0) { $row = mysql_fetch_assoc($res); $row['attempts']++; if($row['attempts'] >= 6) { mysql_query("update `email` set `hash`='', `attempts`='$row[attempts]', `deleted`=NOW() where `id`='$emailid'"); showheader(_("Error!"), _("Error!")); echo _("You've attempted to verify the same email address a fourth time with an invalid hash, subsequently this request has been deleted in the system"); showfooter(); exit; } mysql_query("update `email` set `attempts`='$row[attempts]' where `id`='$emailid'"); } $query = "select * from `email` where `id`='$emailid' and `hash`='$hash' and hash!='' and deleted=0"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { showheader(_("Error!"), _("Error!")); echo _("The ID or Hash has already been verified, or something weird happened."); showfooter(); exit; } $row = mysql_fetch_assoc($res); if(array_key_exists('Yes',$_REQUEST) && $_REQUEST['Yes'] != "") { $query = "update `email` set `hash`='',`modified`=NOW() where `id`='$emailid'"; mysql_query($query); $query = "update `users` set `verified`='1' where `id`='".intval($row['memid'])."' and `email`='".$row['email']."' and `verified`='0'"; mysql_query($query); showheader(_("Updated"), _("Updated")); echo _("Your account and/or email address has been verified. You can now start issuing certificates for this address."); } else if(array_key_exists('No',$_REQUEST) && $_REQUEST['No'] != "") { header("location: /index.php"); exit; } else { showheader(_("Updated"), _("Updated")); printf(_("Are you sure you want to verify the email %s?"), $row['email']); echo "
\n

"; echo ""; echo ""; echo ""; echo "
\n"; echo "
\n"; echo "

\n"; } showfooter(); exit; } elseif($type == "domain") { $id = 7; $domainid = intval($_REQUEST['domainid']); $hash = mysql_escape_string(stripslashes($_REQUEST['hash'])); $query = "select * from `domains` where `id`='$domainid' and hash!='' and deleted=0"; $res = mysql_query($query); if(mysql_num_rows($res) > 0) { $row = mysql_fetch_assoc($res); $row['attempts']++; if($row['attempts'] >= 6) { $query = "update `domains` set `hash`='', `attempts`='$row[attempts]', `deleted`=NOW() where `id`='$domainid'"; showheader(_("Error!"), _("Error!")); echo _("You've attempted to verify the same domain a fourth time with an invalid hash, subsequantly this request has been deleted in the system"); showfooter(); exit; } $query = "update `domains` set `attempts`='".intval($row['attempts'])."' where `id`='$domainid'"; mysql_query($query); } $query = "select * from `domains` where `id`='$domainid' and `hash`='$hash' and hash!='' and deleted=0"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) { showheader(_("Error!"), _("Error!")); echo _("The ID or Hash has already been verified, the domain no longer exists in the system, or something weird happened."); showfooter(); exit; } $row = mysql_fetch_assoc($res); if(array_key_exists('Yes',$_REQUEST) && $_REQUEST['Yes'] != "") { $query = "update `domains` set `hash`='',`modified`=NOW() where `id`='$domainid'"; mysql_query($query); showheader(_("Updated"), _("Updated")); echo _("Your domain has been verified. You can now start issuing certificates for this domain."); } else if(array_key_exists('No',$_REQUEST) && $_REQUEST['No'] != "") { header("location: /index.php"); exit; } else { showheader(_("Updated"), _("Updated")); printf(_("Are you sure you want to verify the domain %s?"), $row['domain']); echo "
\n

"; echo ""; echo ""; echo ""; echo "
\n"; echo "
\n"; echo "

\n"; } showfooter(); exit; } else { showheader(_("Error!"), _("Error!")); echo _("Parameters are missing. Please try the complete URL."); showfooter(); exit; } ?>