<? require "application_top.php";
	$userid = (isset($_REQUEST['userid']) && ($_REQUEST['userid']))? decode($_REQUEST['userid']) : 0;
	$mobno = (isset($_REQUEST['mobno']) && ($_REQUEST['mobno']))? decode($_REQUEST['mobno']) : 0;
	$otp = (isset($_REQUEST['otp']) && ($_REQUEST['otp']))? $_REQUEST['otp'] : 0;
	
	$db->where('mobno',$mobno);
	
	$sql = "SELECT * from register WHERE userid= ? && mobno = ?  limit 1 ";
	$param[] = $userid;
	$param[] = $mobno;
	$rows = $db->rawQuery($sql,$param);
		
	if(count($rows)){
	
		if($rows[0]['verified']){ //if already verified send user to login screen.
			$_SESSION['msg'] = "Your account is already verified. Please login below";
			header('location:login.php'); exit;
		}else{
		if($otp != $rows[0]['verifycode']){ //OTP does not match 
			$_SESSION['msg'] = "Invalid access.";
			header('location:login.php'); exit;
		}
			$updateArr = array(
				'verified' => 1,
				'istatus' => 1
				);
			$db->where('userid',$userid);
			$db->update('register',$updateArr);
			
			$_SESSION['useridsess']=$rows[0]['userid'];
			$_SESSION['emailidsession']=$rows[0]['emailid'];
			$_SESSION['fullnamesession']=$rows[0]['fullname'];
			$_SESSION['walletSess']=$rowslogin[0]['points'];
			$_SESSION['vendorsess']=$rowslogin[0]['isvendor'];
			$_SESSION['dpsess']=$rows[0]['pic1'];
			
			$_SESSION['msg'] = "Congratulations! Your account is now verified.";		
			header("location:index.php");exit;
		}
	}else{
		$_SESSION['msg'] = "Invalid access";
		header("location:login.php");exit;
	}
?>