97 lines
3.1 KiB
PHP
97 lines
3.1 KiB
PHP
<?php
|
|
session_start();
|
|
require_once 'includes/globals.php';
|
|
require_once 'vendor/autoload.php';
|
|
|
|
use DJMixHosting\Database;
|
|
use Aws\Ses\SesClient;
|
|
use Aws\Exception\AwsException;
|
|
|
|
if (!isset($_SESSION['user'])) {
|
|
header("Location: login.php");
|
|
exit;
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
|
header("Location: profile.php");
|
|
exit;
|
|
}
|
|
|
|
if (!isset($_POST['new_email']) || empty($_POST['new_email'])) {
|
|
$_SESSION['error'] = "New email address is required.";
|
|
header("Location: profile.php");
|
|
exit;
|
|
}
|
|
|
|
$new_email = filter_var($_POST['new_email'], FILTER_VALIDATE_EMAIL);
|
|
if (!$new_email) {
|
|
$_SESSION['error'] = "Invalid email format.";
|
|
header("Location: profile.php");
|
|
exit;
|
|
}
|
|
|
|
$db = new Database($config);
|
|
$userId = $_SESSION['user']['id'];
|
|
|
|
// Update the user's email and mark it as unverified
|
|
$stmt = $db->prepare("UPDATE users SET email = ?, emailVerified = 0 WHERE id = ?");
|
|
$stmt->bind_param("si", $new_email, $userId);
|
|
$stmt->execute();
|
|
$stmt->close();
|
|
|
|
// Generate verification code and expiry (15 minutes from now)
|
|
$verification_code = bin2hex(random_bytes(16));
|
|
$expires_at = date("Y-m-d H:i:s", strtotime("+15 minutes"));
|
|
|
|
// Store the verification record (using REPLACE to update any existing record for this user and email)
|
|
$stmt = $db->prepare("REPLACE INTO email_verifications (user_id, email, verification_code, expires_at) VALUES (?, ?, ?, ?)");
|
|
$stmt->bind_param("isss", $userId, $new_email, $verification_code, $expires_at);
|
|
$stmt->execute();
|
|
$stmt->close();
|
|
|
|
// Send email using AWS SES with config settings
|
|
$sesClient = new SesClient([
|
|
'version' => 'latest',
|
|
'region' => $config['aws']['ses']['region'],
|
|
'credentials' => [
|
|
'key' => $config['aws']['ses']['access_key'],
|
|
'secret' => $config['aws']['ses']['secret_key'],
|
|
]
|
|
]);
|
|
|
|
$sender_email = $config['aws']['ses']['sender_email'];
|
|
$recipient_email = $new_email;
|
|
$subject = "Verify Your Email Address";
|
|
|
|
// Construct a verification link. Users can click this link to auto-submit the code.
|
|
$verification_link = $config['app']['url'] . "/verify_email.php?code={$verification_code}";
|
|
$body_text = "Please verify your email address by clicking the link below or by entering the code in your profile:\n\n";
|
|
$body_text .= "{$verification_link}\n\nYour verification code is: {$verification_code}\nThis code will expire in 15 minutes.";
|
|
|
|
try {
|
|
$result = $sesClient->sendEmail([
|
|
'Destination' => [
|
|
'ToAddresses' => [$recipient_email],
|
|
],
|
|
'ReplyToAddresses' => [$sender_email],
|
|
'Source' => $sender_email,
|
|
'Message' => [
|
|
'Body' => [
|
|
'Text' => [
|
|
'Charset' => 'UTF-8',
|
|
'Data' => $body_text,
|
|
],
|
|
],
|
|
'Subject' => [
|
|
'Charset' => 'UTF-8',
|
|
'Data' => $subject,
|
|
],
|
|
],
|
|
]);
|
|
$_SESSION['success'] = "Email updated. A verification email has been sent to your new address.";
|
|
} catch (AwsException $e) {
|
|
$_SESSION['error'] = "Failed to send verification email: " . $e->getAwsErrorMessage();
|
|
}
|
|
|
|
header("Location: profile.php");
|
|
exit;
|