diff --git a/phpBB/includes/usercp_activate.php b/phpBB/includes/usercp_activate.php
index 6edff84e52..cb2a38b2ac 100644
--- a/phpBB/includes/usercp_activate.php
+++ b/phpBB/includes/usercp_activate.php
@@ -8,7 +8,6 @@
*
* $Id$
*
- *
***************************************************************************/
/***************************************************************************
@@ -27,70 +26,81 @@ if ( !defined('IN_PHPBB') )
exit;
}
-$sql = "SELECT user_id, user_email, user_newpasswd, user_lang
+$sql = "SELECT user_active, user_id, user_email, user_newpasswd, user_lang, user_actkey
FROM " . USERS_TABLE . "
- WHERE user_actkey = '" . str_replace("\'", "''", $HTTP_GET_VARS['act_key']) . "'";
-if ( $result = $db->sql_query($sql) )
-{
- if ( $row = $db->sql_fetchrow($result) )
- {
- $sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : "";
-
- $sql = "UPDATE " . USERS_TABLE . "
- SET user_active = 1, user_actkey = ''" . $sql_update_pass . "
- WHERE user_id = " . $row['user_id'];
- if ( $result = $db->sql_query($sql) )
- {
- if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN && $sql_update_pass == '' )
- {
- include($phpbb_root_path . 'includes/emailer.'.$phpEx);
- $emailer = new emailer($board_config['smtp_delivery']);
-
- $email_headers = 'From: ' . $board_config['board_email'] . "\r\nReturn-Path: " . $board_config['board_email'] . "\r\n";
-
- $emailer->use_template('admin_welcome_activated', $row['user_lang']);
- $emailer->email_address($row['user_email']);
- $emailer->set_subject();//$lang['Account_activated_subject']
- $emailer->extra_headers($email_headers);
-
- $emailer->assign_vars(array(
- 'SITENAME' => $board_config['sitename'],
- 'USERNAME' => $username,
- 'PASSWORD' => $password_confirm,
- 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . $board_config['board_email_sig']))
- );
- $emailer->send();
- $emailer->reset();
-
- $template->assign_vars(array(
- 'META' => '')
- );
-
- message_die(GENERAL_MESSAGE, $lang['Account_active_admin']);
- }
- else
- {
- $template->assign_vars(array(
- 'META' => '')
- );
-
- $message = ( $sql_update_pass == '' ) ? $lang['Account_active'] : $lang['Password_activated'];
- message_die(GENERAL_MESSAGE, $message);
- }
- }
- else
- {
- message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql_update);
- }
- }
- else
- {
- message_die(GENERAL_ERROR, $lang['Wrong_activation']); //wrongactiv
- }
-}
-else
+ WHERE user_id = " . intval($HTTP_GET_VARS[POST_USERS_URL]);
+if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user information', '', __LINE__, __FILE__, $sql);
}
-?>
+if ( $row = $db->sql_fetchrow($result) )
+{
+ if ( $row['user_active'] && $row['user_actkey'] == '' )
+ {
+ $template->assign_vars(array(
+ 'META' => '')
+ );
+
+ message_die(GENERAL_MESSAGE, $lang['Already_activated']);
+ }
+ else if ( $row['user_actkey'] == $HTTP_GET_VARS['act_key'] )
+ {
+ $sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : '';
+
+ $sql = "UPDATE " . USERS_TABLE . "
+ SET user_active = 1, user_actkey = ''" . $sql_update_pass . "
+ WHERE user_id = " . $row['user_id'];
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql_update);
+ }
+
+ if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN && $sql_update_pass == '' )
+ {
+ include($phpbb_root_path . 'includes/emailer.'.$phpEx);
+ $emailer = new emailer($board_config['smtp_delivery']);
+
+ $email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\n";
+
+ $emailer->use_template('admin_welcome_activated', $row['user_lang']);
+ $emailer->email_address($row['user_email']);
+ $emailer->set_subject();//$lang['Account_activated_subject']
+ $emailer->extra_headers($email_headers);
+
+ $emailer->assign_vars(array(
+ 'SITENAME' => $board_config['sitename'],
+ 'USERNAME' => $username,
+ 'PASSWORD' => $password_confirm,
+ 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . $board_config['board_email_sig']))
+ );
+ $emailer->send();
+ $emailer->reset();
+
+ $template->assign_vars(array(
+ 'META' => '')
+ );
+
+ message_die(GENERAL_MESSAGE, $lang['Account_active_admin']);
+ }
+ else
+ {
+ $template->assign_vars(array(
+ 'META' => '')
+ );
+
+ $message = ( $sql_update_pass == '' ) ? $lang['Account_active'] : $lang['Password_activated'];
+ message_die(GENERAL_MESSAGE, $message);
+ }
+ }
+ else
+ {
+ message_die(GENERAL_MESSAGE, $lang['Wrong_activation']);
+ }
+}
+else
+{
+ message_die(GENERAL_MESSAGE, $lang['No_such_user']);
+}
+
+?>
\ No newline at end of file