it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ******************************************************/ if (!isset($_SERVER['HTTP_REFERER']) || empty($_SERVER['HTTP_REFERER'])) { $_SESSION['isv_error'] = 'ACTION NOT ALLOWED!'; notFound404Err(); exit; } $from_url = $_SERVER['HTTP_REFERER']; /** check if he is a logged in user **/ if (!isLoggedIn()) { $_SESSION['isv_error'] = "You must be logged in to complete this action."; header('location:' . ISVIPI_URL . 'sign_in'); exit; } /** an extra layer of security => check if there is a session matching these details in the database **/ $currSession = session_id(); $currentUser = $_SESSION['isv_user_id']; if (!isMemberSessionValid($currentUser, $currSession)) { $_SESSION['isv_error'] = "Your session either changed or expired. Please sign in to continue."; header('location:' . ISVIPI_URL . 'sign_in');
public function __construct($_code) { $this->code = $_code; //check if the code is valid if (!valid_codeExists($this->code, 'code')) { $_SESSION['isv_error'] = 'Invalid validation code. Check your email for the correct validation code.'; notFound404Err(); exit; } //activate user global $isv_db, $exstEmail; $newStatus = 1; $stmt = $isv_db->prepare("UPDATE users SET status=? where email=?"); $stmt->bind_param('is', $newStatus, $exstEmail); $stmt->execute(); //delete code $stmt->prepare("DELETE from user_validations where code=?"); $stmt->bind_param('s', $this->code); $stmt->execute(); $stmt->close(); //redirect to index page with success message $_SESSION['isv_success'] = 'Account Activated. Please sign in to proceed.'; header('location:' . ISVIPI_URL . ''); exit; }