danog/user-management-bootstrap
1
0
Fork 0
mirror of https://github.com/danog/user-management-bootstrap.git synced 2024-11-30 04:29:09 +01:00
Code Issues Projects Releases Wiki Activity

Applied fixes from StyleCI

Browse Source
This commit is contained in:
Daniil Gentili 2016-07-07 18:39:33 -04:00 committed by StyleCI Bot
parent e1e1215f1b
commit 6927b7f51a
17 changed files with 373 additions and 341 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
admin.php
View File

@ -1,7 +1,7 @@
<?php
ini_set("log_errors", 1);
error_log( "Hello, errors (3)!" );
ini_set('log_errors', 1);
error_log('Hello, errors (3)!');
include 'db_connect.php';
include 'functions.php';
@ -14,17 +14,19 @@ sec_session_start();
error_log("action is $action and username is $username");
if (login_check($pdo) == true) {
if($action == "del" && $username != "") {
if ($insert_stmt = $pdo->prepare("DELETE from members WHERE id=?")) {
$insert_stmt->execute(array($username));
if ($action == 'del' && $username != '') {
if ($insert_stmt = $pdo->prepare('DELETE from members WHERE id=?')) {
$insert_stmt->execute([$username]);
// Esegui la query ottenuta.
if($insert_stmt->rowCount() != "0") { exit("ok"); } else { exit("false"); };
};
};
if ($insert_stmt->rowCount() != '0') {
exit('ok');
} else {
exit('false');
}
}
}
if ($action == "pass" && $username != "" && $password != "") {
if ($action == 'pass' && $username != '' && $password != '') {
// Crea una chiave casuale
$random_salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
@ -32,22 +34,32 @@ if(login_check($pdo) == true) {
$password = hash('sha512', $password.$random_salt);
// Inserisci a questo punto il codice SQL per eseguire la INSERT nel tuo database
// Assicurati di usare statement SQL 'prepared'.
if ($insert_stmt = $pdo->prepare("UPDATE members set password=?, salt=? WHERE id=?")) {
$insert_stmt->execute(array($password, $random_salt, $username));
if ($insert_stmt = $pdo->prepare('UPDATE members set password=?, salt=? WHERE id=?')) {
$insert_stmt->execute([$password, $random_salt, $username]);
// Esegui la query ottenuta.
if($insert_stmt->rowCount() != "0") { exit("ok"); } else { exit("false"); };
};
};
if ($insert_stmt->rowCount() != '0') {
exit('ok');
} else {
exit('false');
}
}
}
if ($action == "type" && $username != "" && $type != "") {
if ($action == 'type' && $username != '' && $type != '') {
// Inserisci a questo punto il codice SQL per eseguire la INSERT nel tuo database
// Assicurati di usare statement SQL 'prepared'.
if ($insert_stmt = $pdo->prepare("UPDATE members set usertype=? WHERE id=?")) {
$insert_stmt->execute(array($type, $username));
if ($insert_stmt = $pdo->prepare('UPDATE members set usertype=? WHERE id=?')) {
$insert_stmt->execute([$type, $username]);
// Esegui la query ottenuta.
if($insert_stmt->rowCount() != "0") { exit("ok"); } else { exit("false"); };
};
};
if ($insert_stmt->rowCount() != '0') {
exit('ok');
} else {
exit('false');
}
}
}
header('Location: https://controllo.autocontrollo.ch/');
} else exit("false");
} else {
exit('false');
}
?>

5
emailtext.php
View File

@ -1,5 +1,6 @@
<?php
$usversubject = "Email verification for autocontrollo.ch";
$usversubject = 'Email verification for autocontrollo.ch';
$usverbody = "Hello $username!
You just signed up to autocontrollo.ch with this email: you should verify it so that we know that you're not a bot.
To do that, simply click on the following url or copy and paste it in your address bar:
@ -29,5 +30,3 @@ Bye!
";
$adverhttpbody = "Hello $adminusername!<br>$name ($username) just signed up to autocontrollo.ch using your structure&apos;s id.<br>Please navigate to controllo.autocontrollo.ch and activate the user.<br>If you don&apos;t know this $username, you should delete him/her from the user list.<br>Bye!
";
?>

37
functions.php
View File

@ -1,19 +1,22 @@
<?php
function sec_session_start() {
function sec_session_start()
{
$session_name = 'sec_session_id'; // Imposta un nome di sessione
$secure = true; // Imposta il parametro a true se vuoi usare il protocollo 'https'.
$httponly = true; // Questo impedirà ad un javascript di essere in grado di accedere all'id di sessione.
ini_set('session.use_only_cookies', 1); // Forza la sessione ad utilizzare solo i cookie.
$cookieParams = session_get_cookie_params(); // Legge i parametri correnti relativi ai cookie.
session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httponly);
session_set_cookie_params($cookieParams['lifetime'], $cookieParams['path'], $cookieParams['domain'], $secure, $httponly);
session_name($session_name); // Imposta il nome di sessione con quello prescelto all'inizio della funzione.
session_start(); // Avvia la sessione php.
session_regenerate_id(); // Rigenera la sessione e cancella quella creata in precedenza.
}
function login($username, $password, $pdo) {
if ($stmt = $pdo->prepare("SELECT id, password, salt, usertype, sid FROM members WHERE username = ?")) {
$stmt->execute(array($username));
function login($username, $password, $pdo)
{
if ($stmt = $pdo->prepare('SELECT id, password, salt, usertype, sid FROM members WHERE username = ?')) {
$stmt->execute([$username]);
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$user_id = $row['id'];
$usertype = $row['usertype'];
@ -28,9 +31,9 @@ function login($username, $password, $pdo) {
} else {
if ($db_password == $password) {
$user_browser = $_SERVER['HTTP_USER_AGENT']; // Recupero il parametro 'user-agent' relativo all'utente corrente.
$user_id = preg_replace("/[^0-9]+/", "", $user_id); // ci proteggiamo da un attacco XSS
$user_id = preg_replace('/[^0-9]+/', '', $user_id); // ci proteggiamo da un attacco XSS
$_SESSION['user_id'] = $user_id;
$username = preg_replace("/[^a-zA-Z0-9_\-]+/", "", $username); // ci proteggiamo da un attacco XSS
$username = preg_replace("/[^a-zA-Z0-9_\-]+/", '', $username); // ci proteggiamo da un attacco XSS
$_SESSION['username'] = $username;
$_SESSION['usertype'] = $usertype;
$_SESSION['sid'] = $sid;
@ -42,6 +45,7 @@ function login($username, $password, $pdo) {
// Registriamo il tentativo fallito nel database.
$now = time();
$pdo->query("INSERT INTO login_attempts (user_id, time) VALUES ('$user_id', '$now')");
return false;
}
}
@ -52,12 +56,13 @@ function login($username, $password, $pdo) {
}
}
function checkbrute($user_id, $pdo) {
function checkbrute($user_id, $pdo)
{
// Recupero il timestamp
$now = time();
$valid_attempts = $now - (2 * 60 * 60);
if ($stmt = $pdo->prepare("SELECT time FROM login_attempts WHERE user_id = ? AND time > ?")) {
$stmt->execute(array($user_id, $valid_attempts));
if ($stmt = $pdo->prepare('SELECT time FROM login_attempts WHERE user_id = ? AND time > ?')) {
$stmt->execute([$user_id, $valid_attempts]);
if ($stmt->rowCount() > 20) {
return true;
} else {
@ -66,15 +71,16 @@ function checkbrute($user_id, $pdo) {
}
}
function login_check($pdo) {
function login_check($pdo)
{
// Verifica che tutte le variabili di sessione siano impostate correttamente
if (isset($_SESSION['user_id'], $_SESSION['username'], $_SESSION['login_string'])) {
$user_id = $_SESSION['user_id'];
$login_string = $_SESSION['login_string'];
$username = $_SESSION['username'];
$user_browser = $_SERVER['HTTP_USER_AGENT']; // reperisce la stringa 'user-agent' dell'utente.
if ($stmt = $pdo->prepare("SELECT password FROM members WHERE id = ? LIMIT 1")) {
$stmt->execute(array($user_id)); // esegue il bind del parametro '$user_id'.
if ($stmt = $pdo->prepare('SELECT password FROM members WHERE id = ? LIMIT 1')) {
$stmt->execute([$user_id]); // esegue il bind del parametro '$user_id'.
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$count = $stmt->rowCount();
if ($count == 1) {
@ -85,19 +91,22 @@ function login_check($pdo) {
return true;
} else {
error_log("Wrong login string for $username");
return false;
}
} else {
error_log("Couldnt find $username");
return false;
}
} else {
error_log("Couldnt select pass $username");
return false;
}
} else {
error_log("Vars not set 4 $username");
return false;
}
}
?>

34
index.php
View File

@ -1,6 +1,6 @@
<?php
ini_set("log_errors", 1);
ini_set('log_errors', 1);
error_reporting(E_ALL);
include 'db_connect.php';
include 'functions.php';
@ -13,38 +13,42 @@ if(login_check($pdo) == true) {
$curuser = $_SESSION['username'];
$usertype = $_SESSION['usertype'];
$curpage = $_GET['p'];
if($curpage == "") { $curpage = "none"; };
if ($curpage == '') {
$curpage = 'none';
}
switch ($usertype) {
// Admin
case 1:
$pages = [
["Autocontrollo", "none"],
["Manage users", "usermgmt"]
['Autocontrollo', 'none'],
['Manage users', 'usermgmt'],
];
break;
default:
$pages = [
["Autocontrollo", "none"],
['Autocontrollo', 'none'],
];
};
}
declarenav($pages);
foreach ($pages as list($name, $page)) {
if ($page == $curpage) {
$func = "declare".$page."();";
$func = 'declare'.$page.'();';
eval("$func");
$done = "y";
};
};
if($done != "y") { $error = "y"; declarenone(); };
$done = 'y';
}
}
if ($done != 'y') {
$error = 'y';
declarenone();
}
} else {
declarenavbase();
if($_GET['p'] == "signup") {
if ($_GET['p'] == 'signup') {
declaresignup();
} else {
declarelogin();
};
};
}
}
echo $footer;
?>

44
iscrizioni.php
View File

@ -1,6 +1,6 @@
<?php
error_log( "Hello, errors (2)!" );
error_log('Hello, errors (2)!');
include 'db_connect.php';
include 'functions.php';
@ -13,14 +13,14 @@ $username = $_POST['username'];
$response = $_POST['response'];
$password = $_POST['password'];
$fields = array(
$fields = [
'secret' => '6LfVZRITAAAAALN5A_Uq7E-cIraDyOtOazYJd9av',
'response' => "$response"
);
'response' => "$response",
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"https://www.google.com/recaptcha/api/siteverify");
curl_setopt($ch, CURLOPT_URL, 'https://www.google.com/recaptcha/api/siteverify');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
@ -33,38 +33,38 @@ $obj = json_decode($gresponse);
$result = $obj->{'success'};
// Check for empty fields
if($result != "true" || empty($_POST['name']) || empty($_POST['response']) || empty($_POST['sid']) || empty($_POST['email']) || empty($_POST['username'])|| !filter_var($_POST['email'],FILTER_VALIDATE_EMAIL) || empty($_POST['password'])){
exit("false");
};
if ($result != 'true' || empty($_POST['name']) || empty($_POST['response']) || empty($_POST['sid']) || empty($_POST['email']) || empty($_POST['username']) || !filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) || empty($_POST['password'])) {
exit('false');
}
$check_stmt = $pdotwo->prepare("SELECT Email, username FROM Strutture WHERE IdStruttura = ?;");
$check_stmt->execute(array($sid));
$check_stmt = $pdotwo->prepare('SELECT Email, username FROM Strutture WHERE IdStruttura = ?;');
$check_stmt->execute([$sid]);
$count = $check_stmt->rowCount();
$adminemail = $check_stmt->fetchColumn();
$adminusername = $check_stmt->fetchColumn(1);
$checktwo_stmt = $pdo->prepare("SELECT * FROM members WHERE username = ?;");
$checktwo_stmt->execute(array($username));
$checktwo_stmt = $pdo->prepare('SELECT * FROM members WHERE username = ?;');
$checktwo_stmt->execute([$username]);
$counttwo = $checktwo_stmt->rowCount();
if($count == "1" && $counttwo == "0") {
if ($count == '1' && $counttwo == '0') {
// Crea una chiave casuale
$random_salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
// Crea una password usando la chiave appena creata.
$password = hash('sha512', $password.$random_salt);
$email_sha512 = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
$insert_stmt = $pdo->prepare("INSERT INTO members (name, sid, email, username, password, salt, email_sha512, usertype, verifyemail) VALUES (?, ?, ?, ?, ?, ?, ?, '0', '0');");
$insert_stmt->execute(array($name, $sid, $email, $username, $password, $random_salt, $email_sha512));
$insert_stmt->execute([$name, $sid, $email, $username, $password, $random_salt, $email_sha512]);
$count = $insert_stmt->rowCount();
if($count == "1") {
if ($count == '1') {
include 'emailtext.php';
sendmail($email, $usversubject, $usverbody, $usverhtmlbody, "");
sendmail($adminemail, $adversubject, $adverbody, $adverhtmlbody, "");
sendmail($email, $usversubject, $usverbody, $usverhtmlbody, '');
sendmail($adminemail, $adversubject, $adverbody, $adverhtmlbody, '');
exit("ok");
} else exit("false");
exit('ok');
} else {
exit("false");
exit('false');
}
} else {
exit('false');
}
?>

11
logout.php
View File

@ -1,19 +1,18 @@
<?php
ini_set("log_errors", 1);
error_log( "Hello, errors logout!" );
ini_set('log_errors', 1);
error_log('Hello, errors logout!');
include 'db_connect.php';
include 'functions.php';
sec_session_start();
// Elimina tutti i valori della sessione.
$username = $_SESSION['username'];
$pdo->query("UPDATE `members` SET `loggedin` = '0' where `members`.`username` = '$username'");
$_SESSION = array();
$_SESSION = [];
// Recupera i parametri di sessione.
$params = session_get_cookie_params();
// Cancella i cookie attuali.
setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
setcookie(session_name(), '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
// Cancella la sessione.
session_destroy();
header('Location: https://autocontrollo.ch');
?>

1
pages.php
View File

@ -7,4 +7,3 @@ include 'pages/baseindex.php';
include 'pages/basesignup.php';
include 'pages/baseusers.php';
include 'pages/baseadmin.php';
?>

2
pages/base.php
View File

@ -1,4 +1,5 @@
<?php
$head = '<!DOCTYPE html>
<html lang="en">
@ -104,4 +105,3 @@ $footer = '
</body>
</html>';
?>

61
pages/baseadmin.php
View File

@ -1,40 +1,47 @@
<?php
function declareusermgmt(){
function declareusermgmt()
{
global $pdo;
$user_stmt = $pdo->query("SELECT * FROM members");
$user_stmt = $pdo->query('SELECT * FROM members');
$rows = $user_stmt->fetchAll(PDO::FETCH_BOTH);
$types = [
["Non enabled user", "0"],
["Superadmin", "1"],
["Admin", "2"],
["Common user", "3"],
['Non enabled user', '0'],
['Superadmin', '1'],
['Admin', '2'],
['Common user', '3'],
];
while ($row = array_shift($rows)) {
if($_SESSION["usertype"] == 1 || (($row["usertype"] > $_SESSION["usertype"] || $row["usertype"] == "0") && $row["sid"] == $_SESSION["sid"])){
if($row['verifyemail'] == 1) { $vemail = "yes"; } else { $vemail = "no"; };
if ($_SESSION['usertype'] == 1 || (($row['usertype'] > $_SESSION['usertype'] || $row['usertype'] == '0') && $row['sid'] == $_SESSION['sid'])) {
if ($row['verifyemail'] == 1) {
$vemail = 'yes';
} else {
$vemail = 'no';
}
foreach ($types as list($text, $ut)) {
if($_SESSION["usertype"] == 1 || ($ut > $_SESSION["usertype"] || $ut == "0")){
if($ut == $row["usertype"]) { $sel = "selected"; } else { $sel = ""; };
if ($_SESSION['usertype'] == 1 || ($ut > $_SESSION['usertype'] || $ut == '0')) {
if ($ut == $row['usertype']) {
$sel = 'selected';
} else {
$sel = '';
}
$options = "$options
<option value=\"$ut\" $sel>$text</option>
";
};
};
}
}
$tr = "
$tr
<tr>
<th>".$row['id']."</th>
<th>".$row['username']."</th>
<th>".$row['name']."</th>
<th>".$row['sid']."</th>
<th>".$row['email']."</th>
<th>".$vemail."</th>
<th>".$row['id'].'</th>
<th>'.$row['username'].'</th>
<th>'.$row['name'].'</th>
<th>'.$row['sid'].'</th>
<th>'.$row['email'].'</th>
<th>'.$vemail.'</th>
<th>
<select id=\"".$row['id']."type\" onChange=\"changeusertype('".$row['id']."')\">
<select id="'.$row['id']."type\" onChange=\"changeusertype('".$row['id']."')\">
".$options."
</select>
</th>
@ -42,9 +49,9 @@ $tr
<th><input class=\"form-control\" type=\"password\" name=\"newname\" id=\"".$row['id']."pass\" Placeholder=\"New password\" onChange=\"changeuserpass('".$row['id']."')\"><input class=\"btn\" type=\"button\" value=\"go\"></th>
</tr>
";
$options = "";
};
};
$options = '';
}
}
echo "
<div class=\"row\">
<div class=\"box\">
@ -79,6 +86,4 @@ $tr
</div>
</div>
";
};
?>
}

8
pages/baseindex.php
View File

@ -1,11 +1,12 @@
<?php
function declareindex($array) {
function declareindex($array)
{
$username = $_SESSION['username'];
foreach ($array as $menu) {
$list = "$list<a href=\"https://controllo.autocontrollo.ch/?p=$menu\">$menu</a><br>";
};
}
$content = '
<div class="container">
@ -27,5 +28,4 @@ function declareindex($array) {
</div>
';
echo $content;
};
?>
}

8
pages/baselogin.php
View File

@ -1,11 +1,12 @@
<?php
function declarelogin() {
function declarelogin()
{
if (isset($_GET['error'])) {
$error = '
<h2 class="text-center">AN ERROR OCCURRED: PLEASE CHECK YOUR LOGIN CREDENTIALS AND TRY AGAIN.</h2>
';
};
}
$content = '
<div class="container">
@ -45,5 +46,4 @@ function declarelogin() {
</div>';
echo $content;
};
?>
}

13
pages/basenav.php
View File

@ -1,6 +1,7 @@
<?php
function declarenavbase() {
function declarenavbase()
{
$nav = '
<body>
@ -42,19 +43,20 @@ function declarenavbase() {
';
echo $nav;
}
function declarenav($array) {
function declarenav($array)
{
$username = $_SESSION['username'];
foreach ($array as list($name, $page)) {
if($page != "none") {
if ($page != 'none') {
$navbar = "
$navbar
<li>
<a href=\"https://controllo.autocontrollo.ch/?p=$page\">$name</a>
</li>
";
};
};
}
}
$nav = '
<body>
@ -100,4 +102,3 @@ $navbar
echo $nav;
}
?>

9
pages/basesignup.php
View File

@ -1,12 +1,12 @@
<?php
function declaresignup() {
function declaresignup()
{
if (isset($_GET['error'])) {
$error = '
<h2 class="text-center">AN ERROR OCCURRED: PLEASE CHECK YOUR LOGIN CREDENTIALS AND TRY AGAIN.</h2>
';
};
}
$content = '
<div class="container">
<div class="row">
@ -107,5 +107,4 @@ function declaresignup() {
</div>';
echo $content;
};
?>
}

59
pages/baseusers.php
View File

@ -1,40 +1,44 @@
<?php
function declarenone() {
function declarenone()
{
global $pdo;
global $error;
global $pages;
if($_SESSION['usertype'] == "0"){
$text = "When your structure admin enables you, you will be able to do lots of intresting things on this website!";
if ($_SESSION['usertype'] == '0') {
$text = 'When your structure admin enables you, you will be able to do lots of intresting things on this website!';
} else {
$text = "ACTIONS:<br>";
$text = 'ACTIONS:<br>';
foreach ($pages as list($name, $page)) {
if($page != "none") {
if ($page != 'none') {
$text = "$text<a href=\"https://controllo.autocontrollo.ch/?p=$page\">$name</a><br>";
};
};
};
if($error == "y") { $errortxt = "<b>You have requested an invalid page. Please contact your structure admin.<br><br></b>"; };
}
}
}
if ($error == 'y') {
$errortxt = '<b>You have requested an invalid page. Please contact your structure admin.<br><br></b>';
}
$u = 0;
// Prepare pdo
$online = $pdo->prepare("SELECT loggedin FROM members WHERE sid = ?;");
$online = $pdo->prepare('SELECT loggedin FROM members WHERE sid = ?;');
// Exec
$online->execute(array($_SESSION['sid']));
$online->execute([$_SESSION['sid']]);
$rows = $online->fetchAll(PDO::FETCH_BOTH);
while ($row = array_shift($rows)) {
$u = $u + $row["loggedin"];
};
if($u == "1"){
$u = "Currently there&apos;s 1 user online.";
} elseif($u == ""){
$u = "Currently there are 0 users online.";
$u = $u + $row['loggedin'];
}
if ($u == '1') {
$u = 'Currently there&apos;s 1 user online.';
} elseif ($u == '') {
$u = 'Currently there are 0 users online.';
} else {
$u = "Currently there are $u users online.";
};
}
echo '
<div class="container">
@ -53,18 +57,18 @@ function declarenone() {
</div>
</div>
';
};
function declareuser() {
if ($st = $pdo->prepare("SELECT regolamento FROM members WHERE username=?")) {
}
function declareuser()
{
if ($st = $pdo->prepare('SELECT regolamento FROM members WHERE username=?')) {
$st->bind_param('s', $curuser);
// Esegui la query ottenuta.
$st->execute();
$st->bind_result($regol);
$st->fetch();
};
}
error_log("regol for $curuser is $regol", 0);
if($regol == "0") {
if ($regol == '0') {
$top = "$itop";
$desc = "$idesc";
$section = "$isection";
@ -72,7 +76,7 @@ function declareuser() {
$top = "$normtop";
$desc = "$normdesc";
$section = "$normsection";
};
}
echo '
<STYLE TYPE="text/css">
<!--
@ -163,7 +167,4 @@ function printDiv(divName) {
document.body.innerHTML = originalContents;
}
</script>';
};
?>
}

3
pages/old.php
View File

@ -183,5 +183,4 @@ $space<tbody>
</section>
';
*/
?>
*/;

6
process_login.php
View File

@ -1,5 +1,6 @@
<?php
error_log( "Hello, errors login!" );
error_log('Hello, errors login!');
include 'db_connect.php';
include 'functions.php';
sec_session_start(); // usiamo la nostra funzione per avviare una sessione php sicura
@ -11,7 +12,7 @@ if(isset($_POST['username'], $_POST['p'])) {
// Login eseguito
header('Location: https://controllo.autocontrollo.ch/');
$log = $pdo->prepare("UPDATE members SET loggedin = '1' where members.username = ?");
$log->execute(array("$username"));
$log->execute(["$username"]);
} else {
header('Location: https://controllo.autocontrollo.ch/?error=1');
}
@ -19,4 +20,3 @@ if(isset($_POST['username'], $_POST['p'])) {
// Le variabili corrette non sono state inviate a questa pagina dal metodo POST.
echo 'Invalid Request';
}
?>

25
verify.php
View File

@ -3,18 +3,23 @@
include 'db_connect.php';
include 'functions.php';
if($_GET['username'] != "" && $_GET['hash'] != "") {
if ($_GET['username'] != '' && $_GET['hash'] != '') {
$check_stmt = $pdo->prepare("SELECT email_sha512 FROM members WHERE username = ? AND verifyemail = '0';");
$check_stmt->execute(array($_GET['username']));
$check_stmt->execute([$_GET['username']]);
$hash = $check_stmt->fetchColumn();
$count = $check_stmt->rowCount();
if($count == "1" && $hash == $_GET['hash']){
if ($count == '1' && $hash == $_GET['hash']) {
$update_stmt = $pdo->prepare("UPDATE members SET verifyemail = '1' WHERE username = ?");
$update_stmt->execute(array($_GET['username']));
$update_stmt->execute([$_GET['username']]);
$count = $update_stmt->rowCount();
if($count == "1"){
echo "Email verified successfully!";
} else echo "An error occurred (3)!";
} else echo "An error occurred (2)!";
} else echo "An error occurred (1)!";
?>
if ($count == '1') {
echo 'Email verified successfully!';
} else {
echo 'An error occurred (3)!';
}
} else {
echo 'An error occurred (2)!';
}
} else {
echo 'An error occurred (1)!';
}