addFeedback('CANCELLED');
header('Location: '.$_base_href.'login.php');
exit;
}
if (isset($_GET['e'], $_GET['id'], $_GET['m'])) {
$id = intval($_GET['id']);
$m = $_GET['m'];
$e = $addslashes($_GET['e']);
$sql = "SELECT creation_date FROM ".TABLE_PREFIX."members WHERE member_id=$id";
$result = mysql_query($sql, $db);
if ($row = mysql_fetch_assoc($result)) {
$code = substr(md5($e . $row['creation_date'] . $id), 0, 10);
if ($code == $m) {
$sql = "UPDATE ".TABLE_PREFIX."members SET email='$e', last_login=NOW(), creation_date=creation_date WHERE member_id=$id";
$result = mysql_query($sql, $db);
$msg->addFeedback('CONFIRM_GOOD');
header('Location: '.$_base_href.'users/index.php');
exit;
} else {
$msg->addError('CONFIRM_BAD');
}
} else {
$msg->addError('CONFIRM_BAD');
}
} else if (isset($_GET['id'], $_GET['m'])) {
$id = intval($_GET['id']);
$m = $_GET['m'];
$sql = "SELECT email, creation_date FROM ".TABLE_PREFIX."members WHERE member_id=$id AND status=".AT_STATUS_UNCONFIRMED;
$result = mysql_query($sql, $db);
if ($row = mysql_fetch_assoc($result)) {
$code = substr(md5($row['email'] . $row['creation_date'] . $id), 0, 10);
if ($code == $m) {
if (defined('AUTO_APPROVE_INSTRUCTORS') && AUTO_APPROVE_INSTRUCTORS) {
$sql = "UPDATE ".TABLE_PREFIX."members SET status=".AT_STATUS_INSTRUCTOR.", creation_date=creation_date, last_login=NOW() WHERE member_id=$id";
} else {
$sql = "UPDATE ".TABLE_PREFIX."members SET status=".AT_STATUS_STUDENT.", creation_date=creation_date, last_login=NOW() WHERE member_id=$id";
}
$result = mysql_query($sql, $db);
if (isset($_REQUEST["en_id"]) && $_REQUEST["en_id"] <> "")
{
$msg->addFeedback('CONFIRM_GOOD');
$member_id = $id;
require (AT_INCLUDE_PATH.'html/auto_enroll_courses.inc.php');
unset($_SESSION['valid_user']);
unset($_SESSION['member_id']);
$table_title="
" . _AT('auto_enrolled_msg'). "
";
require(AT_INCLUDE_PATH.'header.inc.php');
echo "";
require(AT_INCLUDE_PATH.'footer.inc.php');
exit;
}
else
{
$msg->addFeedback('CONFIRM_GOOD');
// enable auto login student into "my start page"
$_REQUEST["auto_login"] = 1;
$_REQUEST["member_id"] = $id;
}
} else {
$msg->addError('CONFIRM_BAD');
}
} else {
$msg->addError('CONFIRM_BAD');
}
} else if (isset($_POST['submit'])) {
$_POST['email'] = $addslashes($_POST['email']);
$sql = "SELECT member_id, email, creation_date, status FROM ".TABLE_PREFIX."members WHERE email='$_POST[email]'";
$result = mysql_query($sql, $db);
if ($row = mysql_fetch_assoc($result)) {
if ($row['status'] == AT_STATUS_UNCONFIRMED) {
$code = substr(md5($row['email'] . $row['creation_date']. $row['member_id']), 0, 10);
if ($_POST["en_id"] <> "")
$confirmation_link = $_base_href . 'confirm.php?id='.$row['member_id'].SEP.'m='.$code.'&en_id='.$_POST["en_id"];
else
$confirmation_link = $_base_href . 'confirm.php?id='.$row['member_id'].SEP.'m='.$code;
/* send the email confirmation message: */
require(AT_INCLUDE_PATH . 'classes/phpmailer/atutormailer.class.php');
$mail = new ATutorMailer();
$mail->From = $_config['contact_email'];
$mail->AddAddress($row['email']);
$mail->Subject = SITE_NAME . ': ' . _AT('email_confirmation_subject');
$mail->Body = _AT('email_confirmation_message', $_base_href, $confirmation_link)."\n\n";
$mail->Send();
$msg->addFeedback('CONFIRMATION_SENT');
} else {
$msg->addFeedback('ACCOUNT_CONFIRMED');
}
header('Location: '.$_base_href.'login.php');
exit;
} else {
$msg->addError('EMAIL_NOT_FOUND');
}
}
if (isset($_REQUEST['auto_login']))
{
$sql = "SELECT M.member_id, M.login, M.preferences, M.language FROM ".TABLE_PREFIX."members M WHERE M.member_id=".$_REQUEST["member_id"];
$result = mysql_query($sql, $db);
if ($row = mysql_fetch_assoc($result))
{
$_SESSION['valid_user'] = true;
$_SESSION['member_id'] = $_REQUEST["member_id"];
$_SESSION['course_id'] = 0;
$_SESSION['login'] = $row[login];
if ($row['preferences'] == "")
assign_session_prefs(unserialize(stripslashes($_config["pref_defaults"])), 1);
else
assign_session_prefs(unserialize(stripslashes($row['preferences'])), 1);
$_SESSION['is_guest'] = 0;
$_SESSION['lang'] = $row[lang];
session_write_close();
header('Location: '.AT_BASE_HREF.'bounce.php?course='.$_POST['course']);
exit;
}
}
require(AT_INCLUDE_PATH.'header.inc.php');
$savant->display('confirm.tmpl.php');
require(AT_INCLUDE_PATH.'footer.inc.php');
?>