function invite($email)
{
global $CURUSER;
global $SITENAME;
global $BASEURL;
global $SITEEMAIL;
global $lang_takeinvite;
$id = $CURUSER[id];
$email = unesc(htmlspecialchars(trim($email)));
$email = safe_email($email);
if (!$email) {
bark($lang_takeinvite['std_must_enter_email']);
}
if (!check_email($email)) {
bark($lang_takeinvite['std_invalid_email_address']);
}
if (EmailBanned($email)) {
bark($lang_takeinvite['std_email_address_banned']);
}
if (!EmailAllowed($email)) {
bark($lang_takeinvite['std_wrong_email_address_domains'] . allowedemails());
}
$body = "\n你好,\n\n我邀请你加入 {$SITENAME}, 这是一个拥有丰富资源的非开放社区. \n如果你有兴趣加入我们请阅读规则并确认邀请.最后,确保维持一个良好的分享率 \n分享允许的资源.\n\n欢迎到来! :)\n";
$body = str_replace("<br />", "<br />", nl2br(trim(strip_tags($body))));
if (!$body) {
bark($lang_takeinvite['std_must_enter_personal_message']);
}
// check if email addy is already in use
$a = @mysql_fetch_row(@sql_query("select count(*) from users where email=" . sqlesc($email))) or die(mysql_error());
if ($a[0] != 0) {
bark($lang_takeinvite['std_email_address'] . htmlspecialchars($email) . $lang_takeinvite['std_is_in_use']);
}
$b = @mysql_fetch_row(@sql_query("select count(*) from invites where invitee=" . sqlesc($email))) or die(mysql_error());
if ($b[0] != 0) {
bark($lang_takeinvite['std_invitation_already_sent_to'] . htmlspecialchars($email) . $lang_takeinvite['std_await_user_registeration']);
}
$ret = sql_query("SELECT username FROM users WHERE id = " . sqlesc($id)) or sqlerr();
$arr = mysql_fetch_assoc($ret);
$hash = md5(mt_rand(1, 10000) . $CURUSER['username'] . TIMENOW . $CURUSER['passhash']);
$title = $SITENAME . $lang_takeinvite['mail_tilte'];
$message = <<<EOD
{$lang_takeinvite['mail_one']}{$arr[username]}{$lang_takeinvite['mail_two']}
<b><a href="http://{$BASEURL}/signup.php?type=invite&invitenumber={$hash}" target="_blank">{$lang_takeinvite['mail_here']}</a></b><br />
http://{$BASEURL}/signup.php?type=invite&invitenumber={$hash}
<br />{$lang_takeinvite['mail_three']}{$invite_timeout}{$lang_takeinvite['mail_four']}{$arr[username]}{$lang_takeinvite['mail_five']}<br />
{$body}
<br /><br />{$lang_takeinvite['mail_six']}
EOD;
sent_mail($email, $SITENAME, $SITEEMAIL, change_email_encode(get_langfolder_cookie(), $title), change_email_encode(get_langfolder_cookie(), $message), "invitesignup", false, false, '', get_email_encode(get_langfolder_cookie()));
//this email is sent only when someone give out an invitation
sql_query("INSERT INTO invites (inviter, invitee, hash, time_invited) VALUES ('" . mysql_real_escape_string($id) . "', '" . mysql_real_escape_string($email) . "', '" . mysql_real_escape_string($hash) . "', " . sqlesc(date("Y-m-d H:i:s")) . ")");
}
}
if ($_COOKIE["c_secure_ssl"] == base64("yeah")) {
$ssl = true;
} else {
$ssl = false;
}
logincookie($CURUSER["id"], $passh, 1, 0x7fffffff, $securelogin_indentity_cookie, $ssl);
//sessioncookie($CURUSER["id"], $passh);
$passupdated = 1;
}
if ($disableemailchange != 'no' && $smtptype != 'none' && $email != $CURUSER["email"]) {
if (EmailBanned($email)) {
bark($lang_usercp['std_email_address_banned']);
}
if (!EmailAllowed($email)) {
bark($lang_usercp['std_wrong_email_address_domains'] . allowedemails());
}
if (!validemail($email)) {
stderr($lang_usercp['std_error'], $lang_usercp['std_wrong_email_address_format'] . goback("-2"), 0);
die;
}
$r = sql_query("SELECT id FROM users WHERE email=" . sqlesc($email)) or sqlerr();
if (mysql_num_rows($r) > 0) {
stderr($lang_usercp['std_error'], $lang_usercp['std_email_in_use'] . goback("-2"), 0);
die;
}
$changedemail = 1;
}
if ($resetpasskey == 1) {
$passkey = md5($CURUSER['username'] . date("Y-m-d H:i:s") . $CURUSER['passhash']);
$updateset[] = "passkey = " . sqlesc($passkey);
<?php
require_once "include/bittorrent.php";
dbconn();
require_once get_langfile_path("", false, $CURLANGDIR);
cur_user_check();
registration_check("cardreg");
failedloginscheck("Signup");
$emailnotice = $restrictemaildomain == 'yes' ? $lang_signup['text_email_note'] . allowedemails() : "";
$smarty->assign("{$emailnotice}", ${$emailnotice});
$select = 'signupcard';
$smarty->assign("select", $select);
$smarty->assign("show", 'yes');
$signuplist = $smarty->fetch(MTPTTEMPLATES . '/signuplist.html');
$smarty->assign("signuplist", $signuplist);
$smarty->display(MTPTTEMPLATES . '/signupcard.html');
stdfoot();
//for one or more. "invite"/"invites"
if ($inv["invites"] != 1) {
$_s = $lang_invite['text_s'];
} else {
$_s = "";
}
if ($type == 'new') {
if ($CURUSER[invites] <= 0) {
stdmsg($lang_invite['std_sorry'], $lang_invite['std_no_invites_left'] . "<a class=altlink href=invite.php?id={$CURUSER['id']}>" . $lang_invite['here_to_go_back'], false);
print "</td></tr></table>";
stdfoot();
die;
}
$invitation_body = $lang_invite['text_invitation_body'] . $CURUSER[username];
//$invitation_body_insite = str_replace("<br />","\n",$invitation_body);
print "<form method=post action=takeinvite.php?id=" . htmlspecialchars($id) . ">" . "<table border=1 width=737 cellspacing=0 cellpadding=5>" . "<tr align=center><td colspan=2><b>" . $lang_invite['text_invite_someone'] . "{$SITENAME} ({$inv['invites']}" . $lang_invite['text_invitation'] . $_s . $lang_invite['text_left'] . ")</b></td></tr>" . "<tr><td class=\"rowhead nowrap\" valign=\"top\" align=\"right\">" . $lang_invite['text_email_address'] . "</td><td align=left><input type=text size=40 name=email><br /><font align=left class=small>" . $lang_invite['text_email_address_note'] . "</font>" . ($restrictemaildomain == 'yes' ? "<br />" . $lang_invite['text_email_restriction_note'] . allowedemails() : "") . "</td></tr>" . "<tr><td class=\"rowhead nowrap\" valign=\"top\" align=\"right\">" . $lang_invite['text_message'] . "</td><td align=left><textarea name=body rows=8 cols=120>" . $invitation_body . "</textarea></td></tr>" . "<tr><td align=center colspan=2>" . "<input type=button onclick=\"\$(this).attr('disabled','true');\$(this).parents().filter('form').trigger('submit');\" value='" . $lang_invite['submit_invite'] . "'>" . "<input type=hidden name='inviterand' value='" . $_SESSION['inviterand'] . "'>" . "</td></tr>" . "</form></table></td></tr></table>";
} else {
$rel = sql_query("SELECT COUNT(*) FROM users WHERE invited_by = " . mysql_real_escape_string($id)) or sqlerr(__FILE__, __LINE__);
$arro = mysql_fetch_row($rel);
$number = $arro[0];
$ret = sql_query("SELECT id, username, email, uploaded, downloaded, status, warned, enabled, donor, email FROM users WHERE invited_by = " . mysql_real_escape_string($id)) or sqlerr();
$num = mysql_num_rows($ret);
print "<table border=1 width=737 cellspacing=0 cellpadding=5>" . "<h2 align=center>" . $lang_invite['text_invite_status'] . " ({$number})</h2><form method=post action=takeconfirm.php?id=" . htmlspecialchars($id) . ">";
if (!$num) {
print "<tr><td colspan=7 align=center>" . $lang_invite['text_no_invites'] . "</tr>";
} else {
print "<tr><td class=colhead><b>" . $lang_invite['text_username'] . "</b></td><td class=colhead><b>" . $lang_invite['text_email'] . "</b></td><td class=colhead><b>" . $lang_invite['text_uploaded'] . "</b></td><td class=colhead><b>" . $lang_invite['text_downloaded'] . "</b></td><td class=colhead><b>" . $lang_invite['text_ratio'] . "</b></td><td class=colhead><b>" . $lang_invite['text_status'] . "</b></td>";
if ($CURUSER[id] == $id || get_user_class() >= UC_SYSOP) {
print "<td class=colhead><b>" . $lang_invite['text_confirm'] . "</b></td>";
}
print "</tr>";
} else {
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$email = $_POST['email'];
//$email=safe_email($email);
$password = $_POST['password'];
if (!$email) {
bark($lang_takeinvite['std_must_enter_email']);
}
if (!check_email($email)) {
bark($lang_takeinvite['std_invalid_email_address']);
}
if (EmailBanned($email)) {
bark($lang_takeinvite['std_email_address_banned']);
}
if (!EmailAllowed($email)) {
bark($lang_takeinvite['std_wrong_email_address_domains'] . allowedemails());
}
if ($CURUSER["passhash"] != md5($CURUSER["secret"] . $password . $CURUSER["secret"])) {
bark('密码错误!');
}
sql_query("UPDATE users SET email=" . sqlesc($email) . " WHERE id={$CURUSER['id']}") or sqlerr(__FILE__, __LINE__);
stdmsg('邮箱修改成功!', '请到<a class=faqlink href=usercp.php>个人页面</a>查看。');
stdfoot();
exit;
}
?>
<h1>修改邮箱</h1>
<form method=post action=changeemailforyahoo.php>
<table border=1 cellspacing=0 cellpadding=5>
<tr><td class=rowhead>请输入新邮箱</td><td><input type=text name=email size=40>注意:修改后没有验证环节,因此请谨慎修改,避免填错。</td></tr>
<tr><td class=rowhead>请输入你的密码</td><td><input type=password name=password size=40>如果在此页面发现任何bug请反馈至管理组,谢谢</td></tr>
$arr = mysql_fetch_assoc($res);
$invusername = $arr[username];
}
if (!mkglobal("wantusername:wantpassword:passagain:email")) {
die;
}
$email = htmlspecialchars(trim($email));
$email = safe_email($email);
if (!check_email($email)) {
bark($lang_takesignup['std_invalid_email_address']);
}
if (EmailBanned($email)) {
bark($lang_takesignup['std_email_address_banned']);
}
if (!EmailAllowed($email)) {
bark($lang_takesignup['std_wrong_email_address_domains'] . allowedemails());
}
$country = $_POST["country"];
int_check($country);
if ($showschool == 'yes') {
$school = $_POST["school"];
int_check($school);
}
$gender = htmlspecialchars(trim($_POST["gender"]));
$allowed_genders = array("Male", "Female", "male", "female");
if (!in_array($gender, $allowed_genders, true)) {
bark($lang_takesignup['std_invalid_gender']);
}
if (empty($wantusername) || empty($wantpassword) || empty($email) || empty($country) || empty($gender)) {
bark($lang_takesignup['std_blank_field']);
}
