yxxx

partials/landing/account/verify.php

@@ -0,0 +1,91 @@
+<?php
+use PDO;
+
+$app = app();
+$pdo = $app->pdo();
+$flash = $app->flash()->get();
+$error = '';
+$info = '';
+$email = $_SESSION['verify_email'] ?? '';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+  $action = $_POST['action'] ?? 'verify';
+  $email = trim((string)($_POST['email'] ?? ''));
+  $code = strtoupper(trim((string)($_POST['code'] ?? '')));
+  $auth = new \App\Auth($app);
+  $mailer = new \App\Mailer($app);
+
+  if ($action === 'resend') {
+    try {
+      $stmt = $app->pdo()->prepare('SELECT id, display_name, status FROM users u JOIN user_profiles p ON p.user_id = u.id WHERE u.email = :email LIMIT 1');
+      $stmt->execute(['email' => $email]);
+      $row = $stmt->fetch(PDO::FETCH_ASSOC);
+      if (!$row) {
+        throw new RuntimeException('E-Mail nicht gefunden.');
+      }
+      $userId = (int)$row['id'];
+      $codeNew = $auth->createVerifyCode($userId, $email);
+      $mailer->sendTemplate('registration_resend_code', $email, [
+        'code' => $codeNew,
+        'display_name' => $row['display_name'] ?? '',
+      ]);
+      $info = 'Neuer Code wurde versendet.';
+      $_SESSION['verify_email'] = $email;
+    } catch (Throwable $e) {
+      $error = $e->getMessage();
+    }
+  } else {
+    try {
+      $userId = $auth->verifyCode($email, $code);
+      $_SESSION['user_id'] = $userId;
+      unset($_SESSION['verify_email']);
+      $mailer->sendTemplate('registration_welcome', $email, ['display_name' => $email]);
+      $app->flash()->set('success', 'Registrierung bestätigt. Willkommen!');
+      redirect('/dashboard');
+    } catch (Throwable $e) {
+      $error = $e->getMessage();
+    }
+  }
+}
+?>
+<main class="auth-wrap">
+  <div class="container auth-grid">
+    <section class="card auth-card">
+      <div class="badge">Bestätigung</div>
+      <h1 class="mt-1" style="margin: 12px 0;">Registrierung bestätigen</h1>
+      <p class="muted">Wir haben dir einen 6-stelligen Code gesendet. Bitte gib ihn hier ein.</p>
+      <?php if ($flash): ?>
+        <div class="toast-bar" style="margin-top: 10px;"><?= htmlspecialchars($flash['message'], ENT_QUOTES) ?></div>
+      <?php endif; ?>
+      <?php if ($info): ?>
+        <div class="toast-bar" style="margin-top: 10px;"><?= htmlspecialchars($info, ENT_QUOTES) ?></div>
+      <?php endif; ?>
+      <?php if ($error): ?>
+        <div class="toast-bar" style="margin-top: 10px; border-color:#f87171; color:#991b1b;">Fehler: <?= htmlspecialchars($error, ENT_QUOTES) ?></div>
+      <?php endif; ?>
+      <form class="stack gap-12" style="margin-top: 14px;" method="post" action="/verify">
+        <div class="stack gap-6">
+          <label class="label" for="verEmail">E-Mail</label>
+          <input id="verEmail" name="email" class="input" type="email" required placeholder="du@example.com" value="<?= htmlspecialchars($email, ENT_QUOTES) ?>">
+        </div>
+        <div class="stack gap-6">
+          <label class="label" for="verCode">Code</label>
+          <input id="verCode" name="code" class="input" maxlength="6" required placeholder="ABC123">
+        </div>
+        <input type="hidden" name="action" value="verify">
+        <button class="btn block" type="submit">Code prüfen</button>
+      </form>
+      <form method="post" action="/verify" class="mt-2">
+        <input type="hidden" name="email" value="<?= htmlspecialchars($email, ENT_QUOTES) ?>">
+        <input type="hidden" name="action" value="resend">
+        <button class="btn ghost block" type="submit">Code erneut senden</button>
+      </form>
+    </section>
+
+    <aside class="auth-aside">
+      <img class="auth-logo" src="/assets/bilder/logo_male.png" alt="Papa-Kind-Treff Logo">
+      <h3>Keine Mail erhalten?</h3>
+      <p class="auth-meta">Prüfe auch den Spam-Ordner. Du kannst den Code jederzeit neu senden lassen.</p>
+    </aside>
+  </div>
+</main>