Joe
10th April 2014 05:19
Have a try at this a sit was posted for the 09 source and I know pytn bigjjoes and pdq all used this along the way..
Code:
mproved & Safer Number Key Invite System By Neptune.
Reworked for Tbdev 09
Xhtml Valid
The files are now up to date for 2009 final revision.
/**
* @sql
*/
Code: SQL
CREATE TABLE `invite_codes` (
`id` INT ( 10 ) UNSIGNED NOT NULL AUTO_INCREMENT ,
`sender` INT ( 10 ) UNSIGNED NOT NULL DEFAULT '0' ,
`receiver` VARCHAR ( 32 ) NOT NULL DEFAULT '0' ,
`code` VARCHAR ( 32 ) NOT NULL DEFAULT '' ,
`invite_added` INT ( 10 ) NOT NULL ,
`status` enum( 'Pending' , 'Confirmed' ) NOT NULL DEFAULT 'Pending' ,
PRIMARY KEY ( `id` ) ,
KEY `sender` ( `id` )
) ENGINE= MyISAM DEFAULT CHARSET= latin1 AUTO_INCREMENT = 1 ;
ALTER TABLE `users` ADD `invites` INT ( 10 ) UNSIGNED NOT NULL DEFAULT '1' ;
ALTER TABLE `users` ADD `invitedby` INT ( 10 ) UNSIGNED NOT NULL DEFAULT '0' ;
ALTER TABLE `users` ADD `invite_rights` enum( 'yes' , 'no' ) NOT NULL DEFAULT 'yes' ;
ALTER TABLE `users` ADD `invitees` VARCHAR ( 100 ) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL DEFAULT '' ;
/**
* @file config.php
*/
add after maxusers
Code: PHP
$TBDEV [ 'invites' ] = 3500 ; // set this to what you want
/**
* @file userdetails.php
*/
for displaying invitees
Code: PHP
if ( $CURUSER [ 'class' ] >= UC_MODERATOR && $user [ 'invitedby' ] > 0 || $user [ 'id' ] == $CURUSER [ 'id' ] && $user [ 'invitedby' ] > 0 ) {
$invitedby = mysql_query ( 'SELECT username FROM users WHERE id = ' . sqlesc( $user [ 'invitedby' ] ) ) ;
$invitedby2 = mysql_fetch_array ( $invitedby ) ;
$HTMLOUT .= "{$lang['userdetails_invby']} /userdetails.php?id=". $user [ 'invitedby' ] . "'>'" . htmlspecialchars ( $invitedby2 [ 'username' ] ) . "' " ; }
Or the old original code :
Code: PHP
if ( $CURUSER [ "class" ] >= UC_MODERATOR && $user [ "invites" ] > 0 || $user [ "id" ] == $CURUSER [ "id" ] && $user [ "invites" ] > 0 )
$HTMLOUT .= "{$lang['userdetails_invites']} /invite.php'>". htmlspecialchars ( $user [ "invites" ] ) . " \n " ;
if ( $CURUSER [ "class" ] >= UC_MODERATOR && $user [ "invitedby" ] > 0 || $user [ "id" ] == $CURUSER [ "id" ] && $user [ "invitedby" ] > 0 )
{
$invitedby = mysql_query ( "SELECT username FROM users WHERE id=$user[invitedby] " ) ;
$invited_by2 = mysql_fetch_assoc ( $invitedby ) ;
$HTMLOUT .= "{$lang['userdetails_invby']} invited by/userdetails.php?id=$user[invitedby] '>$invited_by2[username] \n " ;
}
if ( $CURUSER [ "class" ] >= UC_MODERATOR && $user [ "invitees" ] > 0 || $user [ "id" ] == $CURUSER [ "id" ] && $user [ "invitees" ] > 0 )
{
$compl = $user [ "invitees" ] ;
$compl_list = explode ( " " , $compl ) ;
$arr = array ( ) ;
foreach ( $compl_list as $array_list )
$arr [ ] = $array_list ;
$compl_arr = array_reverse ( $arr , TRUE ) ;
$f = 0 ;
foreach ( $compl_arr as $user_id )
{
$compl_user = mysql_query ( "SELECT id, username FROM users WHERE id='$user_id ' and status='confirmed'" ) ;
$compl_users = mysql_fetch_assoc ( $compl_user ) ;
if ( $compl_users [ "id" ] > 0 )
{
$HTMLOUT .= "{$lang['userdetails_invitees']} ";
$compl = $user [ "invitees" ] ;
$compl_list = explode ( " " , $compl ) ;
$arr = array ( ) ;
foreach ( $compl_list as $array_list )
$arr [ ] = $array_list ;
$compl_arr = array_reverse ( $arr , TRUE ) ;
$i = 0 ;
foreach ( $compl_arr as $user_id )
{
$compl_user = mysql_query ( "SELECT id, username FROM users WHERE id='$user_id ' and status='confirmed' ORDER BY username" ) ;
$compl_users = mysql_fetch_assoc ( $compl_user ) ;
$HTMLOUT .= " /userdetails.php?id=" . $compl_users [ "id" ] . "'>" . $compl_users [ "username" ] . " " ;
if ( $i == "9" )
break ;
$i ++;
}
$HTMLOUT .= " " ;
$f = 1 ;
}
if ( $f == "1" )
break ;
}
}
@File lang/en/lang_userdetails.php :
Code: PHP
'userdetails_invites' => "Invites" ,
'userdetails_invitees' => "Invitees" ,
'userdetails_invby' => 'Invited by' ,
/**
* @file userdetails.php
*/
staff section, set invite on or off & invite amount
Code: PHP
$HTMLOUT .= "{$lang['userdetails_invright']} . ( $user [ "invite_rights" ] == "yes" ? " checked='checked'" : "" ) . " />{$lang['userdetails_yes']} . ( $user [ "invite_rights" ] == "no" ? " checked='checked'" : "" ) . " />{$lang['userdetails_no']} \n " ;
$HTMLOUT .= "{$lang['userdetails_invites']} ] ) . "' /> \n " ;
/**
* @file lang/en/lang_userdetails.php
*/
lang_userdetails.php add
Code: PHP
'userdetails_invright' => "Invite rights" ,
'userdetails_invites' => "Invites" ,
'userdetails_invby' => "Invited by" ,
/**
* @file modtask.php
*/
Code: PHP
// invite rights
if ( ( isset ( $_POST [ 'invite_rights' ] ) ) && ( ( $invite_rights = $_POST [ 'invite_rights' ] ) != $user [ 'invite_rights' ] ) ) {
if ( $invite_rights == 'yes' )
{
$modcomment = get_date( time ( ) , 'DATE' , 1 ) . " - Invite rights enabled by " . htmlspecialchars ( $CURUSER [ 'username' ] ) . ".\n " . $modcomment ;
$msg = sqlesc( "Your invite rights have been given back by " . htmlspecialchars ( $CURUSER [ 'username' ] ) . ". You can invite users again." ) ;
$added = time ( ) ;
mysql_query ( "INSERT INTO messages (sender, receiver, msg, added) VALUES (0, $userid , $msg , $added )" ) or sqlerr( __FILE__ , __LINE__ ) ;
}
elseif ( $invite_rights == 'no' ) {
$modcomment = get_date( time ( ) , 'DATE' , 1 ) . " - Invite rights disabled by " . htmlspecialchars ( $CURUSER [ 'username' ] ) . ".\n " . $modcomment ;
$msg = sqlesc( "Your invite rights have been removed by " . htmlspecialchars ( $CURUSER [ 'username' ] ) . ", probably because you invited a bad user." ) ;
$added = time ( ) ;
mysql_query ( "INSERT INTO messages (sender, receiver, msg, added) VALUES (0, $userid , $msg , $added )" ) or sqlerr( __FILE__ , __LINE__ ) ;
}
$updateset [ ] = "invite_rights = " . sqlesc( $invite_rights ) ;
}
// change invite amount
if ( ( isset ( $_POST [ 'invites' ] ) ) && ( ( $invites = $_POST [ 'invites' ] ) != ( $curinvites = $user [ 'invites' ] ) ) )
{
$modcomment = get_date( time ( ) , 'DATE' , 1 ) . " - Invite amount changed to " . $invites . " from " . $curinvites . " by " . htmlspecialchars ( $CURUSER [ 'username' ] ) . ".\n " . $modcomment ;
$updateset [ ] = "invites = " . sqlesc( $invites ) ;
}
/**
* @file bittorrent.php ~lines 906-907 to display invites
*/
Code: PHP
"$IsDonor $warn [ /logout.php'>{$lang['gl_logout']} ] $member_reputation ".
" Invites: /invite.php'>{$CURUSER['invites']}
@ file config under :
Code: PHP
$TBDEV [ 'invites' ] = 3500 ; // LoL Who we kiddin' here?
Add :
Code: PHP
$TBDEV [ 'openreg' ] = true ; //==true=open, false = closed
@ file signup.php under :
Code: PHP
$lang = array_merge ( load_language( 'global' ) , load_language( 'signup' ) ) ;
add :
Code: PHP
if ( ! $TBDEV [ 'openreg' ] )
stderr( 'Sorry' , 'Invite only - Signups are closed presently' ) ;
@ file takesignup.php under :
Code: PHP
$lang = array_merge ( load_language( 'global' ) , load_language( 'takesignup' ) ) ;
add :
Code: PHP
if ( ! $TBDEV [ 'openreg' ] )
stderr( 'Sorry' , 'Invite only - Signups are closed presently' ) ;
Then save upload the 4 files to root and that should be all.
invite.php :
Code: PHP
/*
+------------------------------------------------
| $Date$
| $Revision$ 09 Final
| $Invite
| $Author$ Neptune,Bigjoos
| $URL$
+------------------------------------------------
*/
require_once ( 'include/bittorrent.php' ) ;
require_once ( 'include/user_functions.php' ) ;
require_once ( 'include/password_functions.php' ) ;
dbconn( ) ;
loggedinorreturn( ) ;
$HTMLOUT = '' ;
$sure = '' ;
$lang = array_merge ( load_language( 'global' ) , load_language( 'invite_code' ) ) ;
$do = ( isset ( $_GET [ "do" ] ) ? $_GET [ "do" ] : ( isset ( $_POST [ "do" ] ) ? $_POST [ "do" ] : '' ) ) ;
$valid_actions = array ( 'create_invite' , 'delete_invite' , 'confirm_account' , 'view_page' , 'send_email' ) ;
$do = ( ( $do && in_array ( $do , $valid_actions , true ) ) ? $do : '' ) or header ( "Location: ?do=view_page" ) ;
/**
* @action Main Page
*/
if ( $do == 'view_page' ) {
$query = myysql_query( 'SELECT * FROM users WHERE invitedby = ' . sqlesc( $CURUSER [ 'id' ] ) ) or sqlerr( __FILE__ , __LINE__ ) ;
$rows = mysql_num_rows ( $query ) ;
$HTMLOUT = '' ;
$HTMLOUT .= "
{$lang['invites_users']} ";
if ( ! $rows ) {
$HTMLOUT .= "{$lang['invites_nousers']} " ;
} else {
$HTMLOUT .= "
{$lang['invites_username']}
{$lang['invites_uploaded']}
{$lang['invites_downloaded']}
{$lang['invites_ratio']}
{$lang['invites_status']}
{$lang['invites_confirm']}
" ;
for ( $i = 0 ; $i < $rows ; ++ $i ) {
$arr = mysql_fetch_assoc ( $query ) ;
if ( $arr [ 'status' ] == 'pending' )
$user = " " . htmlspecialchars ( $arr [ 'username' ] ) . " ";
else
$user = " /userdetails.php?id=$arr[id] '>" . htmlspecialchars ( $arr [ 'username' ] ) . "" . ( $arr [ "warned" ] == "yes" ? " warned.gif' border='0' alt='Warned' />" : "" ) . " " . ( $arr [ "enabled" ] == "no" ? " disabled.gif' border='0' alt='Disabled' />" : "" ) . " " . ( $arr [ "donor" ] == "yes" ? " star.gif' border='0' alt='Donor' />" : "" ) . " ";
if ( $arr [ 'downloaded' ] > 0 ) {
$ratio = number_format ( $arr [ 'uploaded' ] / $arr [ 'downloaded' ] , 3 ) ;
$ratio = "" . $ratio . " " ;
} else {
if ( $arr [ 'uploaded' ] > 0 ) {
$ratio = 'Inf.' ;
}
else {
$ratio = '---' ;
}
}
if ( $arr [ "status" ] == 'confirmed' )
$status = "{$lang['invites_confirm1']} " ;
else
$status = "{$lang['invites_pend']} " ;
$HTMLOUT .= "". $user . " " . mksize( $arr [ 'uploaded' ] ) . " " . mksize( $arr [ 'downloaded' ] ) . " ". $ratio . " ". $status . " ";
if ( $arr [ 'status' ] == 'pending' ) {
$HTMLOUT .= " ] . "&sender=" . $CURUSER [ 'id' ] . "'> confirm.png' alt='confirm' title='Confirm' border='0' /> " ;
}
else
$HTMLOUT .= " --- ";
}
}
$HTMLOUT .= "
";
$select = mysql_query ( "SELECT * FROM invite_codes WHERE sender = " . $CURUSER [ 'id' ] . " AND status = 'Pending'" ) or sqlerr( ) ;
$num_row = mysql_num_rows ( $select ) ;
$HTMLOUT .= "" ;
print stdhead( 'Invites' ) . $HTMLOUT . stdfoot( ) ;
die ;
}
/**
* @action Create Invites
*/
elseif ( $do == 'create_invite' ) {
if ( $CURUSER [ 'invites' ] <= 0 )
stderr( $lang [ 'invites_error' ] , $lang [ 'invites_noinvite' ] ) ;
if ( $CURUSER [ "invite_rights" ] == 'no' )
stderr( $lang [ 'invites_deny' ] , $lang [ 'invites_disabled' ] ) ;
$res = mysql_query ( "SELECT COUNT(*) FROM users" ) or sqlerr( __FILE__ , __LINE__ ) ;
$arr = mysql_fetch_row ( $res ) ;
if ( $arr [ 0 ] >= $TBDEV [ 'invites' ] )
stderr( $lang [ 'invites_error' ] , $lang [ 'invites_limit' ] ) ;
$invite = md5 ( mksecret( ) ) ;
mysql_query ( 'INSERT INTO invite_codes (sender, invite_added, code) VALUES ( ' . sqlesc( ( int) $CURUSER [ 'id' ] ) . ', ' . sqlesc( time ( ) ) . ', ' . sqlesc( $invite ) . ' )' ) or sqlerr( __FILE__ , __LINE__ ) ;
mysql_query ( 'UPDATE users SET invites = invites - 1 WHERE id = ' . sqlesc( $CURUSER [ 'id' ] ) ) or sqlerr( __FILE__ , __LINE__ ) ;
header ( "Location: ?do=view_page" ) ;
}
/**
* @action Send e-mail
*/
elseif ( $do == 'send_email' ) {
if ( $_SERVER [ "REQUEST_METHOD" ] == "POST" ) {
$email = ( isset ( $_POST [ 'email' ] ) ? htmlentities ( $_POST [ 'email' ] ) : '' ) ;
$invite = ( isset ( $_POST [ 'code' ] ) ? $_POST [ 'code' ] : '' ) ;
if ( ! $email ) stderr( $lang [ 'invites_error' ] , $lang [ 'invites_noemail' ] ) ;
$check = ( mysql_fetch_row ( mysql_query ( 'SELECT COUNT(*) FROM users WHERE email = ' . sqlesc( $email ) ) ) ) or sqlerr( __FILE__ , __LINE__ ) ;
if ( $check [ 0 ] != 0 ) stderr( 'Error' , 'This email address is already in use!' ) ;
if ( ! validemail( $email ) ) stderr( $lang [ 'invites_error' ] , $lang [ 'invites_invalidemail' ] ) ;
$inviter = htmlspecialchars ( $CURUSER [ 'username' ] ) ;
$body = <<
You have been invited to {$TBDEV['site_name']} by $inviter. They have
specified this address ($email) as your email. If you do not know this person, please ignore this email. Please do not reply.
This is a private site and you must agree to the rules before you can enter:
{$TBDEV['baseurl']}/useragreement.php
{$TBDEV['baseurl']}/rules.php
{$TBDEV['baseurl']}/faq.php
------------------------------------------------------------
To confirm your invitation, you have to follow this link and type the invite code:
{$TBDEV['baseurl']}/invite_signup.php
Invite Code: $invite
------------------------------------------------------------
After you do this, your inviter need's to confirm your account.
We urge you to read the RULES and FAQ before you start using {$TBDEV['site_name']}.
EOD ;
$sendit = mail ( $email , "You have been invited to {$TBDEV['site_name']} " , $body , "From: {$TBDEV['site_email']} " , "-f{$TBDEV['site_email']} " ) ;
if ( ! $sendit ) stderr( $lang [ 'invites_error' ] , $lang [ 'invites_unable' ] ) ;
else stderr( '' , $lang [ 'invites_confirmation' ] ) ; }
$id = ( isset ( $_GET [ 'id' ] ) ? ( int) $_GET [ 'id' ] : ( isset ( $_POST [ 'id' ] ) ? ( int) $_POST [ 'id' ] : '' ) ) ;
if ( ! is_valid_id( $id ) ) stderr( $lang [ 'invites_error' ] , $lang [ 'invites_invalid' ] ) ;
$query = mysql_query ( 'SELECT * FROM invite_codes WHERE id = ' . sqlesc( $id ) . ' AND sender = ' . sqlesc( $CURUSER [ 'id' ] ) . ' AND status = "Pending"' ) or sqlerr( __FILE__ , __LINE__ ) ;
$fetch = mysql_fetch_assoc ( $query ) or stderr( $lang [ 'invites_error' ] , $lang [ 'invites_noexsist' ] ) ;
$HTMLOUT .= "" ;
print stdhead( 'Invites' ) . $HTMLOUT . stdfoot( ) ;
}
/**
* @action Delete Invites
*/
elseif ( $do == 'delete_invite' ) {
$id = ( isset ( $_GET [ "id" ] ) ? ( int) $_GET [ "id" ] : ( isset ( $_POST [ "id" ] ) ? ( int) $_POST [ "id" ] : '' ) ) ;
$query = mysql_query ( 'SELECT * FROM invite_codes WHERE id = ' . sqlesc( $id ) . ' AND sender = ' . sqlesc( $CURUSER [ 'id' ] ) . ' AND status = "Pending"' ) or sqlerr( __FILE__ , __LINE__ ) ;
$assoc = mysql_fetch_assoc ( $query ) ;
if ( ! $assoc )
stderr( $lang [ 'invites_error' ] , $lang [ 'invites_noexsist' ] ) ;
isset ( $_GET [ 'sure' ] ) && $sure = htmlspecialchars ( $_GET [ 'sure' ] ) ;
if ( ! $sure )
stderr( $lang [ 'invites_delete1' ] , $lang [ 'invites_sure' ] . ' Click . $_SERVER [ 'PHP_SELF' ] . '?do=delete_invite&id=' . $id . '&sender=' . $CURUSER [ 'id' ] . '&sure=yes">here to delete it or here to go back.' ) ;
mysql_query ( 'DELETE FROM invite_codes WHERE id = ' . sqlesc( $id ) . ' AND sender =' . sqlesc( $CURUSER [ 'id' ] . ' AND status = "Pending"' ) ) or sqlerr( __FILE__ , __LINE__ ) ;
mysql_query ( 'UPDATE users SET invites = invites + 1 WHERE id = ' . sqlesc( $CURUSER [ 'id' ] ) ) or sqlerr( __FILE__ , __LINE__ ) ;
header ( "Location: ?do=view_page" ) ;
}
/**
* @action Confirm Accounts
*/
elseif ( $do = 'confirm_account' ) {
$userid = ( isset ( $_GET [ "userid" ] ) ? ( int) $_GET [ "userid" ] : ( isset ( $_POST [ "userid" ] ) ? ( int) $_POST [ "userid" ] : '' ) ) ;
if ( ! is_valid_id( $userid ) )
stderr( $lang [ 'invites_error' ] , $lang [ 'invites_invalid' ] ) ;
$select = mysql_query ( 'SELECT id, username FROM users WHERE id = ' . sqlesc( $userid ) . ' AND invitedby = ' . sqlesc( $CURUSER [ 'id' ] ) ) or sqlerr( __FILE__ , __LINE__ ) ;
$assoc = mysql_fetch_assoc ( $select ) ;
if ( ! $assoc )
stderr( $lang [ 'invites_error' ] , $lang [ 'invites_errorid' ] ) ;
isset ( $_GET [ 'sure' ] ) && $sure = htmlspecialchars ( $_GET [ 'sure' ] ) ;
if ( ! $sure )
stderr( $lang [ 'invites_confirm1' ] , $lang [ 'invites_sure1' ] . ' ' . htmlspecialchars ( $assoc [ 'username' ] ) . '\'s account? Click . $userid . '&sender=' . $CURUSER [ 'id' ] . '&sure=yes">here to confirm it or here to go back.' ) ;
mysql_query ( 'UPDATE users SET status = "confirmed" WHERE id = ' . sqlesc( $userid ) . ' AND invitedby = ' . sqlesc( $CURUSER [ 'id' ] ) . ' AND status="pending"' ) or sqlerr( __FILE__ , __LINE__ ) ;
//==pm to new invitee/////
$msg = sqlesc( "Hey there :wave:
Welcome to {$TBDEV['site_name']} !
We have made many changes to the site, and we hope you enjoy them!
We have been working hard to make {$TBDEV['site_name']} somethin' special!
{$TBDEV['site_name']} has a strong community (just check out forums), and is a feature rich site. We hope you'll join in on all the fun!
Be sure to read the {$TBDEV['baseurl']} /rules.php]Rules and {$TBDEV['baseurl']} [/COLOR]/faq.php]FAQ before you start using the site.[/COLOR]
We are a strong friendly community here {$TBDEV['site_name']} is so much more then just torrents.
Just for kicks, we've started you out with 200.0 Karma Bonus Points, and a couple of bonus GB to get ya started!
so, enjoy
cheers,
{$TBDEV['site_name']} Staff") ;
$id = $assoc [ "id" ] ;
$subject = sqlesc( "Welcome to {$TBDEV['site_name']} !" ) ;
$added = sqlesc( time ( ) ) ;
mysql_query ( "INSERT INTO messages (sender, subject, receiver, msg, added) VALUES (0, $subject , $id , $msg , $added )" ) or sqlerr( __FILE__ , __LINE__ ) ;
///////////////////end////////////
header ( "Location: ?do=view_page" ) ;
}
?>
invite_signup.php :
Code: [Select]
require_once( 'include/bittorrent.php' );
require_once( 'include/user_functions.php' );
require_once( 'cache/timezones.php' );
require_once( 'include/page_verify.php' );
dbconn ();
get_template ();
$stdfoot = array( /** include js **/ 'js' => array( 'check' , 'jquery.pstrength-min.1.2' ));
$lang = array_merge ( load_language ( 'global' ), load_language ( 'signup' ) );
$newpage = new page_verify ();
$newpage -> create ( 'tkIs' );
$res = mysql_query ( "SELECT COUNT(*) FROM users" ) or sqlerr ( __FILE__ , __LINE__ );
$arr = mysql_fetch_row ( $res );
if ( $arr [ 0 ] >= $TBDEV [ 'maxusers' ])
stderr ( "Sorry" , "The current user account limit (" . number_format ( $TBDEV [ 'maxusers' ]) . ") has been reached. Inactive accounts are pruned all the time, please check back again later..." );
if(! $TBDEV [ 'openreg' ])
stderr ( 'Sorry' , 'Invite only - Signups are closed presently' );
// TIMEZONE STUFF
$offset = (string) $TBDEV [ 'time_offset' ];
$time_select = "" ;
foreach( $TZ as $off => $words )
{
if ( preg_match ( "/^time_(-?[\d\.]+)$/" , $off , $match ))
{
$time_select .= $match [ 1 ] == $offset ? " $words \n" : " $words \n" ;
}
}
$time_select .= "" ;
// TIMEZONE END
$HTMLOUT = '' ;
$HTMLOUT .= "
" ;
// Normal Entry Point...
$value = array( '...' , '...' , '...' , '...' , '...' , '...' );
$value [ rand ( 1 , count ( $value )- 1 )] = 'X' ;
$HTMLOUT .= "
Note: You need cookies enabled to sign up or log in.
" ;
print stdhead ( 'Invites' ) . $HTMLOUT . stdfoot ( $stdfoot );
?>
take_invite_signup.php :
Code: PHP
require_once ( 'include/bittorrent.php' ) ;
require_once ( 'include/user_functions.php' ) ;
require_once ( 'include/password_functions.php' ) ;
require_once ( 'include/page_verify.php' ) ;
dbconn( ) ;
get_template( ) ;
$lang = array_merge ( load_language( 'global' ) , load_language( 'takesignup' ) ) ;
$newpage = new page_verify( ) ;
$newpage -> check ( 'tkIs' ) ;
$res = mysql_query ( "SELECT COUNT(*) FROM users" ) or sqlerr( __FILE__ , __LINE__ ) ;
$arr = mysql_fetch_row ( $res ) ;
if ( $arr [ 0 ] >= $TBDEV [ 'maxusers' ] )
stderr( $lang [ 'stderr_errorhead' ] , sprintf ( $lang [ 'stderr_ulimit' ] , $TBDEV [ 'maxusers' ] ) ) ;
if ( ! mkglobal( "wantusername:wantpassword:passagain:email:invite:captchaSelection:submitme:passhint:hintanswer" ) )
die ( ) ;
if ( $submitme != 'X' )
stderr( 'Ha Ha' , 'You Missed, You plonker !' ) ;
if ( empty ( $captchaSelection ) || $_SESSION [ 'simpleCaptchaAnswer' ] != $captchaSelection ) {
header ( 'Location: invite_signup.php' ) ;
exit ( ) ;
}
function validusername( $username ) {
if ( $username == "" )
return false ;
// The following characters are allowed in user names
$allowedchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" ;
for ( $i = 0 ; $i < strlen ( $username ) ; ++ $i )
if ( strpos ( $allowedchars , $username [ $i ] ) === false )
return false ;
return true ;
}
if ( empty ( $wantusername ) || empty ( $wantpassword ) || empty ( $email ) || empty ( $invite ) || empty ( $passhint ) || empty ( $hintanswer ) )
stderr( "Error" , "Don't leave any fields blank." ) ;
if ( ! blacklist( $wantusername ) )
stderr( $lang [ 'takesignup_user_error' ] , sprintf ( $lang [ 'takesignup_badusername' ] , htmlspecialchars ( $wantusername ) ) ) ;
if ( strlen ( $wantusername ) > 12 )
stderr( "Error" , "Sorry, username is too long (max is 12 chars)" ) ;
if ( $wantpassword != $passagain )
stderr( "Error" , "The passwords didn't match! Must've typoed. Try again." ) ;
if ( strlen ( $wantpassword ) < 6 )
stderr( "Error" , "Sorry, password is too short (min is 6 chars)" ) ;
if ( strlen ( $wantpassword ) > 40 )
stderr( "Error" , "Sorry, password is too long (max is 40 chars)" ) ;
if ( $wantpassword == $wantusername )
stderr( "Error" , "Sorry, password cannot be same as user name." ) ;
if ( ! validemail( $email ) )
stderr( "Error" , "That doesn't look like a valid email address." ) ;
if ( ! validusername( $wantusername ) )
stderr( "Error" , "Invalid username." ) ;
// make sure user agrees to everything...
if ( $_POST [ "rulesverify" ] != "yes" || $_POST [ "faqverify" ] != "yes" || $_POST [ "ageverify" ] != "yes" )
stderr( "Error" , "Sorry, you're not qualified to become a member of this site." ) ;
// check if email addy is already in use
$a = ( @ mysql_fetch_row ( mysql_query ( 'SELECT COUNT(*) FROM users WHERE email = ' . sqlesc( $email ) ) ) ) or die ( mysql_error ( ) ) ;
if ( $a [ 0 ] != 0 )
stderr( 'Error' , 'The e-mail address ' . htmlspecialchars ( $email ) . ' is already in use.' ) ;
//=== check if ip addy is already in use
$c = ( @ mysql_fetch_row ( mysql_query ( "select count(*) from users where ip='" . $_SERVER [ 'REMOTE_ADDR' ] . "'" ) ) ) or die ( mysql_error ( ) ) ;
if ( $c [ 0 ] != 0 )
stderr( "Error" , "The ip " . $_SERVER [ 'REMOTE_ADDR' ] . " is already in use. We only allow one account per ip address." ) ;
// TIMEZONE STUFF
if ( isset ( $_POST [ "user_timezone" ] ) && preg_match ( '#^\-?\d{1,2}(?:\.\d{1,2})?$#' , $_POST [ 'user_timezone' ] ) )
{
$time_offset = sqlesc( $_POST [ 'user_timezone' ] ) ;
}
else
{
$time_offset = isset ( $TBDEV [ 'time_offset' ] ) ? sqlesc( $TBDEV [ 'time_offset' ] ) : '0' ; }
// have a stab at getting dst parameter?
$dst_in_use = localtime ( time ( ) + ( $time_offset * 3600 ) , true ) ;
// TIMEZONE STUFF END
$select_inv = mysql_query ( 'SELECT sender, receiver, status FROM invite_codes WHERE code = ' . sqlesc( $invite ) ) or die ( mysql_error ( ) ) ;
$rows = mysql_num_rows ( $select_inv ) ;
$assoc = mysql_fetch_assoc ( $select_inv ) ;
if ( $rows == 0 )
stderr( "Error" , "Invite not found.\n Please request a invite from one of our members." ) ;
if ( $assoc [ "receiver" ] != 0 )
stderr( "Error" , "Invite already taken.\n Please request a new one from your inviter." ) ;
$secret = mksecret( ) ;
$wantpasshash = make_passhash( $secret , md5 ( $wantpassword ) ) ;
$editsecret = ( ! $arr [ 0 ] ? "" : make_passhash_login_key( ) ) ;
$wanthintanswer = md5 ( $hintanswer ) ;
$new_user = mysql_query ( "INSERT INTO users (username, passhash, secret, passhint, hintanswer, editsecret, invitedby, email, " . ( ! $arr [ 0 ] ?"class, " : "" ) . "added, last_access, last_login, time_offset, dst_in_use) VALUES (" .
implode ( "," , array_map ( "sqlesc" , array ( $wantusername , $wantpasshash , $secret , $editsecret , $passhint , $wanthintanswer , ( int) $assoc [ 'sender' ] , $email ) ) ) .
", " . ( ! $arr [ 0 ] ?UC_SYSOP. ", " : "" ) . "'" . time ( ) . "','" . time ( ) . "','" . time ( ) . "', $time_offset , {$dst_in_use['tm_isdst']} )" ) ;
$message = "Welcome New {$TBDEV['site_name']} Member : - " . htmlspecialchars ( $wantusername ) . "" ;
if ( ! $new_user ) {
if ( mysql_errno ( ) == 1062 )
stderr( "Error" , "Username already exists!" ) ;
stderr( "Error" , "borked" ) ;
}
//===send PM to inviter
$sender = $assoc [ "sender" ] ;
$added = sqlesc( time ( ) ) ;
$msg = sqlesc( "Hey there [you] ! :wave:\n It seems that someone you invited to {$TBDEV['site_name']} has arrived ! :clap2: \n \n Please go to your {$TBDEV['baseurl']} /invite.php]Invite page to confirm them so they can log in.\n \n cheers\n "[/COLOR]) ;
$subject = sqlesc( "Someone you invited has arrived!" ) ;
mysql_query ( "INSERT INTO messages (sender, subject, receiver, msg, added) VALUES (0, $subject , $sender , $msg , $added )" ) or sqlerr( __FILE__ , __LINE__ ) ;
//////////////end/////////////////////
$id = mysql_insert_id ( ) ;
mysql_query ( 'UPDATE invite_codes SET receiver = ' . sqlesc( $id ) . ', status = "Confirmed" WHERE sender = ' . sqlesc( ( int) $assoc [ 'sender' ] ) . ' AND code = ' . sqlesc( $invite ) ) or sqlerr( __FILE__ , __LINE__ ) ;
write_log( 'User account ' . htmlspecialchars ( $wantusername ) . ' was created!' ) ;
autoshout( $message ) ;
stderr( 'Success' , 'Signup successfull, Your inviter needs to confirm your account now before you can use your account !' ) ;
?>
lang_invite_code.php :
Code: PHP
$lang = array (
#invite errors
'invites_error' => "Error" ,
'invites_deny' => "Denied" ,
'invites_limit' => "Sorry, user limit reached. Please try again later." ,
'invites_disabled' => "Your invite sending privileges has been disabled by the Staff!" ,
'invites_noinvite' => "No invites !" ,
'invites_invalidemail' => "That doesn't look like a valid email address." ,
'invites_noemail' => "You must enter an email address!" ,
'invites_unable' => "Unable to send mail. Please contact an administrator about this error." ,
'invites_confirmation' => "A confirmation email has been sent to the address you specified." ,
'invites_invalid' => "Invalid ID!" ,
'invites_noexsist' => "This invite code does not exist." ,
'invites_sure' => "Are you sure you want to delete this invite code?" ,
'invites_errorid' => "No user with this ID." ,
'invites_sure1' => "Are you sure you want to confirm" ,
#invites
'invites_users' => "Invited Users" ,
'invites_nousers' => "No Invitees Yet" ,
'invites_username' => "Username" ,
'invites_uploaded' => "Uploaded" ,
'invites_downloaded' => "Downloaded" ,
'invites_ratio' => "Ratio" ,
'invites_status' => "Status" ,
'invites_confirm' => "Confirm" ,
'invites_confirm1' => "Confirmed" ,
'invites_pend' => "Pending" ,
'invites_codes' => "Created Invite Codes" ,
'invites_nocodes' => "You have not created any invite codes at the moment!" ,
'invites_date' => "Created Date" ,
'invites_delete' => "Delete" ,
'invites_create' => "Create Invite Code" ,
'invites_send_code' => "Send Invite Code" ,
'invites_delete1' => "Delete Invite" ,
'invites_confirm1' => "Confirmed Account" ,
) ;
?>
Bump: Have a try at this a sit was posted for the 09 source and I know pytn bigjjoes and pdq all used this along the way..
Code:
mproved & Safer Number Key Invite System By Neptune.
Reworked for Tbdev 09
Xhtml Valid
The files are now up to date for 2009 final revision.
/**
* @sql
*/
Code: SQL
CREATE TABLE `invite_codes` (
`id` INT ( 10 ) UNSIGNED NOT NULL AUTO_INCREMENT ,
`sender` INT ( 10 ) UNSIGNED NOT NULL DEFAULT '0' ,
`receiver` VARCHAR ( 32 ) NOT NULL DEFAULT '0' ,
`code` VARCHAR ( 32 ) NOT NULL DEFAULT '' ,
`invite_added` INT ( 10 ) NOT NULL ,
`status` enum( 'Pending' , 'Confirmed' ) NOT NULL DEFAULT 'Pending' ,
PRIMARY KEY ( `id` ) ,
KEY `sender` ( `id` )
) ENGINE= MyISAM DEFAULT CHARSET= latin1 AUTO_INCREMENT = 1 ;
ALTER TABLE `users` ADD `invites` INT ( 10 ) UNSIGNED NOT NULL DEFAULT '1' ;
ALTER TABLE `users` ADD `invitedby` INT ( 10 ) UNSIGNED NOT NULL DEFAULT '0' ;
ALTER TABLE `users` ADD `invite_rights` enum( 'yes' , 'no' ) NOT NULL DEFAULT 'yes' ;
ALTER TABLE `users` ADD `invitees` VARCHAR ( 100 ) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL DEFAULT '' ;
/**
* @file config.php
*/
add after maxusers
Code: PHP
$TBDEV [ 'invites' ] = 3500 ; // set this to what you want
/**
* @file userdetails.php
*/
for displaying invitees
Code: PHP
if ( $CURUSER [ 'class' ] >= UC_MODERATOR && $user [ 'invitedby' ] > 0 || $user [ 'id' ] == $CURUSER [ 'id' ] && $user [ 'invitedby' ] > 0 ) {
$invitedby = mysql_query ( 'SELECT username FROM users WHERE id = ' . sqlesc( $user [ 'invitedby' ] ) ) ;
$invitedby2 = mysql_fetch_array ( $invitedby ) ;
$HTMLOUT .= "{$lang['userdetails_invby']} /userdetails.php?id=". $user [ 'invitedby' ] . "'>'" . htmlspecialchars ( $invitedby2 [ 'username' ] ) . "' " ; }
Or the old original code :
Code: PHP
if ( $CURUSER [ "class" ] >= UC_MODERATOR && $user [ "invites" ] > 0 || $user [ "id" ] == $CURUSER [ "id" ] && $user [ "invites" ] > 0 )
$HTMLOUT .= "{$lang['userdetails_invites']} /invite.php'>". htmlspecialchars ( $user [ "invites" ] ) . " \n " ;
if ( $CURUSER [ "class" ] >= UC_MODERATOR && $user [ "invitedby" ] > 0 || $user [ "id" ] == $CURUSER [ "id" ] && $user [ "invitedby" ] > 0 )
{
$invitedby = mysql_query ( "SELECT username FROM users WHERE id=$user[invitedby] " ) ;
$invited_by2 = mysql_fetch_assoc ( $invitedby ) ;
$HTMLOUT .= "{$lang['userdetails_invby']} invited by/userdetails.php?id=$user[invitedby] '>$invited_by2[username] \n " ;
}
if ( $CURUSER [ "class" ] >= UC_MODERATOR && $user [ "invitees" ] > 0 || $user [ "id" ] == $CURUSER [ "id" ] && $user [ "invitees" ] > 0 )
{
$compl = $user [ "invitees" ] ;
$compl_list = explode ( " " , $compl ) ;
$arr = array ( ) ;
foreach ( $compl_list as $array_list )
$arr [ ] = $array_list ;
$compl_arr = array_reverse ( $arr , TRUE ) ;
$f = 0 ;
foreach ( $compl_arr as $user_id )
{
$compl_user = mysql_query ( "SELECT id, username FROM users WHERE id='$user_id ' and status='confirmed'" ) ;
$compl_users = mysql_fetch_assoc ( $compl_user ) ;
if ( $compl_users [ "id" ] > 0 )
{
$HTMLOUT .= "{$lang['userdetails_invitees']} ";
$compl = $user [ "invitees" ] ;
$compl_list = explode ( " " , $compl ) ;
$arr = array ( ) ;
foreach ( $compl_list as $array_list )
$arr [ ] = $array_list ;
$compl_arr = array_reverse ( $arr , TRUE ) ;
$i = 0 ;
foreach ( $compl_arr as $user_id )
{
$compl_user = mysql_query ( "SELECT id, username FROM users WHERE id='$user_id ' and status='confirmed' ORDER BY username" ) ;
$compl_users = mysql_fetch_assoc ( $compl_user ) ;
$HTMLOUT .= " /userdetails.php?id=" . $compl_users [ "id" ] . "'>" . $compl_users [ "username" ] . " " ;
if ( $i == "9" )
break ;
$i ++;
}
$HTMLOUT .= " " ;
$f = 1 ;
}
if ( $f == "1" )
break ;
}
}
@File lang/en/lang_userdetails.php :
Code: PHP
'userdetails_invites' => "Invites" ,
'userdetails_invitees' => "Invitees" ,
'userdetails_invby' => 'Invited by' ,
/**
* @file userdetails.php
*/
staff section, set invite on or off & invite amount
Code: PHP
$HTMLOUT .= "{$lang['userdetails_invright']} . ( $user [ "invite_rights" ] == "yes" ? " checked='checked'" : "" ) . " />{$lang['userdetails_yes']} . ( $user [ "invite_rights" ] == "no" ? " checked='checked'" : "" ) . " />{$lang['userdetails_no']} \n " ;
$HTMLOUT .= "{$lang['userdetails_invites']} ] ) . "' /> \n " ;
/**
* @file lang/en/lang_userdetails.php
*/
lang_userdetails.php add
Code: PHP
'userdetails_invright' => "Invite rights" ,
'userdetails_invites' => "Invites" ,
'userdetails_invby' => "Invited by" ,
/**
* @file modtask.php
*/
Code: PHP
// invite rights
if ( ( isset ( $_POST [ 'invite_rights' ] ) ) && ( ( $invite_rights = $_POST [ 'invite_rights' ] ) != $user [ 'invite_rights' ] ) ) {
if ( $invite_rights == 'yes' )
{
$modcomment = get_date( time ( ) , 'DATE' , 1 ) . " - Invite rights enabled by " . htmlspecialchars ( $CURUSER [ 'username' ] ) . ".\n " . $modcomment ;
$msg = sqlesc( "Your invite rights have been given back by " . htmlspecialchars ( $CURUSER [ 'username' ] ) . ". You can invite users again." ) ;
$added = time ( ) ;
mysql_query ( "INSERT INTO messages (sender, receiver, msg, added) VALUES (0, $userid , $msg , $added )" ) or sqlerr( __FILE__ , __LINE__ ) ;
}
elseif ( $invite_rights == 'no' ) {
$modcomment = get_date( time ( ) , 'DATE' , 1 ) . " - Invite rights disabled by " . htmlspecialchars ( $CURUSER [ 'username' ] ) . ".\n " . $modcomment ;
$msg = sqlesc( "Your invite rights have been removed by " . htmlspecialchars ( $CURUSER [ 'username' ] ) . ", probably because you invited a bad user." ) ;
$added = time ( ) ;
mysql_query ( "INSERT INTO messages (sender, receiver, msg, added) VALUES (0, $userid , $msg , $added )" ) or sqlerr( __FILE__ , __LINE__ ) ;
}
$updateset [ ] = "invite_rights = " . sqlesc( $invite_rights ) ;
}
// change invite amount
if ( ( isset ( $_POST [ 'invites' ] ) ) && ( ( $invites = $_POST [ 'invites' ] ) != ( $curinvites = $user [ 'invites' ] ) ) )
{
$modcomment = get_date( time ( ) , 'DATE' , 1 ) . " - Invite amount changed to " . $invites . " from " . $curinvites . " by " . htmlspecialchars ( $CURUSER [ 'username' ] ) . ".\n " . $modcomment ;
$updateset [ ] = "invites = " . sqlesc( $invites ) ;
}
/**
* @file bittorrent.php ~lines 906-907 to display invites
*/
Code: PHP
"$IsDonor $warn [ /logout.php'>{$lang['gl_logout']} ] $member_reputation ".
" Invites: /invite.php'>{$CURUSER['invites']}
@ file config under :
Code: PHP
$TBDEV [ 'invites' ] = 3500 ; // LoL Who we kiddin' here?
Add :
Code: PHP
$TBDEV [ 'openreg' ] = true ; //==true=open, false = closed
@ file signup.php under :
Code: PHP
$lang = array_merge ( load_language( 'global' ) , load_language( 'signup' ) ) ;
add :
Code: PHP
if ( ! $TBDEV [ 'openreg' ] )
stderr( 'Sorry' , 'Invite only - Signups are closed presently' ) ;
@ file takesignup.php under :
Code: PHP
$lang = array_merge ( load_language( 'global' ) , load_language( 'takesignup' ) ) ;
add :
Code: PHP
if ( ! $TBDEV [ 'openreg' ] )
stderr( 'Sorry' , 'Invite only - Signups are closed presently' ) ;
Then save upload the 4 files to root and that should be all.
invite.php :
Code: PHP
/*
+------------------------------------------------
| $Date$
| $Revision$ 09 Final
| $Invite
| $Author$ Neptune,Bigjoos
| $URL$
+------------------------------------------------
*/
require_once ( 'include/bittorrent.php' ) ;
require_once ( 'include/user_functions.php' ) ;
require_once ( 'include/password_functions.php' ) ;
dbconn( ) ;
loggedinorreturn( ) ;
$HTMLOUT = '' ;
$sure = '' ;
$lang = array_merge ( load_language( 'global' ) , load_language( 'invite_code' ) ) ;
$do = ( isset ( $_GET [ "do" ] ) ? $_GET [ "do" ] : ( isset ( $_POST [ "do" ] ) ? $_POST [ "do" ] : '' ) ) ;
$valid_actions = array ( 'create_invite' , 'delete_invite' , 'confirm_account' , 'view_page' , 'send_email' ) ;
$do = ( ( $do && in_array ( $do , $valid_actions , true ) ) ? $do : '' ) or header ( "Location: ?do=view_page" ) ;
/**
* @action Main Page
*/
if ( $do == 'view_page' ) {
$query = myysql_query( 'SELECT * FROM users WHERE invitedby = ' . sqlesc( $CURUSER [ 'id' ] ) ) or sqlerr( __FILE__ , __LINE__ ) ;
$rows = mysql_num_rows ( $query ) ;
$HTMLOUT = '' ;
$HTMLOUT .= "
{$lang['invites_users']} ";
if ( ! $rows ) {
$HTMLOUT .= "{$lang['invites_nousers']} " ;
} else {
$HTMLOUT .= "
{$lang['invites_username']}
{$lang['invites_uploaded']}
{$lang['invites_downloaded']}
{$lang['invites_ratio']}
{$lang['invites_status']}
{$lang['invites_confirm']}
" ;
for ( $i = 0 ; $i < $rows ; ++ $i ) {
$arr = mysql_fetch_assoc ( $query ) ;
if ( $arr [ 'status' ] == 'pending' )
$user = " " . htmlspecialchars ( $arr [ 'username' ] ) . " ";
else
$user = " /userdetails.php?id=$arr[id] '>" . htmlspecialchars ( $arr [ 'username' ] ) . "" . ( $arr [ "warned" ] == "yes" ? " warned.gif' border='0' alt='Warned' />" : "" ) . " " . ( $arr [ "enabled" ] == "no" ? " disabled.gif' border='0' alt='Disabled' />" : "" ) . " " . ( $arr [ "donor" ] == "yes" ? " star.gif' border='0' alt='Donor' />" : "" ) . " ";
if ( $arr [ 'downloaded' ] > 0 ) {
$ratio = number_format ( $arr [ 'uploaded' ] / $arr [ 'downloaded' ] , 3 ) ;
$ratio = "" . $ratio . " " ;
} else {
if ( $arr [ 'uploaded' ] > 0 ) {
$ratio = 'Inf.' ;
}
else {
$ratio = '---' ;
}
}
if ( $arr [ "status" ] == 'confirmed' )
$status = "{$lang['invites_confirm1']} " ;
else
$status = "{$lang['invites_pend']} " ;
$HTMLOUT .= "". $user . " " . mksize( $arr [ 'uploaded' ] ) . " " . mksize( $arr [ 'downloaded' ] ) . " ". $ratio . " ". $status . " ";
if ( $arr [ 'status' ] == 'pending' ) {
$HTMLOUT .= " ] . "&sender=" . $CURUSER [ 'id' ] . "'> confirm.png' alt='confirm' title='Confirm' border='0' /> " ;
}
else
$HTMLOUT .= " --- ";
}
}
$HTMLOUT .= "
";
$select = mysql_query ( "SELECT * FROM invite_codes WHERE sender = " . $CURUSER [ 'id' ] . " AND status = 'Pending'" ) or sqlerr( ) ;
$num_row = mysql_num_rows ( $select ) ;
$HTMLOUT .= "" ;
print stdhead( 'Invites' ) . $HTMLOUT . stdfoot( ) ;
die ;
}
/**
* @action Create Invites
*/
elseif ( $do == 'create_invite' ) {
if ( $CURUSER [ 'invites' ] <= 0 )
stderr( $lang [ 'invites_error' ] , $lang [ 'invites_noinvite' ] ) ;
if ( $CURUSER [ "invite_rights" ] == 'no' )
stderr( $lang [ 'invites_deny' ] , $lang [ 'invites_disabled' ] ) ;
$res = mysql_query ( "SELECT COUNT(*) FROM users" ) or sqlerr( __FILE__ , __LINE__ ) ;
$arr = mysql_fetch_row ( $res ) ;
if ( $arr [ 0 ] >= $TBDEV [ 'invites' ] )
stderr( $lang [ 'invites_error' ] , $lang [ 'invites_limit' ] ) ;
$invite = md5 ( mksecret( ) ) ;
mysql_query ( 'INSERT INTO invite_codes (sender, invite_added, code) VALUES ( ' . sqlesc( ( int) $CURUSER [ 'id' ] ) . ', ' . sqlesc( time ( ) ) . ', ' . sqlesc( $invite ) . ' )' ) or sqlerr( __FILE__ , __LINE__ ) ;
mysql_query ( 'UPDATE users SET invites = invites - 1 WHERE id = ' . sqlesc( $CURUSER [ 'id' ] ) ) or sqlerr( __FILE__ , __LINE__ ) ;
header ( "Location: ?do=view_page" ) ;
}
/**
* @action Send e-mail
*/
elseif ( $do == 'send_email' ) {
if ( $_SERVER [ "REQUEST_METHOD" ] == "POST" ) {
$email = ( isset ( $_POST [ 'email' ] ) ? htmlentities ( $_POST [ 'email' ] ) : '' ) ;
$invite = ( isset ( $_POST [ 'code' ] ) ? $_POST [ 'code' ] : '' ) ;
if ( ! $email ) stderr( $lang [ 'invites_error' ] , $lang [ 'invites_noemail' ] ) ;
$check = ( mysql_fetch_row ( mysql_query ( 'SELECT COUNT(*) FROM users WHERE email = ' . sqlesc( $email ) ) ) ) or sqlerr( __FILE__ , __LINE__ ) ;
if ( $check [ 0 ] != 0 ) stderr( 'Error' , 'This email address is already in use!' ) ;
if ( ! validemail( $email ) ) stderr( $lang [ 'invites_error' ] , $lang [ 'invites_invalidemail' ] ) ;
$inviter = htmlspecialchars ( $CURUSER [ 'username' ] ) ;
$body = <<
You have been invited to {$TBDEV['site_name']} by $inviter. They have
specified this address ($email) as your email. If you do not know this person, please ignore this email. Please do not reply.
This is a private site and you must agree to the rules before you can enter:
{$TBDEV['baseurl']}/useragreement.php
{$TBDEV['baseurl']}/rules.php
{$TBDEV['baseurl']}/faq.php
------------------------------------------------------------
To confirm your invitation, you have to follow this link and type the invite code:
{$TBDEV['baseurl']}/invite_signup.php
Invite Code: $invite
------------------------------------------------------------
After you do this, your inviter need's to confirm your account.
We urge you to read the RULES and FAQ before you start using {$TBDEV['site_name']}.
EOD ;
$sendit = mail ( $email , "You have been invited to {$TBDEV['site_name']} " , $body , "From: {$TBDEV['site_email']} " , "-f{$TBDEV['site_email']} " ) ;
if ( ! $sendit ) stderr( $lang [ 'invites_error' ] , $lang [ 'invites_unable' ] ) ;
else stderr( '' , $lang [ 'invites_confirmation' ] ) ; }
$id = ( isset ( $_GET [ 'id' ] ) ? ( int) $_GET [ 'id' ] : ( isset ( $_POST [ 'id' ] ) ? ( int) $_POST [ 'id' ] : '' ) ) ;
if ( ! is_valid_id( $id ) ) stderr( $lang [ 'invites_error' ] , $lang [ 'invites_invalid' ] ) ;
$query = mysql_query ( 'SELECT * FROM invite_codes WHERE id = ' . sqlesc( $id ) . ' AND sender = ' . sqlesc( $CURUSER [ 'id' ] ) . ' AND status = "Pending"' ) or sqlerr( __FILE__ , __LINE__ ) ;
$fetch = mysql_fetch_assoc ( $query ) or stderr( $lang [ 'invites_error' ] , $lang [ 'invites_noexsist' ] ) ;
$HTMLOUT .= "" ;
print stdhead( 'Invites' ) . $HTMLOUT . stdfoot( ) ;
}
/**
* @action Delete Invites
*/
elseif ( $do == 'delete_invite' ) {
$id = ( isset ( $_GET [ "id" ] ) ? ( int) $_GET [ "id" ] : ( isset ( $_POST [ "id" ] ) ? ( int) $_POST [ "id" ] : '' ) ) ;
$query = mysql_query ( 'SELECT * FROM invite_codes WHERE id = ' . sqlesc( $id ) . ' AND sender = ' . sqlesc( $CURUSER [ 'id' ] ) . ' AND status = "Pending"' ) or sqlerr( __FILE__ , __LINE__ ) ;
$assoc = mysql_fetch_assoc ( $query ) ;
if ( ! $assoc )
stderr( $lang [ 'invites_error' ] , $lang [ 'invites_noexsist' ] ) ;
isset ( $_GET [ 'sure' ] ) && $sure = htmlspecialchars ( $_GET [ 'sure' ] ) ;
if ( ! $sure )
stderr( $lang [ 'invites_delete1' ] , $lang [ 'invites_sure' ] . ' Click . $_SERVER [ 'PHP_SELF' ] . '?do=delete_invite&id=' . $id . '&sender=' . $CURUSER [ 'id' ] . '&sure=yes">here to delete it or here to go back.' ) ;
mysql_query ( 'DELETE FROM invite_codes WHERE id = ' . sqlesc( $id ) . ' AND sender =' . sqlesc( $CURUSER [ 'id' ] . ' AND status = "Pending"' ) ) or sqlerr( __FILE__ , __LINE__ ) ;
mysql_query ( 'UPDATE users SET invites = invites + 1 WHERE id = ' . sqlesc( $CURUSER [ 'id' ] ) ) or sqlerr( __FILE__ , __LINE__ ) ;
header ( "Location: ?do=view_page" ) ;
}
/**
* @action Confirm Accounts
*/
elseif ( $do = 'confirm_account' ) {
$userid = ( isset ( $_GET [ "userid" ] ) ? ( int) $_GET [ "userid" ] : ( isset ( $_POST [ "userid" ] ) ? ( int) $_POST [ "userid" ] : '' ) ) ;
if ( ! is_valid_id( $userid ) )
stderr( $lang [ 'invites_error' ] , $lang [ 'invites_invalid' ] ) ;
$select = mysql_query ( 'SELECT id, username FROM users WHERE id = ' . sqlesc( $userid ) . ' AND invitedby = ' . sqlesc( $CURUSER [ 'id' ] ) ) or sqlerr( __FILE__ , __LINE__ ) ;
$assoc = mysql_fetch_assoc ( $select ) ;
if ( ! $assoc )
stderr( $lang [ 'invites_error' ] , $lang [ 'invites_errorid' ] ) ;
isset ( $_GET [ 'sure' ] ) && $sure = htmlspecialchars ( $_GET [ 'sure' ] ) ;
if ( ! $sure )
stderr( $lang [ 'invites_confirm1' ] , $lang [ 'invites_sure1' ] . ' ' . htmlspecialchars ( $assoc [ 'username' ] ) . '\'s account? Click . $userid . '&sender=' . $CURUSER [ 'id' ] . '&sure=yes">here to confirm it or here to go back.' ) ;
mysql_query ( 'UPDATE users SET status = "confirmed" WHERE id = ' . sqlesc( $userid ) . ' AND invitedby = ' . sqlesc( $CURUSER [ 'id' ] ) . ' AND status="pending"' ) or sqlerr( __FILE__ , __LINE__ ) ;
//==pm to new invitee/////
$msg = sqlesc( "Hey there :wave:
Welcome to {$TBDEV['site_name']} !
We have made many changes to the site, and we hope you enjoy them!
We have been working hard to make {$TBDEV['site_name']} somethin' special!
{$TBDEV['site_name']} has a strong community (just check out forums), and is a feature rich site. We hope you'll join in on all the fun!
Be sure to read the {$TBDEV['baseurl']} /rules.php]Rules and {$TBDEV['baseurl']} [/COLOR]/faq.php]FAQ before you start using the site.[/COLOR]
We are a strong friendly community here {$TBDEV['site_name']} is so much more then just torrents.
Just for kicks, we've started you out with 200.0 Karma Bonus Points, and a couple of bonus GB to get ya started!
so, enjoy
cheers,
{$TBDEV['site_name']} Staff") ;
$id = $assoc [ "id" ] ;
$subject = sqlesc( "Welcome to {$TBDEV['site_name']} !" ) ;
$added = sqlesc( time ( ) ) ;
mysql_query ( "INSERT INTO messages (sender, subject, receiver, msg, added) VALUES (0, $subject , $id , $msg , $added )" ) or sqlerr( __FILE__ , __LINE__ ) ;
///////////////////end////////////
header ( "Location: ?do=view_page" ) ;
}
?>
invite_signup.php :
Code: [Select]
require_once( 'include/bittorrent.php' );
require_once( 'include/user_functions.php' );
require_once( 'cache/timezones.php' );
require_once( 'include/page_verify.php' );
dbconn ();
get_template ();
$stdfoot = array( /** include js **/ 'js' => array( 'check' , 'jquery.pstrength-min.1.2' ));
$lang = array_merge ( load_language ( 'global' ), load_language ( 'signup' ) );
$newpage = new page_verify ();
$newpage -> create ( 'tkIs' );
$res = mysql_query ( "SELECT COUNT(*) FROM users" ) or sqlerr ( __FILE__ , __LINE__ );
$arr = mysql_fetch_row ( $res );
if ( $arr [ 0 ] >= $TBDEV [ 'maxusers' ])
stderr ( "Sorry" , "The current user account limit (" . number_format ( $TBDEV [ 'maxusers' ]) . ") has been reached. Inactive accounts are pruned all the time, please check back again later..." );
if(! $TBDEV [ 'openreg' ])
stderr ( 'Sorry' , 'Invite only - Signups are closed presently' );
// TIMEZONE STUFF
$offset = (string) $TBDEV [ 'time_offset' ];
$time_select = "" ;
foreach( $TZ as $off => $words )
{
if ( preg_match ( "/^time_(-?[\d\.]+)$/" , $off , $match ))
{
$time_select .= $match [ 1 ] == $offset ? " $words \n" : " $words \n" ;
}
}
$time_select .= "" ;
// TIMEZONE END
$HTMLOUT = '' ;
$HTMLOUT .= "
" ;
// Normal Entry Point...
$value = array( '...' , '...' , '...' , '...' , '...' , '...' );
$value [ rand ( 1 , count ( $value )- 1 )] = 'X' ;
$HTMLOUT .= "
Note: You need cookies enabled to sign up or log in.
" ;
print stdhead ( 'Invites' ) . $HTMLOUT . stdfoot ( $stdfoot );
?>
take_invite_signup.php :
Code: PHP
require_once ( 'include/bittorrent.php' ) ;
require_once ( 'include/user_functions.php' ) ;
require_once ( 'include/password_functions.php' ) ;
require_once ( 'include/page_verify.php' ) ;
dbconn( ) ;
get_template( ) ;
$lang = array_merge ( load_language( 'global' ) , load_language( 'takesignup' ) ) ;
$newpage = new page_verify( ) ;
$newpage -> check ( 'tkIs' ) ;
$res = mysql_query ( "SELECT COUNT(*) FROM users" ) or sqlerr( __FILE__ , __LINE__ ) ;
$arr = mysql_fetch_row ( $res ) ;
if ( $arr [ 0 ] >= $TBDEV [ 'maxusers' ] )
stderr( $lang [ 'stderr_errorhead' ] , sprintf ( $lang [ 'stderr_ulimit' ] , $TBDEV [ 'maxusers' ] ) ) ;
if ( ! mkglobal( "wantusername:wantpassword:passagain:email:invite:captchaSelection:submitme:passhint:hintanswer" ) )
die ( ) ;
if ( $submitme != 'X' )
stderr( 'Ha Ha' , 'You Missed, You plonker !' ) ;
if ( empty ( $captchaSelection ) || $_SESSION [ 'simpleCaptchaAnswer' ] != $captchaSelection ) {
header ( 'Location: invite_signup.php' ) ;
exit ( ) ;
}
function validusername( $username ) {
if ( $username == "" )
return false ;
// The following characters are allowed in user names
$allowedchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" ;
for ( $i = 0 ; $i < strlen ( $username ) ; ++ $i )
if ( strpos ( $allowedchars , $username [ $i ] ) === false )
return false ;
return true ;
}
if ( empty ( $wantusername ) || empty ( $wantpassword ) || empty ( $email ) || empty ( $invite ) || empty ( $passhint ) || empty ( $hintanswer ) )
stderr( "Error" , "Don't leave any fields blank." ) ;
if ( ! blacklist( $wantusername ) )
stderr( $lang [ 'takesignup_user_error' ] , sprintf ( $lang [ 'takesignup_badusername' ] , htmlspecialchars ( $wantusername ) ) ) ;
if ( strlen ( $wantusername ) > 12 )
stderr( "Error" , "Sorry, username is too long (max is 12 chars)" ) ;
if ( $wantpassword != $passagain )
stderr( "Error" , "The passwords didn't match! Must've typoed. Try again." ) ;
if ( strlen ( $wantpassword ) < 6 )
stderr( "Error" , "Sorry, password is too short (min is 6 chars)" ) ;
if ( strlen ( $wantpassword ) > 40 )
stderr( "Error" , "Sorry, password is too long (max is 40 chars)" ) ;
if ( $wantpassword == $wantusername )
stderr( "Error" , "Sorry, password cannot be same as user name." ) ;
if ( ! validemail( $email ) )
stderr( "Error" , "That doesn't look like a valid email address." ) ;
if ( ! validusername( $wantusername ) )
stderr( "Error" , "Invalid username." ) ;
// make sure user agrees to everything...
if ( $_POST [ "rulesverify" ] != "yes" || $_POST [ "faqverify" ] != "yes" || $_POST [ "ageverify" ] != "yes" )
stderr( "Error" , "Sorry, you're not qualified to become a member of this site." ) ;
// check if email addy is already in use
$a = ( @ mysql_fetch_row ( mysql_query ( 'SELECT COUNT(*) FROM users WHERE email = ' . sqlesc( $email ) ) ) ) or die ( mysql_error ( ) ) ;
if ( $a [ 0 ] != 0 )
stderr( 'Error' , 'The e-mail address ' . htmlspecialchars ( $email ) . ' is already in use.' ) ;
//=== check if ip addy is already in use
$c = ( @ mysql_fetch_row ( mysql_query ( "select count(*) from users where ip='" . $_SERVER [ 'REMOTE_ADDR' ] . "'" ) ) ) or die ( mysql_error ( ) ) ;
if ( $c [ 0 ] != 0 )
stderr( "Error" , "The ip " . $_SERVER [ 'REMOTE_ADDR' ] . " is already in use. We only allow one account per ip address." ) ;
// TIMEZONE STUFF
if ( isset ( $_POST [ "user_timezone" ] ) && preg_match ( '#^\-?\d{1,2}(?:\.\d{1,2})?$#' , $_POST [ 'user_timezone' ] ) )
{
$time_offset = sqlesc( $_POST [ 'user_timezone' ] ) ;
}
else
{
$time_offset = isset ( $TBDEV [ 'time_offset' ] ) ? sqlesc( $TBDEV [ 'time_offset' ] ) : '0' ; }
// have a stab at getting dst parameter?
$dst_in_use = localtime ( time ( ) + ( $time_offset * 3600 ) , true ) ;
// TIMEZONE STUFF END
$select_inv = mysql_query ( 'SELECT sender, receiver, status FROM invite_codes WHERE code = ' . sqlesc( $invite ) ) or die ( mysql_error ( ) ) ;
$rows = mysql_num_rows ( $select_inv ) ;
$assoc = mysql_fetch_assoc ( $select_inv ) ;
if ( $rows == 0 )
stderr( "Error" , "Invite not found.\n Please request a invite from one of our members." ) ;
if ( $assoc [ "receiver" ] != 0 )
stderr( "Error" , "Invite already taken.\n Please request a new one from your inviter." ) ;
$secret = mksecret( ) ;
$wantpasshash = make_passhash( $secret , md5 ( $wantpassword ) ) ;
$editsecret = ( ! $arr [ 0 ] ? "" : make_passhash_login_key( ) ) ;
$wanthintanswer = md5 ( $hintanswer ) ;
$new_user = mysql_query ( "INSERT INTO users (username, passhash, secret, passhint, hintanswer, editsecret, invitedby, email, " . ( ! $arr [ 0 ] ?"class, " : "" ) . "added, last_access, last_login, time_offset, dst_in_use) VALUES (" .
implode ( "," , array_map ( "sqlesc" , array ( $wantusername , $wantpasshash , $secret , $editsecret , $passhint , $wanthintanswer , ( int) $assoc [ 'sender' ] , $email ) ) ) .
", " . ( ! $arr [ 0 ] ?UC_SYSOP. ", " : "" ) . "'" . time ( ) . "','" . time ( ) . "','" . time ( ) . "', $time_offset , {$dst_in_use['tm_isdst']} )" ) ;
$message = "Welcome New {$TBDEV['site_name']} Member : - " . htmlspecialchars ( $wantusername ) . "" ;
if ( ! $new_user ) {
if ( mysql_errno ( ) == 1062 )
stderr( "Error" , "Username already exists!" ) ;
stderr( "Error" , "borked" ) ;
}
//===send PM to inviter
$sender = $assoc [ "sender" ] ;
$added = sqlesc( time ( ) ) ;
$msg = sqlesc( "Hey there [you] ! :wave:\n It seems that someone you invited to {$TBDEV['site_name']} has arrived ! :clap2: \n \n Please go to your {$TBDEV['baseurl']} /invite.php]Invite page to confirm them so they can log in.\n \n cheers\n "[/COLOR]) ;
$subject = sqlesc( "Someone you invited has arrived!" ) ;
mysql_query ( "INSERT INTO messages (sender, subject, receiver, msg, added) VALUES (0, $subject , $sender , $msg , $added )" ) or sqlerr( __FILE__ , __LINE__ ) ;
//////////////end/////////////////////
$id = mysql_insert_id ( ) ;
mysql_query ( 'UPDATE invite_codes SET receiver = ' . sqlesc( $id ) . ', status = "Confirmed" WHERE sender = ' . sqlesc( ( int) $assoc [ 'sender' ] ) . ' AND code = ' . sqlesc( $invite ) ) or sqlerr( __FILE__ , __LINE__ ) ;
write_log( 'User account ' . htmlspecialchars ( $wantusername ) . ' was created!' ) ;
autoshout( $message ) ;
stderr( 'Success' , 'Signup successfull, Your inviter needs to confirm your account now before you can use your account !' ) ;
?>
lang_invite_code.php :
Code: PHP
$lang = array (
#invite errors
'invites_error' => "Error" ,
'invites_deny' => "Denied" ,
'invites_limit' => "Sorry, user limit reached. Please try again later." ,
'invites_disabled' => "Your invite sending privileges has been disabled by the Staff!" ,
'invites_noinvite' => "No invites !" ,
'invites_invalidemail' => "That doesn't look like a valid email address." ,
'invites_noemail' => "You must enter an email address!" ,
'invites_unable' => "Unable to send mail. Please contact an administrator about this error." ,
'invites_confirmation' => "A confirmation email has been sent to the address you specified." ,
'invites_invalid' => "Invalid ID!" ,
'invites_noexsist' => "This invite code does not exist." ,
'invites_sure' => "Are you sure you want to delete this invite code?" ,
'invites_errorid' => "No user with this ID." ,
'invites_sure1' => "Are you sure you want to confirm" ,
#invites
'invites_users' => "Invited Users" ,
'invites_nousers' => "No Invitees Yet" ,
'invites_username' => "Username" ,
'invites_uploaded' => "Uploaded" ,
'invites_downloaded' => "Downloaded" ,
'invites_ratio' => "Ratio" ,
'invites_status' => "Status" ,
'invites_confirm' => "Confirm" ,
'invites_confirm1' => "Confirmed" ,
'invites_pend' => "Pending" ,
'invites_codes' => "Created Invite Codes" ,
'invites_nocodes' => "You have not created any invite codes at the moment!" ,
'invites_date' => "Created Date" ,
'invites_delete' => "Delete" ,
'invites_create' => "Create Invite Code" ,
'invites_send_code' => "Send Invite Code" ,
'invites_delete1' => "Delete Invite" ,
'invites_confirm1' => "Confirmed Account" ,
) ;
?>