V.1.4.6

1 files changed, 40 insertions, 0 deletions

diff --git a/Html/activate.php b/Html/activate.php
new file mode 100644
index 0000000..777f640
--- /dev/null
+++ b/Html/activate.php
@@ -0,0 +1,40 @@
+<?php
+require_once('includes/config.php');
+
+//collect values from the url
+$memberID = trim($_GET['x']);
+$active = trim($_GET['y']);
+
+//if id is number and the active token is not empty carry on
+if(is_numeric($memberID) && !empty($active)){
+
+    //update users record set the active column to Yes where the memberID and active value match the ones provided in the array
+    $stmt = $db->prepare("UPDATE blog_members SET active = 'yes' WHERE memberID = :memberID AND active = :active");
+    $stmt->execute(array(
+        ':memberID' => $memberID,
+        ':active' => $active
+    ));
+
+    //if the row was updated redirect the user
+    if($stmt->rowCount() == 1){
+
+	$stmt = $db->prepare("SELECT username FROM blog_members WHERE memberID = :memberID");
+    	$stmt->execute(array(
+        	':memberID' => $memberID,
+    	));
+	$row = $stmt->fetch();
+
+	$username = $row['username'];
+
+        //redirect to login page
+	write_log('<span style="color:#00cc99; font-weight:bold;">Nouveau membre :</span> '.$username, $db);
+        header('Location: '.SITEURL.'/admin/login.php?action=active');
+        exit;
+
+    } else {
+	header('Location: '.SITEURL.'/admin/login.php?action=echec');
+        exit;
+    }
+    
+}
+?>