$id, "name" => $name, "email" => $email, "country" => $country, "zip" => $zip, "permPriv" => $permPriv, "permNews" => $permNews, "permPub" => $permPub, "code" => $code, "confirmed" => "no"); // Encode to JSON again and write to file $allsig = json_encode($data, JSON_PRETTY_PRINT); file_put_contents($db, $allsig, LOCK_EX); unset($allsig); // Send email asking for confirmation $to = $email; $subject = "One step left to sign the \"Public Money - Public Code\" letter"; $message = "Dear $name, \r\n\r\n" . "Thank you for signing the open \"Public Money - Public Code\" letter! \r\n\r\n" . "In order to confirm your signature, please visit following link:\r\n" . "$selfurl?action=confirm&id=$codeid&code=$code \r\n\r\n" . "If your confirmation succeeds, your signature will appear on the website within the next few hours."; $headers = "From: noreply@fsfe.org \r\n" . "Message-ID: \r\n" . "X-Mailer: PHP"; mail($to, $subject, $message, $headers); $output .= "Thank you for signing our open letter!

"; $output .= "We just sent an email to your address ($email) for you to confirm your signature."; show_page($output, 0); } else if ($action === "confirm") { /// CONFIRMATION /// $id = $confirmid - $codemod; // substract the obfuscation number from the given ID if ($id < 0) { // $confirmid is less than $codemod $output .= "Invalid signature ID."; show_page($output, 1); } read_db($db); if (empty($data[$id])) { // there is no array element with this ID $output .= "The signature ID does not exist."; show_page($output, 1); } $email = $data[$id]['email']; // Get the user's email in case we need it $code = $data[$id]['code']; // The confirmation code according to the DB $confirmed = $data[$id]['confirmed']; // The current confirmation status // Check whether the confirmation code is what we saved in the DB if ($confirmed === "no") { if ($confirmcode === $code) { // Set the user's confirmation key to "yes" $data[$id]['confirmed'] = "yes"; // Encode to JSON again and write to file $allsig = json_encode($data, JSON_PRETTY_PRINT); // TODO: JSON_PRETTY_PRINT could be turned off to make file smaller file_put_contents($db, $allsig, LOCK_EX); unset($allsig); $output .= "Your email address has been confirmed.

"; $output .= "Thank you for signing the open letter! Your signature will appear in the signature list within the next hours."; show_page($output, 0); } else { $output .= "The provided confirmation code is incorrect."; show_page($output, 1); } } else if ($confirmed === "yes") { $output .= "This email address is already confirmed. It can take a few hours until your signature appears in the signature list."; show_page($output, 1); } else { $output .= "This signature ID does not exist or the confirmation status is broken."; show_page($output, 1); } } // END confirm // --- PRINT OUTPUT IN TEMPLATE FILE --- function replace_page($template, $placeholder, $content){ $vars = array($placeholder=>$content); return str_replace(array_keys($vars), $vars, $template); } function show_page($output, $exit) { if ($exit === 0) { $headline = "Success"; $notice = ""; } else if ($exit === 1) { $headline = "Error"; $notice = "

This error could have happened because one or more fields contained invalid information. Please try again. If you think that you see this error by mistake, please contact us.

"; } else { $headline = "Thank you"; } $template = file_get_contents('../template/index.html', true); $page = replace_page($template, ':HEADLINE:', $headline); $page = replace_page($page, ':BODY1:', $output); $page = replace_page($page, ':BODY2:', $notice); echo $page; unset($data); exit($exit); } ?>