File: /var/www/html/tmpr/../tmpr/../tmpr/../v/activate.php
<?
include('../Connections/videoondemand.php');
/******** EMAIL ACTIVATION LINK**********************/
if(isset($_GET['user']) && !empty($_GET['activ_code']) && !empty($_GET['user']) ) {
$user = mysqli_real_escape_string($link,$_GET['user']);
$activ = mysqli_real_escape_string($link,$_GET['activ_code']);
//check if activ code and user is valid
$rs_check = mysqli_query("select catalogid from users where activation_code='$activ'") or die (mysql_error());
$num = mysql_num_rows($rs_check);
// Match row found with more than 1 results - the user is authenticated.
if ( $num <= 0 ) {
$msg = urlencode("Sorry no such account exists or activation code invalid.");
header("Location: activate.php?msg=$msg");
exit();
}
// set the approved field to 1 to activate the account
$rs_activ = mysqli_query("update users set approved='1' WHERE activation_code = '$activ' ") or die(mysql_error());
$msg = urlencode("Thank you. Your account has been activated.");
header("Location: login.php?done=1&msg=$msg");
exit();
}
/******************* ACTIVATION BY FORM**************************/
if ($_POST['doActivate']=='Activate')
{
$user_email = mysqli_real_escape_string($link,$_POST['user_email']);
$activ = mysqli_real_escape_string($link,$_POST['activ_code']);
//check if activ code and user is valid as precaution
$rs_check = mysqli_query("select catalogid from users where user_email='$user_email' and activation_code='$activ'") or die (mysql_error());
$num = mysql_num_rows($rs_check);
// Match row found with more than 1 results - the user is authenticated.
if ( $num <= 0 ) {
$msg = urlencode("Sorry no such account exists or activation code invalid.");
header("Location: activate.php?msg=$msg");
exit();
}
//set approved field to 1 to activate the user
$rs_activ = mysqli_query("update users set approved='1' WHERE
user_email='$user_email' AND activation_code = '$activ' ") or die(mysql_error());
$msg = urlencode("Thank you. Your account has been activated.");
header("Location: login.php?msg=$msg");
exit();
}
?>
<html>
<head>
<title>User Account Activation</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="JavaScript" type="text/javascript" src="js/jquery-1.3.2.min.js"></script>
<script language="JavaScript" type="text/javascript" src="js/jquery.validate.js"></script>
<script>
$(document).ready(function(){
$("#actForm").validate();
});
</script>
<link href="styles.css" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
.style2 {font-size: 9px}
.style3 {font-weight: bold}
-->
</style>
</head>
<body><?php
include 'header.php';
?>
<table width="76%" border="0" align="center" cellpadding="5" cellspacing="0" class="main">
<tr>
<td width="342" align="center" valign="top">
<form action="activate.php" method="post" name="actForm" id="actForm" >
<p> </p>
<p> </p>
<table width="400" border="0" cellpadding="4" cellspacing="4" class="loginform">
<tr>
<td colspan="2"><span class="titlehdr">Account Activation</span></td>
</tr>
<tr>
<td width="36%">Your Email</td>
<td width="64%"><input name="user_email" type="text" class="required email" id="txtboxn" size="25"></td>
</tr>
<tr>
<td>Activation code</td>
<td><input name="activ_code" type="password" class="required" id="txtboxn" size="25"></td>
</tr>
<tr>
<td colspan="2"> <div align="center">
<p align="left" style="color: #390">
<?
/******************** ERROR MESSAGES*************************************************
This code is to show error messages
**************************************************************************/
if (isset($_GET['msg'])) {
$msg = mysqli_real_escape_string($link,$_GET['msg']);
echo " $msg ";
}
/******************************* END ********************************/
?></p> <p>
Please enter your email and activation code sent to you to your email
address to activate your account. </p>
<p>
<input name="doActivate" class="formbutton" type="submit" id="doLogin3" value="Activate">
</p>
<p><a href="login.php">Login here</a></p>
</div></td>
</tr>
</table>
<div align="center"></div>
<p align="center"> </p>
</form>
<p align="left"> </p>
<p align="left"> </p></td>
</tr>
<tr>
<td> </td>
</tr>
</table>
</body>
</html>