This repository has been archived by the owner on Apr 14, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathconfirmemail.php
69 lines (53 loc) · 2.22 KB
/
confirmemail.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
<?php
/*
+------------------------------------------------
| TBDev.net BitTorrent Tracker PHP
| =============================================
| by CoLdFuSiOn
| (c) 2003 - 2011 TBDev.Net
| http://www.tbdev.net
| =============================================
| svn: http://sourceforge.net/projects/tbdevnet/
| Licence Info: GPL
+------------------------------------------------
| $Date$
| $Revision$
| $Author$
| $URL$
+------------------------------------------------
*/
require_once "include/bittorrent.php";
require_once "include/user_functions.php";
$lang = array_merge( load_language('global'), load_language('confirmemail') );
if ( !isset($_GET['uid']) OR !isset($_GET['key']) OR !isset($_GET['email']) )
stderr("{$lang['confirmmail_user_error']}", "{$lang['confirmmail_idiot']}");
if (! preg_match( "/^(?:[\d\w]){32}$/", $_GET['key'] ) )
{
stderr( "{$lang['confirmmail_user_error']}", "{$lang['confirmmail_no_key']}" );
}
if (! preg_match( "/^(?:\d){1,}$/", $_GET['uid'] ) )
{
stderr( "{$lang['confirmmail_user-error']}", "{$lang['confirmmail_no_id']}" );
}
$id = intval($_GET['uid']);
$md5 = $_GET['key'];
$email = urldecode($_GET['email']);
if( !validemail($email) )
stderr("{$lang['confirmmail_user_error']}", "{$lang['confirmmail_false_email']}");
dbconn();
loggedinorreturn();
$res = mysql_query("SELECT editsecret FROM users WHERE id = $id");
$row = mysql_fetch_assoc($res);
if (!$row)
stderr("{$lang['confirmmail_user_error']}", "{$lang['confirmmail_not_complete']}");
//$sec = hash_pad($row["editsecret"]);
$sec = $row['editsecret'];
if (preg_match('/^ *$/s', $sec))
stderr("{$lang['confirmmail_user_error']}", "{$lang['confirmmail_not_complete']}");
if ($md5 != md5($sec . $email . $sec))
stderr("{$lang['confirmmail_user_error']}", "{$lang['confirmmail_not_complete']}");
@mysql_query("UPDATE users SET editsecret='', email=" . sqlesc($email) . " WHERE id=$id AND editsecret=" . sqlesc($row["editsecret"]));
if (!mysql_affected_rows())
stderr("{$lang['confirmmail_user_error']}", "{$lang['confirmmail_not_complete']}");
header("Refresh: 0; url={$TBDEV['baseurl']}/my.php?emailch=1");
?>