Gazelle/sections/user/takeinvite.php

110 lines
3.0 KiB
PHP
Raw Normal View History

2011-03-28 14:21:28 +00:00
<?
2013-04-20 08:01:01 +00:00
if (!$UserCount = $Cache->get_value('stats_user_count')) {
2013-05-27 08:00:58 +00:00
$DB->query("
SELECT COUNT(ID)
FROM users_main
2013-06-24 08:00:28 +00:00
WHERE Enabled = '1'");
2011-03-28 14:21:28 +00:00
list($UserCount) = $DB->next_record();
$Cache->cache_value('stats_user_count', $UserCount, 0);
}
$UserID = $LoggedUser['ID'];
//This is where we handle things passed to us
authorize();
2013-05-27 08:00:58 +00:00
$DB->query("
SELECT can_leech
FROM users_main
WHERE ID = $UserID");
2011-03-28 14:21:28 +00:00
list($CanLeech) = $DB->next_record();
2013-06-24 08:00:28 +00:00
if ($LoggedUser['RatioWatch']
|| !$CanLeech
|| $LoggedUser['DisableInvites'] == '1'
|| $LoggedUser['Invites'] == 0
&& !check_perms('site_send_unlimited_invites')
|| (
$UserCount >= USER_LIMIT
&& USER_LIMIT != 0
&& !check_perms('site_can_invite_always')
)
) {
2011-03-28 14:21:28 +00:00
error(403);
}
$Email = $_POST['email'];
$Username = $LoggedUser['Username'];
$SiteName = SITE_NAME;
2013-04-19 08:00:55 +00:00
$SiteURL = SSL_SITE_URL;
2013-05-27 08:00:58 +00:00
$InviteExpires = time_plus(60 * 60 * 24 * 3); // 3 days
2011-03-28 14:21:28 +00:00
//MultiInvite
2013-06-24 08:00:28 +00:00
if (strpos($Email, '|') !== false && check_perms('site_send_unlimited_invites')) {
2011-03-28 14:21:28 +00:00
$Emails = explode('|', $Email);
} else {
$Emails = array($Email);
}
2013-04-20 08:01:01 +00:00
foreach ($Emails as $CurEmail) {
2011-03-28 14:21:28 +00:00
if (!preg_match("/^".EMAIL_REGEX."$/i", $CurEmail)) {
2013-04-20 08:01:01 +00:00
if (count($Emails) > 1) {
2011-03-28 14:21:28 +00:00
continue;
} else {
error('Invalid email.');
header('Location: user.php?action=invite');
die();
}
}
2013-05-27 08:00:58 +00:00
$DB->query("
SELECT Expires
FROM invites
WHERE InviterID = ".$LoggedUser['ID']."
AND Email LIKE '$CurEmail'");
2013-04-20 08:01:01 +00:00
if ($DB->record_count() > 0) {
2013-05-27 08:00:58 +00:00
error('You already have a pending invite to that address!');
2011-03-28 14:21:28 +00:00
header('Location: user.php?action=invite');
die();
}
2012-10-11 08:00:15 +00:00
$InviteKey = db_string(Users::make_secret());
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
$Message = <<<EOT
2013-02-23 08:00:22 +00:00
The user $Username has invited you to join $SiteName and has specified this address ($CurEmail) as your email address. If you do not know this person, please ignore this email, and do not reply.
2011-03-28 14:21:28 +00:00
2013-02-23 08:00:22 +00:00
Please note that selling invites, trading invites, and giving invites away publicly (e.g. on a forum) is strictly forbidden. If you have received your invite as a result of any of these things, do not bother signing up - you will be banned and lose your chances of ever signing up legitimately.
2011-03-28 14:21:28 +00:00
To confirm your invite, click on the following link:
2013-04-19 08:00:55 +00:00
https://$SiteURL/register.php?invite=$InviteKey
2011-03-28 14:21:28 +00:00
2013-02-22 08:00:24 +00:00
After you register, you will be able to use your account. Please take note that if you do not use this invite in the next 3 days, it will expire. We urge you to read the RULES and the wiki immediately after you join.
2011-03-28 14:21:28 +00:00
Thank you,
$SiteName Staff
EOT;
2013-02-22 08:00:24 +00:00
2013-05-27 08:00:58 +00:00
$DB->query("
INSERT INTO invites
(InviterID, InviteKey, Email, Expires)
VALUES
('$LoggedUser[ID]', '$InviteKey', '".db_string($CurEmail)."', '$InviteExpires')");
2011-03-28 14:21:28 +00:00
if (!check_perms('site_send_unlimited_invites')) {
2013-05-27 08:00:58 +00:00
$DB->query("
UPDATE users_main
2013-06-24 08:00:28 +00:00
SET Invites = GREATEST(Invites, 1) - 1
WHERE ID = '$LoggedUser[ID]'");
2011-03-28 14:21:28 +00:00
$Cache->begin_transaction('user_info_heavy_'.$LoggedUser['ID']);
2013-06-24 08:00:28 +00:00
$Cache->update_row(false, array('Invites' => '-1'));
2011-03-28 14:21:28 +00:00
$Cache->commit_transaction(0);
}
2013-02-22 08:00:24 +00:00
2013-06-24 08:00:28 +00:00
Misc::send_email($CurEmail, 'You have been invited to '.SITE_NAME, $Message, 'noreply');
2013-05-16 16:15:57 +00:00
2011-03-28 14:21:28 +00:00
}
header('Location: user.php?action=invite');
?>