<?php
/* PHP Link Directory Copyright 2011 Robert Rook */
require('dblogon.php');
require('tpl/boxes.php');
require('lib/sendmail.php');
$page_title = "Email Validation";
require('page_l.php');
if(isset($_GET['cmd']) && $_GET['cmd']=="verify" && isset($_GET['linkid'])
&& is_numeric($_GET['linkid']) && isset($_GET['key'])) {
/* Attempt to verify an email address */
$res = mysql_query("SELECT bactive, verifkey, linkid, ltitle, lurl, lastemail FROM {$prefix}link WHERE linkid='{$_GET['linkid']}' AND bverified=0", $db);
if(!mysql_num_rows($res)) {
show_error("Cannot validate email", "The email address for this link cannot be verified, as it has either been already verified or the link does not exist.");
} else {
$row = mysql_fetch_array($res);
if($row['verifkey']!=$_GET['key']) {
show_error("Bad Verification Link", "The verification link you have followed is incorrect or out of date. You may need a new verification link to complete verification of your email address.");
if(($row['lastemail']+(60*60*24*3))>=time()) {
echo "<ul><li>You cannot send a new verification link more than ";
echo "once every three days. Please check back on: ";
echo date('d/m/Y h:i:sa',($row['lastemail']+(60*60*24*3)))."</li></ul>\n";
} else {
echo "<ul><li><a href=\"{$site_url}/verify.php?cmd=newkey&linkid={$_GET['linkid']}\">";
echo "Click here to obtain a new verification link</a></li></ul>\n";
}
} else {
/* Verify the email address */
$newkey = substr(md5(time()),0,rand(15,20));
mysql_query("UPDATE {$prefix}link SET bverified=1".(!$ldir_adminvalidates&&$ldir_validateemail?", bactive=1":"").", verifkey='{$newkey}' WHERE linkid='{$_GET['linkid']}'", $db);
if($ldir_adminvalidates) {
show_result("Email verified", "Thank you! Your email address has now been verified. Your link will be made active once it has been validated by an administrator.");
} else if($ldir_validateemail) {
show_result("Email verified", "Thanks you! Your email address has been verified, and your link should now be active within the directory.");
} else {
show_result("Email verified", "Thank you! You have successfully verified your email address for this link.");
}
echo "<ul><li><b>Link title:</b> {$row['ltitle']}</li>\n";
echo "<li><b>Link URL:</b> {$row['lurl']}</li></ul>\n";
}
}
} else if(isset($_GET['cmd']) && $_GET['cmd']=="delete" && isset($_GET['linkid'])
&& is_numeric($_GET['linkid']) && isset($_GET['key'])) {
/* Delete a link from the directory at the request of the owner */
$res = mysql_query("SELECT bactive, verifkey, linkid, ltitle, lurl, lastemail, lemail FROM {$prefix}link WHERE linkid='{$_GET['linkid']}' AND bverified=0", $db);
if(!mysql_num_rows($res)) {
show_error("Link not found", "The link you have requested to remove has not been found.");
} else {
$row = mysql_fetch_array($res);
if($row['verifkey']==$_GET['key']) {
show_result("Link removed", "The requested link has been permanently removed from our directory.");
mysql_query("DELETE FROM {$prefix}link WHERE linkid='{$_GET['linkid']}'", $db);
} else {
show_error("Cannot remove link", "The deletion key you have provided for this link is not valid.\n<ul><li><a href=\"{$site_url}/verify.php?cmd=newkey&linkid={$row['linkid']}\">Click here to obtain a new deletion key</a></li></ul>");
}
}
} else if(isset($_GET['cmd']) && $_GET['cmd']=="newkey" && isset($_GET['linkid'])
&& is_numeric($_GET['linkid'])) {
/* Show a form to send a new activation / deletion key */
$res = mysql_query("SELECT bactive, bverified, verifkey, linkid, ltitle, lurl, lastemail, lemail FROM {$prefix}link WHERE linkid='{$_GET['linkid']}' AND bverified=0", $db);
if(!mysql_num_rows($res)) {
show_error("Link not found", "The link you have requested to obtain a new key for has not been found.");
} else {
$row = mysql_fetch_array($res);
if(($row['lastemail']+(60*60*24*3))>=time()) {
show_error("Cannot reset key", "The ".($row['bverified']?"deletion":"activation")." key cannot be reset again as it has been requested too recently. You can request the key to be reset again at the following date/time: ".date('d/m/Y h:i:sa',($row['lastemail']+(60*60*24*3))));
} else {
/* Generate a new key and email it */
show_header("New deletion key", "Please provide the email address you submitted with this link to send a new key.");
if(isset($_POST['email'])) {
if($_POST['email']==$row['lemail']) {
$newkey = substr(md5(time()),0,rand(15,20));
mysql_query("UPDATE {$prefix}link SET verifkey='{$newkey}' WHERE linkid='{$_GET['linkid']}', lastemail='".time()."'", $db);
if($row['bverified']) {
sendmail_deletion_byid($row['linkid']);
} else {
sendmail_verification_byid($row['linkid']);
}
show_result("Key sent", "Your new key to modify this link has been emailed to you. Please check your inbox.");
} else {
show_error("Invalid email", "The email address you have provided for this link is not the same as the one on file. Please try again.");
}
} else {
echo <<<ENDHTML
<form method="post" action="{$site_url}/verify.php?cmd=newkey&linkid={$_GET['linkid']}">
<table border="0" cellpadding="2px" cellspacing="0" align="center">
<tr><td>Email address </td>
<td align="right"><input type="text" maxlength="250" class="stdinput" name="email"></td></tr>
<tr><td> </td>
<td align="right"><input type="submit" class="stdbutton" value="Get key"></td></tr>
</table>
</form>
ENDHTML;
}
}
}
} else {
show_error("Invalid usage", "This page is used only for the verification of email addresses.\n<ul><li><a href=\"{$site_url}\">Return to the website homepage</a></li></ul>");
}
require('page_r.php');
?>