aircraft-dev-registry/www/confirm.php

<html>
	<head>
		<title>Aircraft Developer Registry</title>
	</head>
	<body>
<?php
if (isset($_GET["id"]) && $_GET["id"] != "")
{
	$con = new mysqli(getenv("SQL_HOST"), getenv("SQL_USER"), getenv("SQL_PASSWORD"), getenv("SQL_DATABASE"), getenv("SQL_PORT"));
	if ($con->connect_error)
	{
		echo("An error occured, please try later</body></html>");
		exit();
	}

	$stmt = $con->prepare("SELECT action FROM `confirmation-pending` WHERE id = ?;");
	$stmt->bind_param("s", $_GET["id"]);
	$stmt->execute();
	$result = $stmt->get_result();
	$res = $result->fetch_assoc();
	$stmt->close();
	if ($res == Null)
	{
		echo("Invalid Link</body></html>");
		exit();
	}

	$res = json_decode($res["action"]);
	$action = $res->action;
	if ($action == "signup")
	{
		$stmt = $con->prepare("INSERT INTO `aircraft-devs` (acid, user) VALUES (?, ?);");
		$stmt->bind_param("ss", $res->acid, $res->email);
		$stmt->execute();
		$stmt->close();
		$stmt = $con->prepare("DELETE FROM `confirmation-pending` WHERE id = ?;");
		$stmt->bind_param("s", $_GET["id"]);
		$stmt->execute();
		$stmt->close();
		echo("You're successfully signed up");
	}
	else if ($action == "signoff")
	{
		if ($res->acid == "all")
		{
			$stmt = $con->prepare("DELETE FROM `aircraft-devs` WHERE user = ?;");
			$stmt->bind_param("s", $res->email);
			$stmt->execute();
			$stmt->close();
			echo("You're successfully signed off from all aircraft");
		}
		else
		{
			$stmt = $con->prepare("DELETE FROM `aircraft-devs` WHERE user = ? AND acid = ?;");
			$stmt->bind_param("ss", $res->email, $res->acid);
			$stmt->execute();
			$stmt->close();
			echo("Your successfully signed off from " . $res->acid);
		}
		$stmt = $con->prepare("DELETE FROM `confirmation-pending` WHERE id = ?;");
		$stmt->bind_param("s", $_GET["id"]);
		$stmt->execute();
		$stmt->close();
	}
}
else
{
	echo("Invalid link");
}
?>
	</body>
</html>