From e192779234f0d4a1f10b67ec498f0796816d25f9 Mon Sep 17 00:00:00 2001
From: Milan Toman <toman@spoton.cz>
Date: Wed, 28 Feb 2024 13:08:54 +0100
Subject: [PATCH] email check link implemented

---
 www/confirm.php | 104 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 104 insertions(+)
 create mode 100644 www/confirm.php

diff --git a/www/confirm.php b/www/confirm.php
new file mode 100644
index 0000000..4a2e559
--- /dev/null
+++ b/www/confirm.php
@@ -0,0 +1,104 @@
+<?
+  if(isset($_GET['email_check']) && strlen($_GET['email_check']) > 20 && !preg_match('/[\'^£$%&*()}{@#~?><>,|=_+¬-]/', $_GET['email_check'])) $email_check = $_GET['email_check']; else die();
+  include "./lib/get_races.php";
+  foreach($races as $race){
+    $race_blob[$race['ID']] = $race['NAME'];
+  }  
+  $servername = "db";
+  $username = 'kalskeborec';
+  $password = 'Kalskeborec1!23$';
+  $db = 'kalskeborec';
+  
+  // Create connection
+  $conn = new mysqli($servername, $username, $password, $db);
+  
+  // Check connection
+  if ($conn->connect_error) {
+    die("Connection failed: " . $conn->connect_error);
+  }
+
+  $sql = "SELECT ID, NAME, SURNAME, EMAIL, PHONE, NICK, RACE, TIME, TRACKLOG, CONFIRMED, PAID FROM REGISTERED where EMAIL_CHECK like '$email_check'";
+  $result = $conn->query($sql);
+  if ($result->num_rows > 0){
+    if ($result->num_rows == 1){
+      // we have the correct number of lines selected, there should only be one entry
+      while($row = $result->fetch_assoc()) {
+        $zavodnik['ID'] = $row["ID"];
+        $zavodnik['NAME'] = $row["NAME"];
+        $zavodnik['SURNAME'] = $row["SURNAME"];
+        $zavodnik['EMAIL'] = $row["EMAIL"];
+        $zavodnik['PHONE'] = $row["PHONE"];
+        $zavodnik['NICK'] = $row["NICK"];
+        $zavodnik['RACE'] = $row["RACE"];
+        $zavodnik['TIME'] = $row["TIME"];
+        $zavodnik['TRACKLOG'] = $row["TRACKLOG"];
+        $zavodnik['CONFIRMED'] = $row["CONFIRMED"];
+        $zavodnik['PAID'] = $row["PAID"];
+      }
+      //$zavodnik[] = $row[0];
+      // Ted to tady potvrdime a zmenime v DB
+      if($zavodnik['CONFIRMED'] == 0){
+        $stm = $conn->prepare("UPDATE REGISTERED SET CONFIRMED = '1' WHERE REGISTERED.ID = ?");
+        $stm->bind_param('s', $zavodnik['ID']);
+        if ($stm->execute() === TRUE) {
+          $confirm_success = ["result"=> True, "reason" => "OK, email ověřren"]; 
+        }
+        else{
+          $confirm_success = ["result"=> False, "reason" => "Error: " . $stm . ": " . $conn->error];
+        }
+      }else{
+        // Pokud to uz je potvrzene
+        $confirm_success = ["result"=> True, "reason" => "OK"];  
+      }
+    }else{
+      $confirm_success = ["result"=> False, "reason" => "Error: Duplicitní záznam závodníka, dej vědět Ventilovi"];
+    }
+  }else{
+  $confirm_success = ["result"=> False, "reason" => "Error: Já tě fakt nemám zapsaného, dej vědět Ventilovi"];
+  }
+  $conn->close();
+?>
+<!DOCTYPE html>
+<html lang="cs">
+<head>
+<title>Kolské Borec - Potvrzení</title>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+<link rel="stylesheet" href="https://www.w3schools.com/w3css/4/w3.css">
+<link rel="stylesheet" href="https://www.w3schools.com/lib/w3-theme-black.css">
+<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto">
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css">
+</head>
+
+<body class="w3-black w3-center">
+  <div class="w3-content w3-padding">
+    <h1>Potvrzení Registrace / Status / Výsledky</h1>
+    <h2 class="<? if($confirm_success['result']) echo "w3-green"; else echo "w3-red"; ?>"><? echo $confirm_success['reason']; ?></h2>
+    <table class="w3-table w3-striped w3-bordered w3-border w3-white">
+    <tr>
+      <th>ID</th>
+      <th>Jméno</th>
+      <th>Email</th>
+      <th>Telefon</th>
+      <th>Přezdívka / Team</th>
+      <th>Závod</th>
+      <th>Čas</th>
+      <th>Log</th>
+      <th>Potvrzeno</th>
+      <th>Zaplaceno</th>
+    </tr>
+    <tr>
+      <td><? echo $zavodnik['ID']; ?></td>
+      <td><? echo $zavodnik['NAME']." ".$zavodnik['SURNAME']; ?></td>
+      <td><? echo $zavodnik['EMAIL']; ?></td>
+      <td><? echo $zavodnik['PHONE']; ?></td>
+      <td><? echo $zavodnik['NICK']; ?></td>
+      <td><? echo $race_blob[$zavodnik['RACE']]; ?></td>
+      <td><? echo $zavodnik['TIME']; ?></td>
+      <td><? echo $zavodnik['TRACKLOG']; ?></td>
+      <td><? echo $zavodnik['CONFIRMED']; ?></td>
+      <td><? echo $zavodnik['PAID']; ?></td>
+    </tr>
+    </table>
+  </div>
+</html>