include 'dbc.php'; /******** EMAIL ACTIVATION LINK**********************/ if(isset($_GET['user']) && !empty($_GET['activ_code']) && !empty($_GET['user']) ) { $user = mysql_real_escape_string($_GET['user']); $activ = mysql_real_escape_string($_GET['activ_code']); //check if activ code and user is valid $rs_check = mysql_query("select id from users where md5_id='$user' and activation_code='$activ'") or die (mysql_error()); $num = mysql_num_rows($rs_check); // Match row found with more than 1 results - the user is authenticated. if ( $num <= 0 ) { $msg = urlencode("Lo siento la cuenta no existe o el codigo de activación es incorrecto."); header("Location: activate.php?msg=$msg"); exit(); } // set the approved field to 1 to activate the account $rs_activ = mysql_query("update users set approved='1' WHERE md5_id='$user' AND activation_code = '$activ' ") or die(mysql_error()); $msg = urlencode("Gracias, tu cuenta ha sido activada.Thank you."); header("Location: activate.php?done=1&msg=$msg"); exit(); } /******************* ACTIVATION BY FORM**************************/ if ($_POST['doActivate']=='Activate') { $user_email = mysql_real_escape_string($_POST['user_email']); $activ = mysql_real_escape_string($_POST['activ_code']); //check if activ code and user is valid as precaution $rs_check = mysql_query("select id from users where user_email='$user_email' and activation_code='$activ'") or die (mysql_error()); $num = mysql_num_rows($rs_check); // Match row found with more than 1 results - the user is authenticated. if ( $num <= 0 ) { $msg = urlencode("Lo siento la cuenta no existe o el codigo de activación es incorrecto."); header("Location: activate.php?msg=$msg"); exit(); } //set approved field to 1 to activate the user $rs_activ = mysql_query("update users set approved='1' WHERE user_email='$user_email' AND activation_code = '$activ' ") or die(mysql_error()); $msg = urlencode("Gracias, tu cuenta ha sido activada.Thank you."); header("Location: activate.php?msg=$msg"); exit(); } ?>
/******************** ERROR MESSAGES************************************************* This code is to show error messages **************************************************************************/ if (isset($_GET['msg'])) { $msg = mysql_real_escape_string($_GET['msg']); echo "
Por favor, ingresa tu correo y código de activación que enviamos a tu correo para activar tu cuenta. Una vez activa, podrás acceder aquí.