| Server IP : 72.60.21.38 / Your IP : 216.73.217.140 Web Server : LiteSpeed System : Linux uk-fast-web1372.main-hosting.eu 4.18.0-553.121.1.lve.el8.x86_64 #1 SMP Thu Apr 30 16:40:41 UTC 2026 x86_64 User : u390967363 ( 390967363) PHP Version : 8.2.30 Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail MySQL : OFF | cURL : ON | WGET : ON | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /home/u390967363/domains/aibenproperties.com/public_html/app/ |
Upload File : |
<?php
session_start();
require_once __DIR__ . '/includes/db.php';
require_once __DIR__ . '/includes/functions.php';
require_once __DIR__ . '/includes/mailer.php';
$email = $_GET['email'] ?? '';
$token = $_GET['token'] ?? '';
$status = 'error';
$message = 'Invalid request.';
if ($email && $token) {
try {
$user = null;
$identityColUsed = null;
foreach (['email','email_address','user_email','mail','username','login'] as $c) {
try {
$stmt = $pdo->prepare("SELECT * FROM users WHERE `{$c}` = ? LIMIT 1");
$stmt->execute([(string)$email]);
$tmp = $stmt->fetch(PDO::FETCH_ASSOC);
if ($tmp) { $user = $tmp; $identityColUsed = $c; break; }
} catch (Throwable $e) {
$m = strtolower((string)$e->getMessage());
if (strpos($m, 'unknown column') !== false || strpos($m, 'column not found') !== false) { continue; }
}
}
if ($user) {
$hasToken = function_exists('tableHasColumn') && tableHasColumn('users','verification_token');
$hasExpires = function_exists('tableHasColumn') && tableHasColumn('users','verification_expires_at');
$hasVerified = function_exists('tableHasColumn') && tableHasColumn('users','email_verified');
if ($hasToken && $hasVerified) {
$provided = hash('sha256', $token);
$stored = $user['verification_token'] ?? null;
$notExpired = true;
if ($hasExpires && !empty($user['verification_expires_at'])) {
$notExpired = strtotime($user['verification_expires_at']) >= time();
}
if ($stored && hash_equals($stored, $provided) && $notExpired) {
$pdo->beginTransaction();
$sql = "UPDATE users SET email_verified = 1";
$params = [];
if ($hasToken) { $sql .= ", verification_token = NULL"; }
if ($hasExpires) { $sql .= ", verification_expires_at = NULL"; }
$sql .= " WHERE id = ?";
$params[] = $user['id'];
$up = $pdo->prepare($sql);
$up->execute($params);
$pdo->commit();
$status = 'success';
$message = 'Email verified successfully. You can now sign in.';
try {
$companyName = getSetting('company_name', 'Aiben Properties');
$companyId = null;
if (function_exists('tableHasColumn') && tableHasColumn('users', 'company_id')) {
$companyId = isset($user['company_id']) ? (int)$user['company_id'] : null;
}
$chairmanName = function_exists('ap_get_chairman_name') ? ap_get_chairman_name($companyId) : (getSetting('chairman_name', 'Chairman / CEO') ?: 'Chairman / CEO');
$appUrl = getSetting('app_url', '');
if (!$appUrl) {
$appUrl = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https' : 'http') . '://' . ($_SERVER['HTTP_HOST'] ?? 'localhost') . rtrim(dirname($_SERVER['PHP_SELF'] ?? '/'), '/');
}
$loginUrl = rtrim($appUrl, '/') . '/login.php';
$subject = "Message from the Chairman - {$companyName}";
$titleLine = 'Chairman / CEO';
if (preg_match('/\b(chairman|ceo|c\.e\.o|md|m\.d)\b/i', (string)$chairmanName)) { $titleLine = ''; }
$sig = "Warm regards,\n{$chairmanName}" . ($titleLine !== '' ? "\n{$titleLine}" : '') . "\n{$companyName}";
$body = "Welcome to {$companyName},\n\nI am personally delighted to have you join our growing community of valued clients.\n\nAt {$companyName}, we are committed to delivering transparency, security, and excellence in every aspect of your real estate journey. Whether you are acquiring your first property or expanding your portfolio, our team is here to ensure that your experience is seamless, reliable, and rewarding.\n\nThis platform has been designed to give you full visibility and control — from tracking your payments to managing your property allocations — all in one place.\n\nWe do not just sell properties; we build trust, long-term relationships, and lasting value.\n\nYou can sign in here:\n{$loginUrl}\n\n{$sig}";
$toEmail = (string)$email;
if (!filter_var($toEmail, FILTER_VALIDATE_EMAIL)) {
foreach (['email','email_address','user_email','mail'] as $k) {
$v = trim((string)($user[$k] ?? ''));
if ($v !== '' && filter_var($v, FILTER_VALIDATE_EMAIL)) { $toEmail = $v; break; }
}
}
if (function_exists('sendEmail') && filter_var($toEmail, FILTER_VALIDATE_EMAIL)) {
sendEmail($toEmail, $subject, $body);
}
if (function_exists('ap_insert_notification')) {
ap_insert_notification($pdo, (int)$user['id'], 'chairman', 'A welcome message from the Chairman has been sent to your email.');
}
} catch (Throwable $e) {}
} else {
$status = 'error';
$message = 'Invalid or expired verification link.';
}
} else {
$status = 'success';
$message = 'Email verification not required.';
}
} else {
$status = 'error';
$message = 'Account not found.';
}
} catch (Exception $e) {
$status = 'error';
$message = 'Verification failed.';
}
}
$sysCompanyName = getSetting('company_name', 'Aiben Properties');
?><!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Verify Email | <?= htmlspecialchars($sysCompanyName) ?></title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
</head>
<body class="bg-light">
<div class="container py-5">
<div class="row justify-content-center">
<div class="col-md-6">
<div class="card shadow-sm">
<div class="card-body p-4">
<h5 class="mb-3">Email Verification</h5>
<?php if ($status === 'success'): ?>
<div class="alert alert-success"><?= htmlspecialchars($message) ?></div>
<?php else: ?>
<div class="alert alert-danger"><?= htmlspecialchars($message) ?></div>
<?php endif; ?>
<a href="login.php" class="btn btn-primary">Go to Sign In</a>
</div>
</div>
</div>
</div>
</div>
</body>
</html>