20 lines
651 B
PHP
20 lines
651 B
PHP
<?php declare(strict_types=1);
|
|
|
|
if ($_SESSION['type'] !== 'testing')
|
|
output(403, _('This account is already approved.'));
|
|
|
|
rateLimit();
|
|
|
|
if (isset(query('select', 'approval-keys', ['key' => $_POST['key']], ['key'])[0]) !== true)
|
|
output(403, _('This approval key is not available. It has been mistyped, used for another account, or has expired.'));
|
|
|
|
query('delete', 'approval-keys', ['key' => $_POST['key']]);
|
|
|
|
DB->prepare('UPDATE users SET type = "approved" WHERE id = :id')
|
|
->execute([':id' => $_SESSION['id']]);
|
|
|
|
$_SESSION['type'] = 'approved';
|
|
|
|
insert('approval-keys', ['key' => bin2hex(random_bytes(16))]);
|
|
|
|
output(200, _('Account approved.'));
|