Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if(isset($_GET['email']) && isset($_GET['hash'])) {
- include_once('php_includes/connect.php');
- //verify
- $email = mysqli_real_escape_string($_GET['email']); //set email variable
- $hash = mysqli_real_escape_string($_GET['hash']); //set hash variable
- $sql = "SELECT email, hash, activated FROM `users` WHERE email = '$email' AND hash = '$hash' AND activated = '0' LIMIT 1" or die(mysqli_error());
- $result = mysqli_query($connection, $sql);
- if($result) {
- $sql = "UPDATE `users` SET activated='1' WHERE email='$email' AND hash='$hash' AND activated = '1' LIMIT 1" or die(mysqli_error());
- header("location: message.php?msg="); //PAGE WITH LINK TO LOGIN
- exit();
- } else {
- echo '<div class="statusmsg">The url is either invalid or you already have activated your account.</div>';
- }
- } else {
- echo '<div class="statusmsg">Invalid approach. Please use the link that has been sent to your email.</div>';
- }
- <?php
- if(isset($_GET['email']) && isset($_GET['hash'])) {
- include_once('php_includes/connect.php');
- //verify
- $email = mysqli_real_escape_string($_GET['email']); //set email variable
- $hash = mysqli_real_escape_string($_GET['hash']); //set hash variable
- $activated = 1;
- $not_activated = 0;
- $sql = $connection->prepare("SELECT email, hash, activated FROM `users` WHERE email=? AND hash=? AND activated=? LIMIT 1") or die(mysqli_error());
- $sql->bind_param("ssi", $email, $hash, $not_activated);
- $result = $sql->execute();
- $sql->execute();
- if($result) {
- $sql = $connection->prepare("UPDATE `users` SET activated=? WHERE email=? AND hash=? AND activated=? LIMIT 1") or die(mysqli_error());
- $sql->bind_param("issi", $activated, $email, $hash, $not_activated);
- $result = $sql->execute();
- $sql->execute();
- header("location: message.php?msg=");
- exit();
- //THE SAME ELSE STATEMENTS BELOW THIS, BUT THEY ARE NEVER REACHED
- }
- $username = $_POST['username'];
- $password = $_POST['password'];
- $email = $_POST['email'];
- $gender = $_POST['gender'];
- $profession = $_POST['profession'];
- $ip = $_SERVER['REMOTE_ADDR'];
- $password_hash = password_hash($password, PASSWORD_DEFAULT);
- $hash = md5( rand(0, 1000) );
- //HERE IS WHERE IT'S THE SAME
- $stmt = $connection->prepare("INSERT INTO `users` (username, password, email, gender, profession, ip, hash) VALUES(?, ?, ?, ?, ?, ?, ?)");
- $stmt ->bind_param("sssssss", $username, $password_hash, $email, $gender, $profession, $ip, $hash);
- $result = $stmt->execute();
- $stmt->execute(); //THIS EXECUTES FINE
- if($result) {
- $successMessage = "Now check your inbox or junk folder for verification email.";
- //BEGIN EMAIL CODE AFTER THIS. WORKS FINE.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement