function invite($email)
{
global $CURUSER;
global $SITENAME;
global $BASEURL;
global $SITEEMAIL;
global $lang_takeinvite;
$id = $CURUSER[id];
$email = unesc(htmlspecialchars(trim($email)));
$email = safe_email($email);
if (!$email) {
bark($lang_takeinvite['std_must_enter_email']);
}
if (!check_email($email)) {
bark($lang_takeinvite['std_invalid_email_address']);
}
if (EmailBanned($email)) {
bark($lang_takeinvite['std_email_address_banned']);
}
if (!EmailAllowed($email)) {
bark($lang_takeinvite['std_wrong_email_address_domains'] . allowedemails());
}
$body = "\n你好,\n\n我邀请你加入 {$SITENAME}, 这是一个拥有丰富资源的非开放社区. \n如果你有兴趣加入我们请阅读规则并确认邀请.最后,确保维持一个良好的分享率 \n分享允许的资源.\n\n欢迎到来! :)\n";
$body = str_replace("<br />", "<br />", nl2br(trim(strip_tags($body))));
if (!$body) {
bark($lang_takeinvite['std_must_enter_personal_message']);
}
// check if email addy is already in use
$a = @mysql_fetch_row(@sql_query("select count(*) from users where email=" . sqlesc($email))) or die(mysql_error());
if ($a[0] != 0) {
bark($lang_takeinvite['std_email_address'] . htmlspecialchars($email) . $lang_takeinvite['std_is_in_use']);
}
$b = @mysql_fetch_row(@sql_query("select count(*) from invites where invitee=" . sqlesc($email))) or die(mysql_error());
if ($b[0] != 0) {
bark($lang_takeinvite['std_invitation_already_sent_to'] . htmlspecialchars($email) . $lang_takeinvite['std_await_user_registeration']);
}
$ret = sql_query("SELECT username FROM users WHERE id = " . sqlesc($id)) or sqlerr();
$arr = mysql_fetch_assoc($ret);
$hash = md5(mt_rand(1, 10000) . $CURUSER['username'] . TIMENOW . $CURUSER['passhash']);
$title = $SITENAME . $lang_takeinvite['mail_tilte'];
$message = <<<EOD
{$lang_takeinvite['mail_one']}{$arr[username]}{$lang_takeinvite['mail_two']}
<b><a href="http://{$BASEURL}/signup.php?type=invite&invitenumber={$hash}" target="_blank">{$lang_takeinvite['mail_here']}</a></b><br />
http://{$BASEURL}/signup.php?type=invite&invitenumber={$hash}
<br />{$lang_takeinvite['mail_three']}{$invite_timeout}{$lang_takeinvite['mail_four']}{$arr[username]}{$lang_takeinvite['mail_five']}<br />
{$body}
<br /><br />{$lang_takeinvite['mail_six']}
EOD;
sent_mail($email, $SITENAME, $SITEEMAIL, change_email_encode(get_langfolder_cookie(), $title), change_email_encode(get_langfolder_cookie(), $message), "invitesignup", false, false, '', get_email_encode(get_langfolder_cookie()));
//this email is sent only when someone give out an invitation
sql_query("INSERT INTO invites (inviter, invitee, hash, time_invited) VALUES ('" . mysql_real_escape_string($id) . "', '" . mysql_real_escape_string($email) . "', '" . mysql_real_escape_string($hash) . "', " . sqlesc(date("Y-m-d H:i:s")) . ")");
}
require "include/bittorrent.php";
dbconn();
loggedinorreturn();
require_once get_langfile_path();
if (get_user_class() < UC_ADMINISTRATOR) {
stderr("Error", "Access denied.");
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if ($_POST["username"] == "" || $_POST["password"] == "" || $_POST["email"] == "") {
stderr("Error", "Missing form data.");
}
if ($_POST["password"] != $_POST["password2"]) {
stderr("Error", "Passwords mismatch.");
}
$email = htmlspecialchars(trim($_POST["email"]));
$email = safe_email($email);
if (!check_email($email)) {
stderr("Error", "Invalid email address!");
}
$username = $_POST["username"];
if (!validusername($username)) {
stderr("Error", "Invalid username.");
}
$username = sqlesc($username);
$res = sql_query("SELECT id FROM users WHERE username={$username}");
$arr = mysql_fetch_row($res);
if ($arr) {
stderr("Error", "Username already exists!");
}
$password = $_POST["password"];
$email = sqlesc($_POST["email"]);
$arr = mysql_fetch_assoc($res) or stderr("Error", "No such user.");
$username = $arr["username"];
if ($arr["class"] < UC_MODERATOR) {
stderr("Error", "The gateway can only be used to e-mail staff members.");
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$to = $arr["email"];
$from = substr(htmlspecialchars(trim($_POST["from"])), 0, 80);
if ($from == "") {
$from = "Anonymous";
}
$from_email = substr(htmlspecialchars(trim($_POST["from_email"])), 0, 80);
if ($from_email == "") {
$from_email = "" . $SITEEMAIL . "";
}
$from_email = safe_email($from_email);
if (!$from_email) {
stderr("Error", "You must enter an email address!");
}
if (!check_email($from_email)) {
stderr("Error", "Invalid email address!");
}
$from = "{$from} <{$from_email}>";
$subject = substr(htmlspecialchars(trim($_POST["subject"])), 0, 80);
if ($subject == "") {
$subject = "(No subject)";
}
$subject = "Fw: {$subject}";
$message = htmlspecialchars(trim($_POST["message"]));
if ($message == "") {
stderr("Error", "No message text!");
dbconn();
require_once get_langfile_path();
if ($enabledonation != 'yes') {
stderr($lang_donate['std_sorry'], $lang_donate['std_do_not_accept_donation']);
}
$do = $_GET['do'];
if ($do == 'thanks') {
stderr($lang_donate['std_success'], $lang_donate['std_donation_success_note_one'] . "<a href=\"sendmessage.php?receiver=" . $ACCOUNTANTID . "\"><b>" . $lang_donate['std_here'] . "</b></a>" . $lang_donate['std_donation_success_note_two'], false);
} else {
$paypal = safe_email($PAYPALACCOUNT);
if ($paypal && check_email($paypal)) {
$showpaypal = true;
} else {
$showpaypal = false;
}
$alipay = safe_email($ALIPAYACCOUNT);
if ($alipay && check_email($alipay)) {
$showalipay = true;
} else {
$showalipay = false;
}
if ($showpaypal && $showalipay) {
$tdattr = "width=\"50%\"";
} elseif ($showpaypal || $showalipay) {
$tdattr = "colspan=\"2\" width=\"100%\"";
} else {
stderr($lang_donate['std_error'], $lang_donate['std_no_donation_account_available'], false);
}
stdhead($lang_donate['head_donation']);
begin_main_frame();
print "<h2>" . $lang_donate['text_donate'] . "</h2>";
