function invite($email)
{
global $CURUSER;
global $SITENAME;
global $BASEURL;
global $SITEEMAIL;
global $lang_takeinvite;
$id = $CURUSER[id];
$email = unesc(htmlspecialchars(trim($email)));
$email = safe_email($email);
if (!$email) {
bark($lang_takeinvite['std_must_enter_email']);
}
if (!check_email($email)) {
bark($lang_takeinvite['std_invalid_email_address']);
}
if (EmailBanned($email)) {
bark($lang_takeinvite['std_email_address_banned']);
}
if (!EmailAllowed($email)) {
bark($lang_takeinvite['std_wrong_email_address_domains'] . allowedemails());
}
$body = "\n你好,\n\n我邀请你加入 {$SITENAME}, 这是一个拥有丰富资源的非开放社区. \n如果你有兴趣加入我们请阅读规则并确认邀请.最后,确保维持一个良好的分享率 \n分享允许的资源.\n\n欢迎到来! :)\n";
$body = str_replace("<br />", "<br />", nl2br(trim(strip_tags($body))));
if (!$body) {
bark($lang_takeinvite['std_must_enter_personal_message']);
}
// check if email addy is already in use
$a = @mysql_fetch_row(@sql_query("select count(*) from users where email=" . sqlesc($email))) or die(mysql_error());
if ($a[0] != 0) {
bark($lang_takeinvite['std_email_address'] . htmlspecialchars($email) . $lang_takeinvite['std_is_in_use']);
}
$b = @mysql_fetch_row(@sql_query("select count(*) from invites where invitee=" . sqlesc($email))) or die(mysql_error());
if ($b[0] != 0) {
bark($lang_takeinvite['std_invitation_already_sent_to'] . htmlspecialchars($email) . $lang_takeinvite['std_await_user_registeration']);
}
$ret = sql_query("SELECT username FROM users WHERE id = " . sqlesc($id)) or sqlerr();
$arr = mysql_fetch_assoc($ret);
$hash = md5(mt_rand(1, 10000) . $CURUSER['username'] . TIMENOW . $CURUSER['passhash']);
$title = $SITENAME . $lang_takeinvite['mail_tilte'];
$message = <<<EOD
{$lang_takeinvite['mail_one']}{$arr[username]}{$lang_takeinvite['mail_two']}
<b><a href="http://{$BASEURL}/signup.php?type=invite&invitenumber={$hash}" target="_blank">{$lang_takeinvite['mail_here']}</a></b><br />
http://{$BASEURL}/signup.php?type=invite&invitenumber={$hash}
<br />{$lang_takeinvite['mail_three']}{$invite_timeout}{$lang_takeinvite['mail_four']}{$arr[username]}{$lang_takeinvite['mail_five']}<br />
{$body}
<br /><br />{$lang_takeinvite['mail_six']}
EOD;
sent_mail($email, $SITENAME, $SITEEMAIL, change_email_encode(get_langfolder_cookie(), $title), change_email_encode(get_langfolder_cookie(), $message), "invitesignup", false, false, '', get_email_encode(get_langfolder_cookie()));
//this email is sent only when someone give out an invitation
sql_query("INSERT INTO invites (inviter, invitee, hash, time_invited) VALUES ('" . mysql_real_escape_string($id) . "', '" . mysql_real_escape_string($email) . "', '" . mysql_real_escape_string($hash) . "', " . sqlesc(date("Y-m-d H:i:s")) . ")");
}
$updateset[] = "editsecret = " . sqlesc($sec);
$subject = "{$SITENAME}" . $lang_usercp['mail_profile_change_confirmation'];
$body = <<<EOD
{$lang_usercp['mail_change_email_one']}{$CURUSER["username"]}{$lang_usercp['mail_change_email_two']}({$email}){$lang_usercp['mail_change_email_three']}
{$lang_usercp['mail_change_email_four']}{$_SERVER["REMOTE_ADDR"]}{$lang_usercp['mail_change_email_five']}
{$lang_usercp['mail_change_email_six']}<b><a href="http://{$BASEURL}/confirmemail.php/{$CURUSER["id"]}/{$hash}/{$obemail}" target="_blank">{$lang_usercp['mail_here']}</a></b>{$lang_usercp['mail_change_email_six_1']}<br />
http://{$BASEURL}/confirmemail.php/{$CURUSER["id"]}/{$hash}/{$obemail}
{$lang_usercp['mail_change_email_seven']}
------{$lang_usercp['mail_change_email_eight']}
{$lang_usercp['mail_change_email_nine']}
EOD;
sent_mail($email, $SITENAME, $SITEEMAIL, change_email_encode(get_langfolder_cookie(), $subject), change_email_encode(get_langfolder_cookie(), str_replace("<br />", "<br />", nl2br($body))), "profile change", false, false, '', get_email_encode(get_langfolder_cookie()));
// Add comment for email change
/*$res = sql_query("SELECT * FROM users WHERE id = ".sqlesc($CURUSER["id"])) or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res);
$modcomment = $arr['modcomment'];*/
$modcomment = $CURUSER['modcomment'];
$modcomment = date("Y-m-d") . " - " . "change email address: " . $CURUSER["email"] . " -> " . $email . "\n" . $modcomment;
sql_query("UPDATE users SET modcomment = " . sqlesc($modcomment) . " WHERE id = " . $CURUSER["id"]) or sqlerr(__FILE__, __LINE__);
}
if ($privacy != "normal" && $privacy != "low" && $privacy != "strong") {
die("whoops");
}
$updateset[] = "privacy = " . sqlesc($privacy);
if ($CURUSER['privacy'] != $privacy) {
$privacyupdated = 1;
}
$body_arr[$langfolder_array[$i]] = <<<EOD
{$lang_takeupload_target[$langfolder_array[$i]]['mail_hi']}
{$lang_takeupload_target[$langfolder_array[$i]]['mail_new_torrent']}
{$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent_name']}{$torrent}
{$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent_size']}{$size}
{$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent_category']}{$cat}
{$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent_uppedby']}{$uploader}
{$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent_description']}
-------------------------------------------------------------------------------------------------------------------------
{$description}
-------------------------------------------------------------------------------------------------------------------------
{$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent']}<b><a href="javascript:void(null)" onclick="window.open('http://{$BASEURL}/details.php?id={$id}&hit=1')">{$lang_takeupload_target[$langfolder_array[$i]]['mail_here']}</a></b><br />
http://{$BASEURL}/details.php?id={$id}&hit=1
------{$lang_takeupload_target[$langfolder_array[$i]]['mail_yours']}
{$lang_takeupload_target[$langfolder_array[$i]]['mail_team']}
EOD;
$body_arr[$langfolder_array[$i]] = str_replace("<br />", "<br />", nl2br($body_arr[$langfolder_array[$i]]));
$i++;
}
while ($arr = mysql_fetch_array($res)) {
$current_lang = $arr["lang"];
$to = $arr["email"];
sent_mail($to, $SITENAME, $SITEEMAIL, change_email_encode(validlang($current_lang), $lang_takeupload_target[validlang($current_lang)]['mail_title'] . $torrent), change_email_encode(validlang($current_lang), $body_arr[validlang($current_lang)]), "torrent upload", false, false, '', get_email_encode(validlang($current_lang)), "eYou");
}
}
header("Location: " . get_protocol_prefix() . "{$BASEURL}/details.php?id=" . htmlspecialchars($id) . "&uploaded=1");
$ip = getip();
$usern = $arr["username"];
$id = $arr["id"];
$title = $SITENAME . $lang_confirm_resend['mail_title'];
$body = <<<EOD
{$lang_confirm_resend['mail_one']}{$usern}{$lang_confirm_resend['mail_two']}({$email}){$lang_confirm_resend['mail_three']}{$ip}{$lang_confirm_resend['mail_four']}
<b><a href="javascript:void(null)" onclick="window.open('http://{$BASEURL}/confirm.php?id={$id}&secret={$psecret}')">
{$lang_confirm_resend['mail_this_link']} </a></b><br />
http://{$BASEURL}/confirm.php?id={$id}&secret={$psecret}
{$lang_confirm_resend['mail_four_1']}
<b><a href="javascript:void(null)" onclick="window.open('http://{$BASEURL}/confirm_resend.php')">{$lang_confirm_resend['mail_here']}</a></b><br />
http://{$BASEURL}/confirm_resend.php
<br />
{$lang_confirm_resend['mail_five']}
EOD;
sent_mail($email, $SITENAME, $SITEEMAIL, change_email_encode(get_langfolder_cookie(), $title), change_email_encode(get_langfolder_cookie(), $body), "signup", false, false, '', get_email_encode(get_langfolder_cookie()));
header("Location: " . get_protocol_prefix() . "{$BASEURL}/ok.php?type=signup&email=" . rawurlencode($email));
} else {
stdhead();
$s = "<select name=\"sitelanguage\" onchange='submit()'>\n";
$langs = langlist("site_lang");
foreach ($langs as $row) {
if ($row["site_lang_folder"] == get_langfolder_cookie()) {
$se = " selected=\"selected\"";
} else {
$se = "";
}
$s .= "<option value=\"" . $row["id"] . "\" " . $se . ">" . htmlspecialchars($row["lang_name"]) . "</option>\n";
}
$s .= "\n</select>";
?>
$body = <<<EOD
\t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_dear']}{$msg_receiver},
\t\t
\t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_you_received_a_pm']}
\t\t
\t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_sender']}: {$username}
\t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_subject']}: {$subject}
\t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_date']}: {$date}
\t\t
\t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_use_following_url']}<b><a href="javascript:void(null)" onclick="window.open('{$prefix}{$BASEURL}/messages.php?action=viewmessage&id={$msgid}')">{$lang_takemessage_target[get_user_lang($user["id"])]['mail_here']}</a></b>{$lang_takemessage_target[get_user_lang($user["id"])]['mail_use_following_url_1']}<br />
{$prefix}{$BASEURL}/messages.php?action=viewmessage&id={$msgid}
\t\t
\t\t------{$lang_takemessage_target[get_user_lang($user["id"])]['mail_yours']}
\t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_the_site_team']}
EOD;
sent_mail($user["email"], $SITENAME, $SITEEMAIL, change_email_encode(get_user_lang($user["id"]), $title), change_email_encode(get_user_lang($user["id"]), str_replace("<br />", "<br />", nl2br($body))), "sendmessage", false, false, '', get_email_encode(get_user_lang($user["id"])));
}
}
$delete = $_POST["delete"];
if ($origmsg) {
if ($delete == "yes") {
// Make sure receiver of $origmsg is current user
$res = sql_query("SELECT * FROM messages WHERE id={$origmsg}") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 1) {
$arr = mysql_fetch_assoc($res);
if ($arr["receiver"] != $CURUSER["id"]) {
stderr("w00t", "This shouldn't happen.");
}
if ($arr["saved"] == "no") {
sql_query("DELETE FROM messages WHERE id={$origmsg}") or sqlerr(__FILE__, __LINE__);
} elseif ($arr["saved"] == "yes") {
