function invite($email) { global $CURUSER; global $SITENAME; global $BASEURL; global $SITEEMAIL; global $lang_takeinvite; $id = $CURUSER[id]; $email = unesc(htmlspecialchars(trim($email))); $email = safe_email($email); if (!$email) { bark($lang_takeinvite['std_must_enter_email']); } if (!check_email($email)) { bark($lang_takeinvite['std_invalid_email_address']); } if (EmailBanned($email)) { bark($lang_takeinvite['std_email_address_banned']); } if (!EmailAllowed($email)) { bark($lang_takeinvite['std_wrong_email_address_domains'] . allowedemails()); } $body = "\n你好,\n\n我邀请你加入 {$SITENAME}, 这是一个拥有丰富资源的非开放社区. \n如果你有兴趣加入我们请阅读规则并确认邀请.最后,确保维持一个良好的分享率 \n分享允许的资源.\n\n欢迎到来! :)\n"; $body = str_replace("<br />", "<br />", nl2br(trim(strip_tags($body)))); if (!$body) { bark($lang_takeinvite['std_must_enter_personal_message']); } // check if email addy is already in use $a = @mysql_fetch_row(@sql_query("select count(*) from users where email=" . sqlesc($email))) or die(mysql_error()); if ($a[0] != 0) { bark($lang_takeinvite['std_email_address'] . htmlspecialchars($email) . $lang_takeinvite['std_is_in_use']); } $b = @mysql_fetch_row(@sql_query("select count(*) from invites where invitee=" . sqlesc($email))) or die(mysql_error()); if ($b[0] != 0) { bark($lang_takeinvite['std_invitation_already_sent_to'] . htmlspecialchars($email) . $lang_takeinvite['std_await_user_registeration']); } $ret = sql_query("SELECT username FROM users WHERE id = " . sqlesc($id)) or sqlerr(); $arr = mysql_fetch_assoc($ret); $hash = md5(mt_rand(1, 10000) . $CURUSER['username'] . TIMENOW . $CURUSER['passhash']); $title = $SITENAME . $lang_takeinvite['mail_tilte']; $message = <<<EOD {$lang_takeinvite['mail_one']}{$arr[username]}{$lang_takeinvite['mail_two']} <b><a href="http://{$BASEURL}/signup.php?type=invite&invitenumber={$hash}" target="_blank">{$lang_takeinvite['mail_here']}</a></b><br /> http://{$BASEURL}/signup.php?type=invite&invitenumber={$hash} <br />{$lang_takeinvite['mail_three']}{$invite_timeout}{$lang_takeinvite['mail_four']}{$arr[username]}{$lang_takeinvite['mail_five']}<br /> {$body} <br /><br />{$lang_takeinvite['mail_six']} EOD; sent_mail($email, $SITENAME, $SITEEMAIL, change_email_encode(get_langfolder_cookie(), $title), change_email_encode(get_langfolder_cookie(), $message), "invitesignup", false, false, '', get_email_encode(get_langfolder_cookie())); //this email is sent only when someone give out an invitation sql_query("INSERT INTO invites (inviter, invitee, hash, time_invited) VALUES ('" . mysql_real_escape_string($id) . "', '" . mysql_real_escape_string($email) . "', '" . mysql_real_escape_string($hash) . "', " . sqlesc(date("Y-m-d H:i:s")) . ")"); }
require "include/bittorrent.php"; dbconn(); loggedinorreturn(); require_once get_langfile_path(); if (get_user_class() < UC_ADMINISTRATOR) { stderr("Error", "Access denied."); } if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_POST["username"] == "" || $_POST["password"] == "" || $_POST["email"] == "") { stderr("Error", "Missing form data."); } if ($_POST["password"] != $_POST["password2"]) { stderr("Error", "Passwords mismatch."); } $email = htmlspecialchars(trim($_POST["email"])); $email = safe_email($email); if (!check_email($email)) { stderr("Error", "Invalid email address!"); } $username = $_POST["username"]; if (!validusername($username)) { stderr("Error", "Invalid username."); } $username = sqlesc($username); $res = sql_query("SELECT id FROM users WHERE username={$username}"); $arr = mysql_fetch_row($res); if ($arr) { stderr("Error", "Username already exists!"); } $password = $_POST["password"]; $email = sqlesc($_POST["email"]);
$arr = mysql_fetch_assoc($res) or stderr("Error", "No such user."); $username = $arr["username"]; if ($arr["class"] < UC_MODERATOR) { stderr("Error", "The gateway can only be used to e-mail staff members."); } if ($_SERVER["REQUEST_METHOD"] == "POST") { $to = $arr["email"]; $from = substr(htmlspecialchars(trim($_POST["from"])), 0, 80); if ($from == "") { $from = "Anonymous"; } $from_email = substr(htmlspecialchars(trim($_POST["from_email"])), 0, 80); if ($from_email == "") { $from_email = "" . $SITEEMAIL . ""; } $from_email = safe_email($from_email); if (!$from_email) { stderr("Error", "You must enter an email address!"); } if (!check_email($from_email)) { stderr("Error", "Invalid email address!"); } $from = "{$from} <{$from_email}>"; $subject = substr(htmlspecialchars(trim($_POST["subject"])), 0, 80); if ($subject == "") { $subject = "(No subject)"; } $subject = "Fw: {$subject}"; $message = htmlspecialchars(trim($_POST["message"])); if ($message == "") { stderr("Error", "No message text!");
dbconn(); require_once get_langfile_path(); if ($enabledonation != 'yes') { stderr($lang_donate['std_sorry'], $lang_donate['std_do_not_accept_donation']); } $do = $_GET['do']; if ($do == 'thanks') { stderr($lang_donate['std_success'], $lang_donate['std_donation_success_note_one'] . "<a href=\"sendmessage.php?receiver=" . $ACCOUNTANTID . "\"><b>" . $lang_donate['std_here'] . "</b></a>" . $lang_donate['std_donation_success_note_two'], false); } else { $paypal = safe_email($PAYPALACCOUNT); if ($paypal && check_email($paypal)) { $showpaypal = true; } else { $showpaypal = false; } $alipay = safe_email($ALIPAYACCOUNT); if ($alipay && check_email($alipay)) { $showalipay = true; } else { $showalipay = false; } if ($showpaypal && $showalipay) { $tdattr = "width=\"50%\""; } elseif ($showpaypal || $showalipay) { $tdattr = "colspan=\"2\" width=\"100%\""; } else { stderr($lang_donate['std_error'], $lang_donate['std_no_donation_account_available'], false); } stdhead($lang_donate['head_donation']); begin_main_frame(); print "<h2>" . $lang_donate['text_donate'] . "</h2>";