<?php
/*

$Header: /cvs/hol/src/user/qryActivate.php,v 1.2 2005/03/07 18:50:13 jakuza Exp $

<fusedoc fuse="qryActivate.php">

   <responsibilities>
      Confirms and activates user registration data in DB
   </responsibilities>

   <properties>
      <history author="" date="2004 June 01" email="" type="create" />

      <note>
         Data Rules: confirmationCode - MD5 hash;
      </note>
   </properties>

   <io>
      <in>
         <string name="self" optional="false" />
      </in>
      <out>
         <structure name="resultSet" scope="request" optional="true" comment="Generic result set - ADOdb execute returns it implicitely" />
      </out>
      <passthrough>
      </passthrough>
		
   </io>

</fusedoc>
*/

$fuseFailure = false;

# Select an empty record from the database
// TODO Prevent SQL injection
$query = 'SELECT id FROM '.$GLOBALS['CONFIG']['DBPREFIX']."users WHERE confirmcode = '$_GET[code]' AND username = '$_GET[username]'";	// TODO Prevent SQL injection

#################
### Query snapshot ###
//die($query);
#################

# Start transaction
$conn->BeginTrans();

# Execute the query and get the recordset
$rs = $conn->Execute($query);
if (!$rs) $fuseFailure = true;

# Query to set user permissions
$query = 'UPDATE '.$GLOBALS['CONFIG']['DBPREFIX'].'users 
				SET gid = '.WEBUSER.', confirmcode = NULL
				WHERE id = '.$rs->fields['id'];

if (!$conn->Execute($query)) $fuseFailure = true;

# Commit or rollback transaction
if ($fuseFailure) {
	$conn->RollbackTrans();
} else {
	$conn->CommitTrans();
	if (isset($_GET['returnFuseaction']))
	$uid = $user->authenticate(array(
							'username' => $_SESSION['regData']['username'],
		 	 				'password' => $_SESSION['regData']['password']));
	unset($_SESSION['regData']);
}

?>