includes/usercp_activate.php

   1 <?php
   2 /***************************************************************************
   3  *                            usercp_activate.php
   4  *                            -------------------
   5  *   begin                : Saturday, Feb 13, 2001
   6  *   copyright            : (C) 2001 The phpBB Group
   7  *   email                : support@phpbb.com
   8  *
   9  *   $Id: usercp_activate.php,v 1.6.2.9 2005/09/14 18:14:30 acydburn Exp $
  10  *
  11  *
  12  ***************************************************************************/
  13
  14 /***************************************************************************
  15  *
  16  *   This program is free software; you can redistribute it and/or modify
  17  *   it under the terms of the GNU General Public License as published by
  18  *   the Free Software Foundation; either version 2 of the License, or
  19  *   (at your option) any later version.
  20  *
  21  *
  22  ***************************************************************************/
  23
  24 if ( !defined('IN_PHPBB') )
  25 {
  26         die('Hacking attempt');
  27         exit;
  28 }
  29
  30 $sql = "SELECT user_active, user_id, username, user_email, user_newpasswd, user_lang, user_actkey
  31         FROM " . USERS_TABLE . "
  32         WHERE user_id = " . intval($HTTP_GET_VARS[POST_USERS_URL]);
  33 if ( !($result = $db->sql_query($sql)) )
  34 {
  35         message_die(GENERAL_ERROR, 'Could not obtain user information', '', __LINE__, __FILE__, $sql);
  36 }
  37
  38 if ( $row = $db->sql_fetchrow($result) )
  39 {
  40         if ( $row['user_active'] && trim($row['user_actkey']) == '' )
  41         {
  42                 $template->assign_vars(array(
  43                         'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
  44                 );
  45
  46                 message_die(GENERAL_MESSAGE, $lang['Already_activated']);
  47         }
  48         else if ((trim($row['user_actkey']) == trim($HTTP_GET_VARS['act_key'])) && (trim($row['user_actkey']) != ''))
  49         {
  50                 if (intval($board_config['require_activation']) == USER_ACTIVATION_ADMIN && $row['user_newpasswd'] == '')
  51                 {
  52                         if (!$userdata['session_logged_in'])
  53                         {
  54                                 redirect(append_sid('login.' . $phpEx . '?redirect=profile.' . $phpEx . '&mode=activate&' . POST_USERS_URL . '=' . $row['user_id'] . '&act_key=' . trim($HTTP_GET_VARS['act_key'])));
  55                         }
  56                         else if ($userdata['user_level'] != ADMIN)
  57                         {
  58                                 message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);
  59                         }
  60                 }
  61
  62                 $sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : '';
  63
  64                 $sql = "UPDATE " . USERS_TABLE . "
  65                         SET user_active = 1, user_actkey = ''" . $sql_update_pass . "
  66                         WHERE user_id = " . $row['user_id'];
  67                 if ( !($result = $db->sql_query($sql)) )
  68                 {
  69                         message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql_update);
  70                 }
  71
  72                 if ( intval($board_config['require_activation']) == USER_ACTIVATION_ADMIN && $sql_update_pass == '' )
  73                 {
  74                         include($phpbb_root_path . 'includes/emailer.'.$phpEx);
  75                         $emailer = new emailer($board_config['smtp_delivery']);
  76
  77                         $emailer->from($board_config['board_email']);
  78                         $emailer->replyto($board_config['board_email']);
  79
  80                         $emailer->use_template('admin_welcome_activated', $row['user_lang']);
  81                         $emailer->email_address($row['user_email']);
  82                         $emailer->set_subject($lang['Account_activated_subject']);
  83
  84                         $emailer->assign_vars(array(
  85                                 'SITENAME' => $board_config['sitename'],
  86                                 'USERNAME' => $row['username'],
  87                                 'PASSWORD' => $password_confirm,
  88                                 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '')
  89                         );
  90                         $emailer->send();
  91                         $emailer->reset();
  92
  93                         $template->assign_vars(array(
  94                                 'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
  95                         );
  96
  97                         message_die(GENERAL_MESSAGE, $lang['Account_active_admin']);
  98                 }
  99                 else
 100                 {
 101                         $template->assign_vars(array(
 102                                 'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
 103                         );
 104
 105                         $message = ( $sql_update_pass == '' ) ? $lang['Account_active'] : $lang['Password_activated'];
 106                         message_die(GENERAL_MESSAGE, $message);
 107                 }
 108         }
 109         else
 110         {
 111                 message_die(GENERAL_MESSAGE, $lang['Wrong_activation']);
 112         }
 113 }
 114 else
 115 {
 116         message_die(GENERAL_MESSAGE, $lang['No_such_user']);
 117 }
 118
 119 ?>