WizdomWeb/app/Controllers/VerificationController.php

<?php
/**
 * File: VerificationController.php
 * Version: 1.2
 * Path: /app/Controllers/VerificationController.php
 * Purpose: Handles email verification for newsletter and contact messages, including code expiration and attempt logging.
 * Project: Wizdom Networks Website
 */

namespace WizdomNetworks\WizeWeb\Controllers;

use WizdomNetworks\WizeWeb\Core\View;
use WizdomNetworks\WizeWeb\Utils\Database;
use WizdomNetworks\WizeWeb\Utils\Logger;
use WizdomNetworks\WizeWeb\Utils\EmailHelper;

class VerificationController
{
    public function verify(): void
    {
        try {
            $code = $_GET['code'] ?? '';
            if (empty($code)) {
                Logger::error("Email verification attempted without a code.");
                View::render('pages/verify_failed', ['reason' => 'No verification code provided.']);
                return;
            }

            $db = Database::getConnection();

            // Check subscribers table
            $stmt = $db->prepare("SELECT id, is_verified, email, verification_expires_at FROM subscribers WHERE verification_code = ?");
            $stmt->execute([$code]);
            $subscriber = $stmt->fetch();

            // Log verification attempt (even if failed)
            $logAttempt = $db->prepare("INSERT INTO verification_attempts (email, type, attempted_at, ip_address, user_agent) VALUES (?, ?, NOW(), ?, ?)");
            $logAttempt->execute([
                $subscriber['email'] ?? '[unknown]',
                'newsletter',
                $_SERVER['REMOTE_ADDR'] ?? 'unknown',
                $_SERVER['HTTP_USER_AGENT'] ?? 'unknown'
            ]);

            if ($subscriber) {
                if (!empty($subscriber['verification_expires_at']) && strtotime($subscriber['verification_expires_at']) < time()) {
                    View::render('pages/verify_failed', ['reason' => 'Your verification link has expired. Please request a new one.']);
                    return;
                }

                if ((int) $subscriber['is_verified'] === 1) {
                    View::render('pages/verify_success', ['type' => 'newsletter', 'message' => 'This subscription has already been verified.']);
                    return;
                }

                $update = $db->prepare("UPDATE subscribers SET is_verified = 1, verification_code = NULL WHERE id = ?");
                $update->execute([$subscriber['id']]);

                Logger::info("Subscriber verified: ID " . $subscriber['id']);
                View::render('pages/verify_success', ['type' => 'newsletter']);
                return;
            }

            Logger::error("Invalid or expired verification code: $code");
            View::render('pages/verify_failed', ['reason' => 'Verification code is invalid or expired.']);
        } catch (\Throwable $e) {
            Logger::error("Verification exception: " . $e->getMessage());
            View::render('pages/verify_failed', ['reason' => 'An error occurred during verification.']);
        }
    }
}