if (empty($userid)) {
event::fire('HAX_CONFIRMATION_USERID');
$msg = 'The User Identifcation code is empty, did you tamper with the URL?';
return;
}
if (!preg_match('/^[a-fA-F0-9]+$/', $code)) {
event::fire('HAX_CONFIRMATION_CODE');
$msg = 'The confirmation code is borked, did you tamper with the URL?';
return;
}
if (strlen($code) < 32) {
event::fire('HAX_CONFIRMATION_CODE');
$msg = 'The confirmation code is borked, did you tamper with the URL?';
return;
}
if ($auth->checkCode($userid, $code)) {
$isConfirmed = 1;
$auth->verifyUser($userid);
} else {
$msg = 'Confirmation code is wrong. <a href=\\"#\\">Click here to recieve another one.</a>';
return;
}
}
if (isset($_POST['login'])) {
$op = $_POST['op'];
$dest = $_POST['dest'];
if ($op !== 'new' && $op !== 'login') {
die('Unknown request');
}
$email = $_POST['email'];
$password = $_POST['password'];
