query("SELECT email FROM user_account WHERE username !='$username' AND email = '$newEmail'");
if($result->num_rows > 0){ //email already exist
$msg = "Try Again!! This email is already registered to another account!!";
$pg_email = 1;
$msg_type = 1;
}
else{ //update new email into database
$result = $conn->query("UPDATE user_account SET email= '$newEmail' WHERE username = '$username'");
if($result){
$msg = "Your email has been Updated!";
//we also update the email of session variable to a new one
$_SESSION['email'] = $newEmail;
$pg_email = 0;
$msg_type = 2;
}
else{
$msg = "Error updating record: " . $conn->error;
$msg_type = 1;
}
// generate 'random code'
function getRandomCode() {
$n=10;
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randomCode = '';
for ($i = 0; $i < $n; $i++) {
$index = rand(0, strlen($characters) - 1);
$randomCode .= $characters[$index];
}
return $randomCode;
}
// check if 'Verify-Code' exist
$result = $conn->query("SELECT verifyCode FROM user_account WHERE username = '$username'");
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
$verifyCode = $row["verifyCode"];
}
}
else{ //generate code
$verifyCode = getRandomCode();
$conn->query("UPDATE user_account SET verifyCode = '$verifyCode' WHERE username = '$username'");
}
if ( isset($verifyCode) ){
//Now after updating the email we email the verify code again
//Send it to his new email
$to = $newEmail;
$subject = "Account-Verification Code For GEESE";
$message = "
Welcome to GEESE.
";
$message .= "
Hi '" . $username . "'', we would like to thank you for joining GEESE
";
$message .= "Your Verfication Code is:
" . $verifyCode . "
";
$header = "From:no-reply@gmail.com \r\n";
$header .= "Cc: \r\n";
$header .= "MIME-Version: 1.0\r\n";
$header .= "Content-type: text/html\r\n";
//This is to send the verify code to the user
$retval = mail ($to,$subject,$message,$header);
if( $retval == true ) {
$msg = $msg . " The code has been emailed to you";
$msg_type = 2;
}else {
$msg = $msg . " Email couldn't be sent";
$msg_type = 1;
}
}
else{
$msg = " Error updating record: "."unable to generate/detect V-Code";
$msg_type = 1;
}
}
}
}
if(isset($_POST["submitCode"])){
//Now we need to check if the verify Code is correct or not
$userCode = mysqli_real_escape_string($conn,$_POST["code"]);
$result = $conn->query("SELECT * FROM user_account WHERE username = '$username'");
if($result->num_rows == 1){
while($row = $result->fetch_assoc()){
if( $row["verifyCode"] == $userCode ){
$msg = "Your usercode is valid";
// V-Code is 'valid' | account is now 'active' = 1 | set V-Code = 0
if($conn->query("UPDATE user_account SET active = '1', verifyCode = 0 WHERE username = '$username'") === TRUE){
$msg = "Your account status has been updated!!";
$msg_type = 2;
header('location: '.dir_root.'account/dashboard.php');
}else{
$msg = "There's an 'error' to activate your account!!";
$msg_type = 1;
}
}else{
$msg = "The 'Verify-Code' is incorrect!!";
$msg_type = 1;
}
}
}else{
echo "Duplicate user accounts with same value";
}
}
}
}else{
//That is go to the sign-up/login page
header("location: index.php");
}
?>
Hielo by TEMPLATED