-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaccount.php
102 lines (94 loc) · 3.33 KB
/
account.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
---
layout: wrapper
title: Account
---
<?php
$ShowDelete = false;
?>
<div class="table" style="width: 100%">
<tr>
<td>
<?php
if (empty($_SESSION['username'])) {echo '<script>window.location.replace("login.php?redirect=account.php");</script>';}
?>
<?php
if (isset($_GET['verify'])) {
$message = '
Thank you for signing up!
Your account has been created, you can log in with the following credentials after you have activated your account by pressing the url below.
------------------------
Username: '.$username.'
Password: '.$password.'
------------------------
Please click this link to activate your account:
https://cicero-interactive.de.cool/verify.php?email='.hash("sha1", $_SESSION["email"]).'
'."
If this wasn't you and someone else used your email, you can delete this account here:
https://cicero-interactive.de.cool/account.php?delete";
mail($email, "Cicero Interactive Account Verification", $message, "From: Cicero Interactive <[email protected]>");
exit('<script>window.location.replace("verify.php");</script>');
}
if (isset($_GET['delete'])) {
$ShowDelete = true;
if ($_GET['delete'] == true) {
if (empty($_POST['password'])) {
$msg = '<div class="alertRed">PLEASE ENTER YOUR PASSWORD</div>';
} else {
global $db;
$email = $_SESSION['email'];
$password = hash("sha512", $_POST['password']);
$sql = "SELECT * FROM users WHERE email = '$email' AND password = '$password'";
$result = $db->query($sql);
if($result->num_rows > 0) {
$sql = "DELETE FROM users WHERE email = '$email' AND password = '$password'";
$db->query($sql);
session_destroy();
session_unset();
exit('<script>window.location.replace("./");</script>');
} else {
$msg = '<div class="alertRed">WRONG PASSWORD</div>';
}
$db->close();
}
}
}
?>
<div class="table main" style="text-align: center">
<div class="row" style="height: 130px"></div>
<?php if ($ShowDelete == false) { ?>
<div class="row">
<div style="max-width: 1100px; margin: auto;">
<font size="7" color="#ddd">My Account</font>
<br>
<div>
<?php if ($_SESSION['verified'] == False) { ?>
You have to activate your account first before you can personalize it.<br>
If the verification mail hasn't been sent or you lost the code, click <a href="?verify=1">here</a>.
<?php } else { ?>
Currently WIP!
<?php } ?>
</div>
</div>
</div>
<div class="row">
<div style="margin-top: 75px;">
<a class="button" href="?delete">Delete My Account</a>
</div>
</div>
<?php } else { ?>
<div class="row">
<form action="?delete=1" method="post" style="margin: auto; max-width: 520px; background-color: unset">
<font size="5" color="#ccc">Do you really wish to delete your account?</font><br><br>
<?php if (isset($msg)) {echo $msg;} ?>
All your data will be lost and will not be recoverable.<br><br>
Password:<br>
<input type="password" size="40" maxlength="255" name="password" style="color: #999"><br><br><br>
<input type="submit" value="Delete">
</form>
</div>
<?php } ?>
<div class="row" style="height: 50px"></div>
</div>
</td>
</tr>
</table>