function invite($email) { global $CURUSER; global $SITENAME; global $BASEURL; global $SITEEMAIL; global $lang_takeinvite; $id = $CURUSER[id]; $email = unesc(htmlspecialchars(trim($email))); $email = safe_email($email); if (!$email) { bark($lang_takeinvite['std_must_enter_email']); } if (!check_email($email)) { bark($lang_takeinvite['std_invalid_email_address']); } if (EmailBanned($email)) { bark($lang_takeinvite['std_email_address_banned']); } if (!EmailAllowed($email)) { bark($lang_takeinvite['std_wrong_email_address_domains'] . allowedemails()); } $body = "\n你好,\n\n我邀请你加入 {$SITENAME}, 这是一个拥有丰富资源的非开放社区. \n如果你有兴趣加入我们请阅读规则并确认邀请.最后,确保维持一个良好的分享率 \n分享允许的资源.\n\n欢迎到来! :)\n"; $body = str_replace("<br />", "<br />", nl2br(trim(strip_tags($body)))); if (!$body) { bark($lang_takeinvite['std_must_enter_personal_message']); } // check if email addy is already in use $a = @mysql_fetch_row(@sql_query("select count(*) from users where email=" . sqlesc($email))) or die(mysql_error()); if ($a[0] != 0) { bark($lang_takeinvite['std_email_address'] . htmlspecialchars($email) . $lang_takeinvite['std_is_in_use']); } $b = @mysql_fetch_row(@sql_query("select count(*) from invites where invitee=" . sqlesc($email))) or die(mysql_error()); if ($b[0] != 0) { bark($lang_takeinvite['std_invitation_already_sent_to'] . htmlspecialchars($email) . $lang_takeinvite['std_await_user_registeration']); } $ret = sql_query("SELECT username FROM users WHERE id = " . sqlesc($id)) or sqlerr(); $arr = mysql_fetch_assoc($ret); $hash = md5(mt_rand(1, 10000) . $CURUSER['username'] . TIMENOW . $CURUSER['passhash']); $title = $SITENAME . $lang_takeinvite['mail_tilte']; $message = <<<EOD {$lang_takeinvite['mail_one']}{$arr[username]}{$lang_takeinvite['mail_two']} <b><a href="http://{$BASEURL}/signup.php?type=invite&invitenumber={$hash}" target="_blank">{$lang_takeinvite['mail_here']}</a></b><br /> http://{$BASEURL}/signup.php?type=invite&invitenumber={$hash} <br />{$lang_takeinvite['mail_three']}{$invite_timeout}{$lang_takeinvite['mail_four']}{$arr[username]}{$lang_takeinvite['mail_five']}<br /> {$body} <br /><br />{$lang_takeinvite['mail_six']} EOD; sent_mail($email, $SITENAME, $SITEEMAIL, change_email_encode(get_langfolder_cookie(), $title), change_email_encode(get_langfolder_cookie(), $message), "invitesignup", false, false, '', get_email_encode(get_langfolder_cookie())); //this email is sent only when someone give out an invitation sql_query("INSERT INTO invites (inviter, invitee, hash, time_invited) VALUES ('" . mysql_real_escape_string($id) . "', '" . mysql_real_escape_string($email) . "', '" . mysql_real_escape_string($hash) . "', " . sqlesc(date("Y-m-d H:i:s")) . ")"); }
$updateset[] = "editsecret = " . sqlesc($sec); $subject = "{$SITENAME}" . $lang_usercp['mail_profile_change_confirmation']; $body = <<<EOD {$lang_usercp['mail_change_email_one']}{$CURUSER["username"]}{$lang_usercp['mail_change_email_two']}({$email}){$lang_usercp['mail_change_email_three']} {$lang_usercp['mail_change_email_four']}{$_SERVER["REMOTE_ADDR"]}{$lang_usercp['mail_change_email_five']} {$lang_usercp['mail_change_email_six']}<b><a href="http://{$BASEURL}/confirmemail.php/{$CURUSER["id"]}/{$hash}/{$obemail}" target="_blank">{$lang_usercp['mail_here']}</a></b>{$lang_usercp['mail_change_email_six_1']}<br /> http://{$BASEURL}/confirmemail.php/{$CURUSER["id"]}/{$hash}/{$obemail} {$lang_usercp['mail_change_email_seven']} ------{$lang_usercp['mail_change_email_eight']} {$lang_usercp['mail_change_email_nine']} EOD; sent_mail($email, $SITENAME, $SITEEMAIL, change_email_encode(get_langfolder_cookie(), $subject), change_email_encode(get_langfolder_cookie(), str_replace("<br />", "<br />", nl2br($body))), "profile change", false, false, '', get_email_encode(get_langfolder_cookie())); // Add comment for email change /*$res = sql_query("SELECT * FROM users WHERE id = ".sqlesc($CURUSER["id"])) or sqlerr(__FILE__, __LINE__); $arr = mysql_fetch_assoc($res); $modcomment = $arr['modcomment'];*/ $modcomment = $CURUSER['modcomment']; $modcomment = date("Y-m-d") . " - " . "change email address: " . $CURUSER["email"] . " -> " . $email . "\n" . $modcomment; sql_query("UPDATE users SET modcomment = " . sqlesc($modcomment) . " WHERE id = " . $CURUSER["id"]) or sqlerr(__FILE__, __LINE__); } if ($privacy != "normal" && $privacy != "low" && $privacy != "strong") { die("whoops"); } $updateset[] = "privacy = " . sqlesc($privacy); if ($CURUSER['privacy'] != $privacy) { $privacyupdated = 1; }
$body_arr[$langfolder_array[$i]] = <<<EOD {$lang_takeupload_target[$langfolder_array[$i]]['mail_hi']} {$lang_takeupload_target[$langfolder_array[$i]]['mail_new_torrent']} {$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent_name']}{$torrent} {$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent_size']}{$size} {$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent_category']}{$cat} {$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent_uppedby']}{$uploader} {$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent_description']} ------------------------------------------------------------------------------------------------------------------------- {$description} ------------------------------------------------------------------------------------------------------------------------- {$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent']}<b><a href="javascript:void(null)" onclick="window.open('http://{$BASEURL}/details.php?id={$id}&hit=1')">{$lang_takeupload_target[$langfolder_array[$i]]['mail_here']}</a></b><br /> http://{$BASEURL}/details.php?id={$id}&hit=1 ------{$lang_takeupload_target[$langfolder_array[$i]]['mail_yours']} {$lang_takeupload_target[$langfolder_array[$i]]['mail_team']} EOD; $body_arr[$langfolder_array[$i]] = str_replace("<br />", "<br />", nl2br($body_arr[$langfolder_array[$i]])); $i++; } while ($arr = mysql_fetch_array($res)) { $current_lang = $arr["lang"]; $to = $arr["email"]; sent_mail($to, $SITENAME, $SITEEMAIL, change_email_encode(validlang($current_lang), $lang_takeupload_target[validlang($current_lang)]['mail_title'] . $torrent), change_email_encode(validlang($current_lang), $body_arr[validlang($current_lang)]), "torrent upload", false, false, '', get_email_encode(validlang($current_lang)), "eYou"); } } header("Location: " . get_protocol_prefix() . "{$BASEURL}/details.php?id=" . htmlspecialchars($id) . "&uploaded=1");
$ip = getip(); $usern = $arr["username"]; $id = $arr["id"]; $title = $SITENAME . $lang_confirm_resend['mail_title']; $body = <<<EOD {$lang_confirm_resend['mail_one']}{$usern}{$lang_confirm_resend['mail_two']}({$email}){$lang_confirm_resend['mail_three']}{$ip}{$lang_confirm_resend['mail_four']} <b><a href="javascript:void(null)" onclick="window.open('http://{$BASEURL}/confirm.php?id={$id}&secret={$psecret}')"> {$lang_confirm_resend['mail_this_link']} </a></b><br /> http://{$BASEURL}/confirm.php?id={$id}&secret={$psecret} {$lang_confirm_resend['mail_four_1']} <b><a href="javascript:void(null)" onclick="window.open('http://{$BASEURL}/confirm_resend.php')">{$lang_confirm_resend['mail_here']}</a></b><br /> http://{$BASEURL}/confirm_resend.php <br /> {$lang_confirm_resend['mail_five']} EOD; sent_mail($email, $SITENAME, $SITEEMAIL, change_email_encode(get_langfolder_cookie(), $title), change_email_encode(get_langfolder_cookie(), $body), "signup", false, false, '', get_email_encode(get_langfolder_cookie())); header("Location: " . get_protocol_prefix() . "{$BASEURL}/ok.php?type=signup&email=" . rawurlencode($email)); } else { stdhead(); $s = "<select name=\"sitelanguage\" onchange='submit()'>\n"; $langs = langlist("site_lang"); foreach ($langs as $row) { if ($row["site_lang_folder"] == get_langfolder_cookie()) { $se = " selected=\"selected\""; } else { $se = ""; } $s .= "<option value=\"" . $row["id"] . "\" " . $se . ">" . htmlspecialchars($row["lang_name"]) . "</option>\n"; } $s .= "\n</select>"; ?>
$body = <<<EOD \t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_dear']}{$msg_receiver}, \t\t \t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_you_received_a_pm']} \t\t \t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_sender']}: {$username} \t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_subject']}: {$subject} \t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_date']}: {$date} \t\t \t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_use_following_url']}<b><a href="javascript:void(null)" onclick="window.open('{$prefix}{$BASEURL}/messages.php?action=viewmessage&id={$msgid}')">{$lang_takemessage_target[get_user_lang($user["id"])]['mail_here']}</a></b>{$lang_takemessage_target[get_user_lang($user["id"])]['mail_use_following_url_1']}<br /> {$prefix}{$BASEURL}/messages.php?action=viewmessage&id={$msgid} \t\t \t\t------{$lang_takemessage_target[get_user_lang($user["id"])]['mail_yours']} \t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_the_site_team']} EOD; sent_mail($user["email"], $SITENAME, $SITEEMAIL, change_email_encode(get_user_lang($user["id"]), $title), change_email_encode(get_user_lang($user["id"]), str_replace("<br />", "<br />", nl2br($body))), "sendmessage", false, false, '', get_email_encode(get_user_lang($user["id"]))); } } $delete = $_POST["delete"]; if ($origmsg) { if ($delete == "yes") { // Make sure receiver of $origmsg is current user $res = sql_query("SELECT * FROM messages WHERE id={$origmsg}") or sqlerr(__FILE__, __LINE__); if (mysql_num_rows($res) == 1) { $arr = mysql_fetch_assoc($res); if ($arr["receiver"] != $CURUSER["id"]) { stderr("w00t", "This shouldn't happen."); } if ($arr["saved"] == "no") { sql_query("DELETE FROM messages WHERE id={$origmsg}") or sqlerr(__FILE__, __LINE__); } elseif ($arr["saved"] == "yes") {