I edited your last post to remove the links to the text files, it can be very dangerous to expose the source code that is used on your site like this.
When I checked both of the pages that were linked I was not able to find the following code:
<?php if(!WA_Auth_RulePasses("Email Confirmed")){ ?>
You will need to have this in place on the pages, you did have a logged in user rule on the pages, you can just add in the rule with the code example I gave you in my last post. If you put this code on the page and have the header call inside of the curly braces it will ensure that users are verified before they can view the page.
For example on your profile page you have the logged in user rule starting near line 10, just after this block of php code you can add in another like this:
<?php if(!WA_Auth_RulePasses("Email Confirmed")){ ?>
WA_Auth_RestrictAccess("USERS_LogIn.php");
<?php } ?>
If you put the code in this place like this it would ensure that the user had a verified email address or it would send them to the login page. You should not try to put this code on your login page, it would make it so no one could login.
