE id = ?");
        $query1->bind_param("isi", $registered, $crtoken, $ID);
        $query1->execute();
        header("Location: registration-success.php");
    }
}

?>