83 lines
3 KiB
PHP
83 lines
3 KiB
PHP
|
<?php
|
||
|
|
if (!defined('SVRJS_MOD_DIRECTORY')) die;
|
||
|
|
|
||
|
|
$errorMessage = null;
|
||
|
|
|
||
|
|
if (!isset($_GET['id']) || !$_GET['id']) {
|
||
|
|
http_response_code(400);
|
||
|
|
$errorMessage = "Email address change request ID is not specified.";
|
||
|
|
} else {
|
||
|
|
$statement = $connection->prepare("SELECT email, (NOW() > request_date + INTERVAL 1 DAY) AS expired FROM requests_email WHERE id = ? AND user = ?");
|
||
|
|
if (!$statement) {
|
||
|
|
http_response_code(500);
|
||
|
|
$errorMessage = "An unexpected error occurred while changing the email address.";
|
||
|
|
} else {
|
||
|
|
$statement->bind_param('si', $_GET['id'], $_SESSION['user']);
|
||
|
|
$statement->execute();
|
||
|
|
$result = $statement->get_result();
|
||
|
|
if (!$result) {
|
||
|
|
http_response_code(500);
|
||
|
|
$errorMessage = "An unexpected error occurred while changing the email address.";
|
||
|
|
$statement->close();
|
||
|
|
} else {
|
||
|
|
$request = $result->fetch_assoc();
|
||
|
|
$statement->close();
|
||
|
|
if (!$request) {
|
||
|
|
http_response_code(400);
|
||
|
|
$errorMessage = "Invalid request ID.";
|
||
|
|
} else {
|
||
|
|
$expired = false;
|
||
|
|
if ($request['expired']) {
|
||
|
|
$expired = true;
|
||
|
|
http_response_code(400);
|
||
|
|
$errorMessage = "Invalid request ID.";
|
||
|
|
}
|
||
|
|
|
||
|
|
if (!$expired) {
|
||
|
|
$statement = $connection->prepare("UPDATE users SET email = ? WHERE id = ?");
|
||
|
|
if (!$statement) {
|
||
|
|
http_response_code(500);
|
||
|
|
$errorMessage = "An unexpected error occurred while changing the email address.";
|
||
|
|
} else {
|
||
|
|
$statement->bind_param('si', $request['email'], $_SESSION['user']);
|
||
|
|
if (!$statement->execute()) {
|
||
|
|
http_response_code(500);
|
||
|
|
$errorMessage = "An unexpected error occurred while changing the email address.";
|
||
|
|
}
|
||
|
|
$statement->close();
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
$statement = $connection->prepare("DELETE FROM requests_email WHERE id = ? AND user = ?");
|
||
|
|
if (!$statement) {
|
||
|
|
http_response_code(500);
|
||
|
|
$errorMessage = "An unexpected error occurred while changing the email address.";
|
||
|
|
} else {
|
||
|
|
$statement->bind_param('si', $_GET['id'], $_SESSION['user']);
|
||
|
|
if (!$statement->execute()) {
|
||
|
|
http_response_code(500);
|
||
|
|
$errorMessage = "An unexpected error occurred while changing the email address.";
|
||
|
|
}
|
||
|
|
$statement->close();
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
if ($errorMessage) {
|
||
|
|
$pageTitle = "Your email address hasn't been changed";
|
||
|
|
$pageDescription = $errorMessage;
|
||
|
|
} else {
|
||
|
|
$pageTitle = "Your email address has been changed";
|
||
|
|
$pageDescription = "Your email address has been changed.";
|
||
|
|
}
|
||
|
|
include 'header.php';
|
||
|
|
?>
|
||
|
|
<main class="content">
|
||
|
|
<h1><?php echo htmlspecialchars($errorMessage ? "Your email address hasn't been changed" : "Your email address has been changed") ?></h1>
|
||
|
|
<p><?php echo htmlspecialchars($errorMessage ? $errorMessage : "Your email address has been changed.") ?></p>
|
||
|
|
<p><a href="<?php echo htmlspecialchars(URL_REWRITTEN ? APP_ROOT : APP_ROOT . APP_FILENAME . '/') ?>" class="btn">Return to home</a></p>
|
||
|
|
</main>
|
||
|
|
<?php
|
||
|
|
include 'footer.php';
|
||
|
|
?>
|