mirror of
https://github.com/myronblair/tomtomgames
synced 2026-06-30 17:51:08 -05:00
Surface cybermailSend failure to admin on password reset
Previously the endpoint always returned success:true regardless of whether the email was actually delivered. Now captures the bool return value and returns success:false with an error message if CyberMail fails, so the admin knows to retry rather than assuming delivery.
This commit is contained in:
+25
-25
@@ -31,7 +31,7 @@ switch ($action) {
|
|||||||
$data = json_decode(file_get_contents('php://input'), true);
|
$data = json_decode(file_get_contents('php://input'), true);
|
||||||
$id = (int)($data['id'] ?? 0);
|
$id = (int)($data['id'] ?? 0);
|
||||||
db()->prepare("DELETE FROM pending_registrations WHERE id=?")->execute([$id]);
|
db()->prepare("DELETE FROM pending_registrations WHERE id=?")->execute([$id]);
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'approve_pending':
|
case 'approve_pending':
|
||||||
@@ -110,7 +110,7 @@ switch ($action) {
|
|||||||
}
|
}
|
||||||
db()->prepare("UPDATE token_purchases SET status=?,admin_note=? WHERE id=?")->execute([$status, $note, $id]);
|
db()->prepare("UPDATE token_purchases SET status=?,admin_note=? WHERE id=?")->execute([$status, $note, $id]);
|
||||||
db()->commit();
|
db()->commit();
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
db()->rollBack();
|
db()->rollBack();
|
||||||
echo json_encode(['success'=>false,'error'=>'DB error']);
|
echo json_encode(['success'=>false,'error'=>'DB error']);
|
||||||
@@ -176,7 +176,7 @@ switch ($action) {
|
|||||||
if ($req) db()->prepare("UPDATE users SET tokens=tokens+? WHERE id=?")->execute([$req['tokens'],$req['user_id']]);
|
if ($req) db()->prepare("UPDATE users SET tokens=tokens+? WHERE id=?")->execute([$req['tokens'],$req['user_id']]);
|
||||||
}
|
}
|
||||||
db()->prepare("UPDATE cashout_requests SET status=?,admin_note=?,resolved_at=NOW() WHERE id=?")->execute([$status,$note,$id]);
|
db()->prepare("UPDATE cashout_requests SET status=?,admin_note=?,resolved_at=NOW() WHERE id=?")->execute([$status,$note,$id]);
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
// ─── USERS LIST ───────────────────────────────────────────
|
// ─── USERS LIST ───────────────────────────────────────────
|
||||||
@@ -286,7 +286,7 @@ switch ($action) {
|
|||||||
} else {
|
} else {
|
||||||
db()->prepare("UPDATE users SET username=?,alias=?,email=? WHERE id=?")->execute([$username,$alias,$email,$uid]);
|
db()->prepare("UPDATE users SET username=?,alias=?,email=? WHERE id=?")->execute([$username,$alias,$email,$uid]);
|
||||||
}
|
}
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
// ─── TOGGLE ADMIN ROLE ───────────────────────────────────
|
// ─── TOGGLE ADMIN ROLE ───────────────────────────────────
|
||||||
@@ -330,7 +330,7 @@ switch ($action) {
|
|||||||
if ($uid === MASTER_ADMIN_ID) { echo json_encode(['success'=>false,'error'=>'Cannot suspend the master admin.']); exit; }
|
if ($uid === MASTER_ADMIN_ID) { echo json_encode(['success'=>false,'error'=>'Cannot suspend the master admin.']); exit; }
|
||||||
logAdminAction('USER_STATUS_CHANGE', $adminId, 'user', isset($userId)?(int)$userId:0, 'Changed user status to: '.($data['status']??'unknown'), '', ($data['status']??''), 'warning');
|
logAdminAction('USER_STATUS_CHANGE', $adminId, 'user', isset($userId)?(int)$userId:0, 'Changed user status to: '.($data['status']??'unknown'), '', ($data['status']??''), 'warning');
|
||||||
db()->prepare("UPDATE users SET status=IF(status='active','suspended','active') WHERE id=?")->execute([$uid]);
|
db()->prepare("UPDATE users SET status=IF(status='active','suspended','active') WHERE id=?")->execute([$uid]);
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
// ─── DELETE USER ──────────────────────────────────────────
|
// ─── DELETE USER ──────────────────────────────────────────
|
||||||
@@ -349,7 +349,7 @@ switch ($action) {
|
|||||||
db()->prepare("DELETE FROM token_purchases WHERE user_id=?")->execute([$uid]);
|
db()->prepare("DELETE FROM token_purchases WHERE user_id=?")->execute([$uid]);
|
||||||
db()->prepare("DELETE FROM users WHERE id=?")->execute([$uid]);
|
db()->prepare("DELETE FROM users WHERE id=?")->execute([$uid]);
|
||||||
db()->commit();
|
db()->commit();
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
db()->rollBack();
|
db()->rollBack();
|
||||||
echo json_encode(['success'=>false,'error'=>'Delete failed']);
|
echo json_encode(['success'=>false,'error'=>'Delete failed']);
|
||||||
@@ -373,8 +373,8 @@ switch ($action) {
|
|||||||
$resetUrl = rtrim(SITE_URL,'/') . '/reset_password.php?token=' . urlencode($token);
|
$resetUrl = rtrim(SITE_URL,'/') . '/reset_password.php?token=' . urlencode($token);
|
||||||
$subject = SITE_NAME . ' — Password Reset Request';
|
$subject = SITE_NAME . ' — Password Reset Request';
|
||||||
$body = "Hi {$user['alias']},\n\nA password reset was requested for your account.\n\nClick here to reset: {$resetUrl}\n\nExpires in 1 hour. If you didn't request this, ignore this email.\n\n— " . SITE_NAME;
|
$body = "Hi {$user['alias']},\n\nA password reset was requested for your account.\n\nClick here to reset: {$resetUrl}\n\nExpires in 1 hour. If you didn't request this, ignore this email.\n\n— " . SITE_NAME;
|
||||||
cybermailSend($user['email'], $user['alias'], $subject, $body, '', ['password-reset']);
|
$sent = cybermailSend($user['email'], $user['alias'], $subject, $body, '', ['password-reset']);
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
// ─── PLATFORM ACCOUNTS ────────────────────────────────
|
// ─── PLATFORM ACCOUNTS ────────────────────────────────
|
||||||
@@ -409,7 +409,7 @@ switch ($action) {
|
|||||||
db()->prepare("INSERT INTO game_aliases (user_id,platform_slug,alias) VALUES (?,?,?) ON DUPLICATE KEY UPDATE alias=VALUES(alias)")
|
db()->prepare("INSERT INTO game_aliases (user_id,platform_slug,alias) VALUES (?,?,?) ON DUPLICATE KEY UPDATE alias=VALUES(alias)")
|
||||||
->execute([$row['user_id'],$row['platform_slug'],$uname]);
|
->execute([$row['user_id'],$row['platform_slug'],$uname]);
|
||||||
}
|
}
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'platform_account_update':
|
case 'platform_account_update':
|
||||||
@@ -427,7 +427,7 @@ switch ($action) {
|
|||||||
db()->prepare("INSERT INTO game_aliases (user_id,platform_slug,alias) VALUES (?,?,?) ON DUPLICATE KEY UPDATE alias=VALUES(alias)")
|
db()->prepare("INSERT INTO game_aliases (user_id,platform_slug,alias) VALUES (?,?,?) ON DUPLICATE KEY UPDATE alias=VALUES(alias)")
|
||||||
->execute([$row['user_id'],$row['platform_slug'],$uname]);
|
->execute([$row['user_id'],$row['platform_slug'],$uname]);
|
||||||
}
|
}
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
$rows = db()->query("
|
$rows = db()->query("
|
||||||
SELECT b.*, u.username AS sender_name,
|
SELECT b.*, u.username AS sender_name,
|
||||||
@@ -484,7 +484,7 @@ switch ($action) {
|
|||||||
$d = json_decode(file_get_contents('php://input'), true);
|
$d = json_decode(file_get_contents('php://input'), true);
|
||||||
$id = (int)($d['id']??0);
|
$id = (int)($d['id']??0);
|
||||||
db()->prepare("DELETE FROM broadcasts WHERE id=?")->execute([$id]);
|
db()->prepare("DELETE FROM broadcasts WHERE id=?")->execute([$id]);
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'broadcast_edit':
|
case 'broadcast_edit':
|
||||||
@@ -497,7 +497,7 @@ switch ($action) {
|
|||||||
if (!$id || !$subject || !$message) { echo json_encode(['success'=>false,'error'=>'Missing fields']); exit; }
|
if (!$id || !$subject || !$message) { echo json_encode(['success'=>false,'error'=>'Missing fields']); exit; }
|
||||||
db()->prepare("UPDATE broadcasts SET subject=?, message=?, target=? WHERE id=?")->execute([$subject, $message, $target, $id]);
|
db()->prepare("UPDATE broadcasts SET subject=?, message=?, target=? WHERE id=?")->execute([$subject, $message, $target, $id]);
|
||||||
logAdminAction('BROADCAST_EDITED', $adminId, 'broadcast', $id, 'Edited broadcast #'.$id, '', '', 'info');
|
logAdminAction('BROADCAST_EDITED', $adminId, 'broadcast', $id, 'Edited broadcast #'.$id, '', '', 'info');
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'broadcast_resend':
|
case 'broadcast_resend':
|
||||||
@@ -580,7 +580,7 @@ switch ($action) {
|
|||||||
if (!$id||!$label){echo json_encode(['success'=>false,'error'=>'ID and label required']);exit;}
|
if (!$id||!$label){echo json_encode(['success'=>false,'error'=>'ID and label required']);exit;}
|
||||||
db()->prepare("UPDATE cashout_method_types SET label=?,icon=?,description=?,is_active=?,sort_order=? WHERE id=?")
|
db()->prepare("UPDATE cashout_method_types SET label=?,icon=?,description=?,is_active=?,sort_order=? WHERE id=?")
|
||||||
->execute([$label,$icon,$desc,$active,$sort,$id]);
|
->execute([$label,$icon,$desc,$active,$sort,$id]);
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'cashout_methods_delete':
|
case 'cashout_methods_delete':
|
||||||
@@ -589,7 +589,7 @@ switch ($action) {
|
|||||||
$id=(int)($d['id']??0);
|
$id=(int)($d['id']??0);
|
||||||
if (!$id){echo json_encode(['success'=>false,'error'=>'ID required']);exit;}
|
if (!$id){echo json_encode(['success'=>false,'error'=>'ID required']);exit;}
|
||||||
db()->prepare("DELETE FROM cashout_method_types WHERE id=?")->execute([$id]);
|
db()->prepare("DELETE FROM cashout_method_types WHERE id=?")->execute([$id]);
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
// ──
|
// ──
|
||||||
@@ -598,7 +598,7 @@ switch ($action) {
|
|||||||
$d=json_decode(file_get_contents('php://input'),true);
|
$d=json_decode(file_get_contents('php://input'),true);
|
||||||
$id=(int)($d['id']??0);$nt=substr(trim($d['admin_note']??''),0,500);
|
$id=(int)($d['id']??0);$nt=substr(trim($d['admin_note']??''),0,500);
|
||||||
db()->prepare("UPDATE platform_accounts SET status='denied',admin_note=?,admin_id=? WHERE id=?")->execute([$nt,$_SESSION['user_id'],$id]);
|
db()->prepare("UPDATE platform_accounts SET status='denied',admin_note=?,admin_id=? WHERE id=?")->execute([$nt,$_SESSION['user_id'],$id]);
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'platform_account_delete':
|
case 'platform_account_delete':
|
||||||
@@ -606,7 +606,7 @@ switch ($action) {
|
|||||||
$d=json_decode(file_get_contents('php://input'),true);
|
$d=json_decode(file_get_contents('php://input'),true);
|
||||||
$id=(int)($d['id']??0);
|
$id=(int)($d['id']??0);
|
||||||
db()->prepare("DELETE FROM platform_accounts WHERE id=?")->execute([$id]);
|
db()->prepare("DELETE FROM platform_accounts WHERE id=?")->execute([$id]);
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'platform_accounts_user':
|
case 'platform_accounts_user':
|
||||||
@@ -731,7 +731,7 @@ switch ($action) {
|
|||||||
if (!$id) { echo json_encode(['success'=>false,'error'=>'ID required']); exit; }
|
if (!$id) { echo json_encode(['success'=>false,'error'=>'ID required']); exit; }
|
||||||
db()->prepare("UPDATE payment_settings SET label=?,handle=?,instructions=?,is_enabled=?,sort_order=? WHERE id=?")
|
db()->prepare("UPDATE payment_settings SET label=?,handle=?,instructions=?,is_enabled=?,sort_order=? WHERE id=?")
|
||||||
->execute([$label,$handle,$inst,$enabled,$sort,$id]);
|
->execute([$label,$handle,$inst,$enabled,$sort,$id]);
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
|
||||||
@@ -773,7 +773,7 @@ switch ($action) {
|
|||||||
if ($alias === '') $del->execute([$uid, $slug]);
|
if ($alias === '') $del->execute([$uid, $slug]);
|
||||||
else $stmt->execute([$uid, $slug, $alias]);
|
else $stmt->execute([$uid, $slug, $alias]);
|
||||||
}
|
}
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
// ─── PLATFORMS: admin list ────────────────────────────
|
// ─── PLATFORMS: admin list ────────────────────────────
|
||||||
@@ -815,7 +815,7 @@ switch ($action) {
|
|||||||
if (!$id||!$name||!$purl) { echo json_encode(['success'=>false,'error'=>'ID, name, and URL required']); exit; }
|
if (!$id||!$name||!$purl) { echo json_encode(['success'=>false,'error'=>'ID, name, and URL required']); exit; }
|
||||||
db()->prepare("UPDATE platforms SET name=?,player_url=?,console_url=?,color=?,sort_order=?,is_active=? WHERE id=?")
|
db()->prepare("UPDATE platforms SET name=?,player_url=?,console_url=?,color=?,sort_order=?,is_active=? WHERE id=?")
|
||||||
->execute([$name,$purl,$curl,$color,$sort,$active,$id]);
|
->execute([$name,$purl,$curl,$color,$sort,$active,$id]);
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
// ─── PLATFORMS: delete ────────────────────────────────
|
// ─── PLATFORMS: delete ────────────────────────────────
|
||||||
@@ -825,7 +825,7 @@ switch ($action) {
|
|||||||
$id = (int)($d['id'] ?? 0);
|
$id = (int)($d['id'] ?? 0);
|
||||||
if (!$id) { echo json_encode(['success'=>false,'error'=>'ID required']); exit; }
|
if (!$id) { echo json_encode(['success'=>false,'error'=>'ID required']); exit; }
|
||||||
db()->prepare("DELETE FROM platforms WHERE id=?")->execute([$id]);
|
db()->prepare("DELETE FROM platforms WHERE id=?")->execute([$id]);
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
case 'billing_get':
|
case 'billing_get':
|
||||||
$uid = (int)($_GET['user_id'] ?? 0);
|
$uid = (int)($_GET['user_id'] ?? 0);
|
||||||
@@ -867,7 +867,7 @@ switch ($action) {
|
|||||||
strtoupper(substr(trim($data['state']??''),0,2)),
|
strtoupper(substr(trim($data['state']??''),0,2)),
|
||||||
substr(trim($data['zip'] ??''),0,10),
|
substr(trim($data['zip'] ??''),0,10),
|
||||||
]);
|
]);
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
// ─── BILLING: clear card ─────────────────────────────────
|
// ─── BILLING: clear card ─────────────────────────────────
|
||||||
@@ -876,7 +876,7 @@ switch ($action) {
|
|||||||
$data = json_decode(file_get_contents('php://input'), true);
|
$data = json_decode(file_get_contents('php://input'), true);
|
||||||
$uid = (int)($data['user_id'] ?? 0);
|
$uid = (int)($data['user_id'] ?? 0);
|
||||||
db()->prepare("UPDATE saved_billing SET card_brand=NULL,card_last4=NULL,card_exp_month=NULL,card_exp_year=NULL,sq_card_id=NULL WHERE user_id=?")->execute([$uid]);
|
db()->prepare("UPDATE saved_billing SET card_brand=NULL,card_last4=NULL,card_exp_month=NULL,card_exp_year=NULL,sq_card_id=NULL WHERE user_id=?")->execute([$uid]);
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
// ─── BILLING: clear all ──────────────────────────────────
|
// ─── BILLING: clear all ──────────────────────────────────
|
||||||
@@ -885,7 +885,7 @@ switch ($action) {
|
|||||||
$data = json_decode(file_get_contents('php://input'), true);
|
$data = json_decode(file_get_contents('php://input'), true);
|
||||||
$uid = (int)($data['user_id'] ?? 0);
|
$uid = (int)($data['user_id'] ?? 0);
|
||||||
db()->prepare("DELETE FROM saved_billing WHERE user_id=?")->execute([$uid]);
|
db()->prepare("DELETE FROM saved_billing WHERE user_id=?")->execute([$uid]);
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
// ─── RESEND VERIFICATION (from admin) ─────────────────────
|
// ─── RESEND VERIFICATION (from admin) ─────────────────────
|
||||||
@@ -951,14 +951,14 @@ switch ($action) {
|
|||||||
$tid = (int)($data['user_id'] ?? 0);
|
$tid = (int)($data['user_id'] ?? 0);
|
||||||
if (!$tid) { echo json_encode(['success'=>false,'error'=>'user_id required']); exit; }
|
if (!$tid) { echo json_encode(['success'=>false,'error'=>'user_id required']); exit; }
|
||||||
db()->prepare("DELETE FROM chat_messages WHERE user_id=?")->execute([$tid]);
|
db()->prepare("DELETE FROM chat_messages WHERE user_id=?")->execute([$tid]);
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
// ─── CHAT: clear ALL chats ────────────────────────────
|
// ─── CHAT: clear ALL chats ────────────────────────────
|
||||||
case 'chat_clear_all':
|
case 'chat_clear_all':
|
||||||
if ($_SERVER['REQUEST_METHOD'] !== 'POST') { echo json_encode(['success'=>false]); exit; }
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') { echo json_encode(['success'=>false]); exit; }
|
||||||
db()->exec("DELETE FROM chat_messages");
|
db()->exec("DELETE FROM chat_messages");
|
||||||
echo json_encode(['success'=>true]);
|
echo json_encode($sent ? ['success'=>true] : ['success'=>false,'error'=>'Failed to send reset email. Please try again.']);
|
||||||
break;
|
break;
|
||||||
case 'chat_unread':
|
case 'chat_unread':
|
||||||
$count = db()->query("SELECT COUNT(*) FROM chat_messages WHERE sender='user' AND is_read=0")->fetchColumn();
|
$count = db()->query("SELECT COUNT(*) FROM chat_messages WHERE sender='user' AND is_read=0")->fetchColumn();
|
||||||
|
|||||||
Reference in New Issue
Block a user