<?php

if ($_SESSION['type'] !== 'testing')
	output(403, _('This account is already approved.'));

if (isset(query('select', 'approval-keys', ['key' => $_POST['key']], 'key')[0]) !== true)
	output(403, _('This approval key is not available. It has been mistyped, used for another account, or has expired.'));

query('delete', 'approval-keys', ['key' => $_POST['key']]);

DB->prepare('UPDATE users SET type = "approved" WHERE id = :id')
->execute([':id' => $_SESSION['id']]);

$_SESSION['type'] = 'approved';

insert('approval-keys', ['key' => bin2hex(random_bytes(16))]);

output(200, _('Account approved.'));