threadr.lostcave.ddnss.de/threadr/signup/verify-email/index.php

<?php
  //todo: force logout any user if logged in and on this page

  //permitted chars for password salt
  $permitted_chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ&/()[]$:?_';

  //generates password salt
  function generate_salt($input, $strength = 5) {
    $input_length = strlen($input);
    $random_string = '';
    for($i = 0; $i < $strength; $i++) {
      $random_character = $input[random_int(0, $input_length - 1)];
      $random_string .= $random_character;
    }
    return $random_string;
  }

  //for token generation
  $token_salt = generate_salt($permitted_chars);
  $token_hashes = hash("crc32", $_POST['email']) . hash("crc32", $_POST['username']);
  $token = str_shuffle($token_hashes . $token_salt);

  //for password hashing
  $password_salt = generate_salt($permitted_chars);
  $password_hash_method = "sha256";

  $pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
  //$statement = $pdo->prepare('');
?>
<!DOCTYPE html>
<html>
      <head>
        <title>ThreadR - Verification</title>
        <link rel="stylesheet" type="text/css" href="%CONTENT_DIR%/style.css">
        <link rel="icon" type="image/png" href="%CONTENT_DIR%/img/favicon-32x32.png" sizes="32x32" />
        <meta name="viewport" content="width=device-width, initial-scale=1.0">
      </head>
      <body>
        <ul class="topnav">
          <li><a href="%CONTENT_DIR%/"><img src="%CONTENT_DIR%/img/ThreadR_Home.svg" alt="Home" /></a></li>
          <!-- <li><a class="dropdown">
            <button class="dropbtn">News 
              <i class="fa fa-caret-down"></i>
            </button>
            <div class="dropdown-content">
              <a href="#">Link 1</a>
              <a href="#">Link 2</a>
              <a href="#">Link 3</a>
            </div>
          </div> -->
          <li><a href="%CONTENT_DIR%/news/">News</a></li>
          <li><a href="%CONTENT_DIR%/boards/">Boards</a></li>
          <li><a href="%CONTENT_DIR%/about/">About</a></li>
          <li class="right"><a class="active" href="%CONTENT_DIR%/login/">Log In</a></li>
        </ul>
        <br />
        <div class="container">
          <div class="item-1">
            <h1>
              <center>E-mail verification</center>
            </h1>
          </div>
          <div class="item-2 form">
            <p>Please send an e-mail with the following token to <a class="cyan blue-b" href="mailto:signup@lostcave.ddnss.de?subject=signup&body=<?php echo $token; ?>">signup@lostcave.ddnss.de</a>:</p>
            <form action="%CONTENT_DIR%/signup/verify-email/redirect.php" method="post">
              <p>Token: <?php echo $token; ?></p>
              <input type="submit" value="Done, sign me up!" />
            </form>
            <br />
          </div>
        </div>
      </body>
    </html>