threadr.lostcave.ddnss.de/threadr/signup/verify-email/index.php

58 lines
2.0 KiB
PHP

<?php
%PLEAZE_NO_CACHE%
//permitted chars for password salt
$permitted_chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ&/()[]$:?_';
//generates password salt
function generate_salt($input, $strength = 5) {
$input_length = strlen($input);
$random_string = '';
for($i = 0; $i < $strength; $i++) {
$random_character = $input[random_int(0, $input_length - 1)];
$random_string .= $random_character;
}
return $random_string;
}
//for token generation
$token_salt = generate_salt($permitted_chars);
$token_hashes = hash("crc32", $_POST['email']) . hash("crc32", $_POST['username']);
$token = str_shuffle($token_hashes . $token_salt);
//for password hashing
$password_salt = generate_salt($permitted_chars);
$password_hash_method = "sha256";
$pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
//$statement = $pdo->prepare('');
$navbar = "verify-email";
?>
<!DOCTYPE html>
<html>
<head>
<title>ThreadR - Verification</title>
%STYLESHEET%
<link rel="icon" type="image/png" href="%CONTENT_DIR%/img/favicon-32x32.png" sizes="32x32" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<body>
%NAVBAR%
<div class="container">
<div class="item-1">
<h1>
<center>E-mail verification</center>
</h1>
</div>
<div class="item-2 form">
<p>Please send an e-mail containing the following token to <a class="pink-b" href="mailto:signup@lostcave.ddnss.de?subject=ThreadR%20-%20Verification&body=<?php echo $token; ?>">signup@lostcave.ddnss.de</a>:</p>
<form action="%CONTENT_DIR%/signup/verify-email/redirect.php" method="post">
<p>Token: <?php echo $token; ?></p>
<input type="submit" value="Done, sign me up!" />
</form>
<br />
</div>
</div>
</body>
</html>