if (empty($userid)) { event::fire('HAX_CONFIRMATION_USERID'); $msg = 'The User Identifcation code is empty, did you tamper with the URL?'; return; } if (!preg_match('/^[a-fA-F0-9]+$/', $code)) { event::fire('HAX_CONFIRMATION_CODE'); $msg = 'The confirmation code is borked, did you tamper with the URL?'; return; } if (strlen($code) < 32) { event::fire('HAX_CONFIRMATION_CODE'); $msg = 'The confirmation code is borked, did you tamper with the URL?'; return; } if ($auth->checkCode($userid, $code)) { $isConfirmed = 1; $auth->verifyUser($userid); } else { $msg = 'Confirmation code is wrong. <a href=\\"#\\">Click here to recieve another one.</a>'; return; } } if (isset($_POST['login'])) { $op = $_POST['op']; $dest = $_POST['dest']; if ($op !== 'new' && $op !== 'login') { die('Unknown request'); } $email = $_POST['email']; $password = $_POST['password'];