No code delivered. nothing to do here.');
}
$userid = $_GET['userid'];
$code = $_GET['code'];
$statement = $pdo->prepare("SELECT * FROM users WHERE id = :userid");
$result = $statement->execute(array('userid' => $userid));
$user = $statement->fetch();
//check if theres a code for the user delivered
if($user === null || $user['activationcode'] === null) {
die('
No User matching your request.
');
}
if($user['activationcode_time'] === null || strtotime($user['activationcode_time']) < (time()-24*3600) ) {
die('
Ooops. This code isnt valid anymore.
');
}
if(sha1($code) != $user['activationcode']) {
die('
Not the valid activationcode!
');
}
if(isset($_GET['send'])) {
$statement = $pdo->prepare("UPDATE users SET activated = 1, activationcode = NULL, activationcode_time = NULL WHERE id = :userid");
$result = $statement->execute(array('userid'=> $userid ));
if($result) {
die('Activated. Going to login now.');
}
}
?>
Activate your user