//Prevent the user visiting the logged in page if he/she is already logged in
if (isUserLoggedIn()) {
header("Location: index.php");
die;
}
/*
Activate a users account
*/
$errors = array();
//Get token param
if (isset($_GET["token"])) {
$token = $_GET["token"];
if (!isset($token)) {
$errors[] = lang("FORGOTPASS_INVALID_TOKEN");
} else {
if (!validateactivationtoken($token)) {
$errors[] = "Token does not exist / Account is already activated";
} else {
//Activate the users account
if (!setUseractive($token)) {
$errors[] = lang("SQL_ERROR");
}
}
}
} else {
$errors[] = lang("FORGOTPASS_INVALID_TOKEN");
}
?>
function generateactivationtoken()
{
$gen;
do {
$gen = md5(uniqid(mt_rand(), false));
} while (validateactivationtoken($gen));
return $gen;
}
$errors[] = lang("SQL_ERROR");
} else {
//Might be wise if this had a time delay to prevent a flood of requests.
flagLostpasswordRequest($userdetails["username_clean"], 0);
$success_message = lang("FORGOTPASS_NEW_PASS_EMAIL");
}
}
}
}
}
//----------------------------------------------------------------------------------------------
//User has denied this request
//----------------------------------------------------------------------------------------------
if (!empty($_GET["deny"])) {
$token = trim($_GET["deny"]);
if ($token == "" || !validateactivationtoken($token, TRUE)) {
$errors[] = lang("FORGOTPASS_INVALID_TOKEN");
} else {
$userdetails = fetchUserDetails(NULL, $token);
flagLostpasswordRequest($userdetails['username_clean'], 0);
$success_message = lang("FORGOTPASS_REQUEST_CANNED");
}
}
//----------------------------------------------------------------------------------------------
//Forms posted
//----------------------------------------------------------------------------------------------
if (!empty($_POST)) {
$email = $_POST["email"];
$username = $_POST["username"];
//Perform some validation
//Feel free to edit / change as required
