Bravo List
Register
Go Back   > Bravo List > Source Code > Archived Trackers > TBDev
Reply
  #1  
Old 5th April 2014, 20:35
gh0st gh0st is offline
Member
 
Join Date: Apr 2014
P2P
Posts: 3
Default Disabling Sign Ups / Invite Only
Hey guys. I recently just installed TBdev (TBDev.2009(Final).rev.295) on my CentOS/Apache server and it seems to be running fine so far. The only problem I'm running into is the extreme lack of Admin control and functionality. I do see the "Admin" link, but the controls listed are very few.

One of the most important things I'd like to implement on my tracker is the ability to either (1) close sign ups and use an invite system or (2) disable registration altogether and only I would be able to add users manually. However I don't see anything where I can change that within the Admin control panel and I'm not sure if I'm supposed to add/edit code in one of the PHP files to accomplish this.

If anyone could assist, that would be most helpful! Thanks.
Reply With Quote
  #2  
Old 5th April 2014, 21:53
Krypto Krypto is offline
Retired from BVList
 
Join Date: Jan 2008
P2P
Posts: 510
Default
In include/config.php you just need to change the value of the below.

Code:
$TBDEV['maxusers'] = 5000; // LoL Who we kiddin' here?
So if you didn't want to install the Invite Mod all you'd have to do is change the above value to 1, then you could just use the Add User in the Staff Section.
Reply With Quote
  #3  
Old 5th April 2014, 21:58
gh0st gh0st is offline
Member
 
Join Date: Apr 2014
P2P
Posts: 3
Default
Hi Krypto, thanks for the reply! That's good to know I can just decrease the "maxusers" to accomplish what I'm looking for - however I'm interested in the "Invite Mod" you referred to...

Before making this, I searched the forums and the closest thing I could come up with is this thread (what costy22it posted), but right under that Bigjoos mentions that it wouldn't work. Do you mind pointing me in the right direction for this mod? Apparently my searching skills just suck.
Reply With Quote
  #4  
Old 10th April 2014, 05:19
Joe Joe is offline
Senior Member
 
Join Date: Apr 2010
P2P
Posts: 167
Default
Have a try at this a sit was posted for the 09 source and I know pytn bigjjoes and pdq all used this along the way..


Code:
mproved & Safer Number Key Invite System By Neptune. 
Reworked for Tbdev 09
Xhtml Valid

The files are now up to date for 2009 final revision.

/**
* @sql
*/
Code: SQL
  1. CREATE TABLE `invite_codes` (
  2. `id` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT,
  3. `sender` INT(10) UNSIGNED NOT NULL DEFAULT '0',
  4. `receiver` VARCHAR(32) NOT NULL DEFAULT '0',
  5. `code` VARCHAR(32) NOT NULL DEFAULT '',
  6. `invite_added` INT(10) NOT NULL,
  7. `status` enum('Pending','Confirmed') NOT NULL DEFAULT 'Pending',
  8. PRIMARY KEY (`id`),
  9. KEY `sender` (`id`)
  10. ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
  11. ALTER TABLE `users` ADD `invites` INT(10) UNSIGNED NOT NULL DEFAULT '1';
  12. ALTER TABLE `users` ADD `invitedby` INT(10) UNSIGNED NOT NULL DEFAULT '0';
  13. ALTER TABLE `users` ADD `invite_rights` enum('yes','no') NOT NULL DEFAULT 'yes';
  14. ALTER TABLE `users` ADD `invitees` VARCHAR(100) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL DEFAULT '';
/** * @file config.php */ add after maxusers Code: PHP
  1. $TBDEV['invites'] = 3500; // set this to what you want
/** * @file userdetails.php */ for displaying invitees Code: PHP
  1. if ($CURUSER['class'] >= UC_MODERATOR && $user['invitedby'] > 0 || $user['id'] == $CURUSER['id'] && $user['invitedby'] > 0) {
  2. $invitedby = mysql_query('SELECT username FROM users WHERE id = ' . sqlesc($user['invitedby']));
  3. $invitedby2 = mysql_fetch_array($invitedby);
  4. $HTMLOUT .= "<tr><td class='rowhead'>{$lang['userdetails_invby']}</td><td align='left'><a href='{$TBDEV['baseurl']}/userdetails.php?id=".$user['invitedby']."'>'".htmlspecialchars($invitedby2['username'])."'</a></td></tr>"; }
Or the old original code : Code: PHP
  1. if ($CURUSER["class"] >= UC_MODERATOR && $user["invites"] > 0 || $user["id"] == $CURUSER["id"] && $user["invites"] > 0)
  2. $HTMLOUT .="<tr><td class='rowhead'>{$lang['userdetails_invites']}</td><td align='left'><a href='{$TBDEV['baseurl']}/invite.php'>".htmlspecialchars($user["invites"])."</a></td></tr>\n";
  3. if ($CURUSER["class"] >= UC_MODERATOR && $user["invitedby"] > 0 || $user["id"] == $CURUSER["id"] && $user["invitedby"] > 0)
  4. {
  5. $invitedby = mysql_query("SELECT username FROM users WHERE id=$user[invitedby]");
  6. $invited_by2 = mysql_fetch_assoc($invitedby);
  7. $HTMLOUT .="<tr><td class='rowhead'>{$lang['userdetails_invby']}invited by</td><td align='left'><a href='{$TBDEV['baseurl']}/userdetails.php?id=$user[invitedby]'>$invited_by2[username]</a></td></tr>\n";
  8. }
  9. if ($CURUSER["class"] >= UC_MODERATOR && $user["invitees"] > 0 || $user["id"] == $CURUSER["id"] && $user["invitees"] > 0)
  10. {
  11. $compl = $user["invitees"];
  12. $compl_list = explode(" ", $compl);
  13. $arr = array();
  14. foreach($compl_list as $array_list)
  15. $arr[] = $array_list;
  16. $compl_arr = array_reverse($arr, TRUE);
  17. $f=0;
  18. foreach($compl_arr as $user_id)
  19. {
  20. $compl_user = mysql_query("SELECT id, username FROM users WHERE id='$user_id' and status='confirmed'");
  21. $compl_users = mysql_fetch_assoc($compl_user);
  22. if ($compl_users["id"] > 0)
  23. {
  24. $HTMLOUT .="<tr><td class='rowhead' width='1%'>{$lang['userdetails_invitees']}</td><td>";
  25. $compl = $user["invitees"];
  26. $compl_list = explode(" ", $compl);
  27. $arr = array();
  28. foreach($compl_list as $array_list)
  29. $arr[] = $array_list;
  30. $compl_arr = array_reverse($arr, TRUE);
  31. $i = 0;
  32. foreach($compl_arr as $user_id)
  33. {
  34. $compl_user = mysql_query("SELECT id, username FROM users WHERE id='$user_id' and status='confirmed' ORDER BY username");
  35. $compl_users = mysql_fetch_assoc($compl_user);
  36. $HTMLOUT .="<a href='{$TBDEV['baseurl']}/userdetails.php?id=" . $compl_users["id"] . "'>" . $compl_users["username"] . "</a> ";
  37. if ($i == "9")
  38. break;
  39. $i++;
  40. }
  41. $HTMLOUT .="</td></tr>";
  42. $f = 1;
  43. }
  44. if ($f == "1")
  45. break;
  46. }
  47. }
@File lang/en/lang_userdetails.php : Code: PHP
  1. 'userdetails_invites' => "Invites",
  2. 'userdetails_invitees' => "Invitees",
  3. 'userdetails_invby' => 'Invited by',
/** * @file userdetails.php */ staff section, set invite on or off & invite amount Code: PHP
  1. $HTMLOUT .= "<tr><td class='rowhead'>{$lang['userdetails_invright']}</td><td class='row' colspan='2' align='left'><input type='radio' name='invite_rights' value='yes'" .($user["invite_rights"]=="yes" ? " checked='checked'" : "") . " />{$lang['userdetails_yes']}<input type='radio' name='invite_rights' value='no'" .($user["invite_rights"]=="no" ? " checked='checked'" : "") . " />{$lang['userdetails_no']}</td></tr>\n";
  2. $HTMLOUT .= "<tr><td class='rowhead' align='right'><b>{$lang['userdetails_invites']}</b></td><td colspan='2' align='left' class='rowhead'><input type='text' size='3' name='invites' value='" . htmlspecialchars($user['invites']) . "' /></td></tr>\n";
/** * @file lang/en/lang_userdetails.php */ lang_userdetails.php add Code: PHP
  1. 'userdetails_invright' => "Invite rights",
  2. 'userdetails_invites' => "Invites",
  3. 'userdetails_invby' => "Invited by",
/** * @file modtask.php */ Code: PHP
  1. // invite rights
  2. if ((isset($_POST['invite_rights'])) && (($invite_rights = $_POST['invite_rights']) != $user['invite_rights'])){
  3. if ($invite_rights == 'yes')
  4. {
  5. $modcomment = get_date( time(), 'DATE', 1 ) . " - Invite rights enabled by " . htmlspecialchars($CURUSER['username']) . ".\n" . $modcomment;
  6. $msg = sqlesc("Your invite rights have been given back by " . htmlspecialchars($CURUSER['username']) . ". You can invite users again.");
  7. $added = time();
  8. mysql_query("INSERT INTO messages (sender, receiver, msg, added) VALUES (0, $userid, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  9. }
  10. elseif ($invite_rights == 'no'){
  11. $modcomment = get_date( time(), 'DATE', 1 ) . " - Invite rights disabled by " . htmlspecialchars($CURUSER['username']) . ".\n" . $modcomment;
  12. $msg = sqlesc("Your invite rights have been removed by " . htmlspecialchars($CURUSER['username']) . ", probably because you invited a bad user.");
  13. $added = time();
  14. mysql_query("INSERT INTO messages (sender, receiver, msg, added) VALUES (0, $userid, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  15. }
  16. $updateset[] = "invite_rights = " . sqlesc($invite_rights);
  17. }
  18. // change invite amount
  19. if ((isset($_POST['invites'])) && (($invites = $_POST['invites']) != ($curinvites = $user['invites'])))
  20. {
  21. $modcomment = get_date( time(), 'DATE', 1 ) . " - Invite amount changed to ".$invites." from ".$curinvites." by " . htmlspecialchars($CURUSER['username']) . ".\n" . $modcomment;
  22. $updateset[] = "invites = " . sqlesc($invites);
  23. }
/** * @file bittorrent.php ~lines 906-907 to display invites */ Code: PHP
  1. "$IsDonor$warn [<a href='{$TBDEV['baseurl']}/logout.php'>{$lang['gl_logout']}</a>] $member_reputation".
  2. " Invites: <a href='{$TBDEV['baseurl']}/invite.php'>{$CURUSER['invites']}</a>
@ file config under : Code: PHP
  1. $TBDEV['invites'] = 3500; // LoL Who we kiddin' here?
Add : Code: PHP
  1. $TBDEV['openreg'] = true; //==true=open, false = closed
@ file signup.php under : Code: PHP
  1. $lang = array_merge( load_language('global'), load_language('signup') );
add : Code: PHP
  1. if(!$TBDEV['openreg'])
  2. stderr('Sorry', 'Invite only - Signups are closed presently');
@ file takesignup.php under : Code: PHP
  1. $lang = array_merge( load_language('global'), load_language('takesignup') );
add : Code: PHP
  1. if(!$TBDEV['openreg'])
  2. stderr('Sorry', 'Invite only - Signups are closed presently');
Then save upload the 4 files to root and that should be all. invite.php : Code: PHP
  1. <?php
  2. /*
  3. +------------------------------------------------
  4. | $Date$
  5. | $Revision$ 09 Final
  6. | $Invite
  7. | $Author$ Neptune,Bigjoos
  8. | $URL$
  9. +------------------------------------------------
  10. */
  11. require_once('include/bittorrent.php');
  12. require_once('include/user_functions.php');
  13. require_once('include/password_functions.php');
  14. dbconn();
  15. loggedinorreturn();
  16. $HTMLOUT ='';
  17. $sure ='';
  18. $lang = array_merge( load_language('global'), load_language('invite_code') );
  19. $do = (isset($_GET["do"]) ? $_GET["do"] : (isset($_POST["do"]) ? $_POST["do"] : ''));
  20. $valid_actions = array('create_invite', 'delete_invite', 'confirm_account', 'view_page', 'send_email');
  21. $do = (($do && in_array($do,$valid_actions,true)) ? $do : '') or header("Location: ?do=view_page");
  22. /**
  23. * @action Main Page
  24. */
  25. if ($do == 'view_page') {
  26. $query = myysql_query('SELECT * FROM users WHERE invitedby = '.sqlesc($CURUSER['id'])) or sqlerr(__FILE__, __LINE__);
  27. $rows = mysql_num_rows($query);
  28. $HTMLOUT ='';
  29. $HTMLOUT .= "
  30. <table border='1' width='750' cellspacing='0' cellpadding='5'>
  31. <tr class='table'>
  32. <td colspan='7' class='colhead'><b>{$lang['invites_users']}</b></td></tr>";
  33. if(!$rows){
  34. $HTMLOUT .= "<tr><td colspan='7' class='colhead'>{$lang['invites_nousers']}</td></tr>";
  35. } else {
  36. $HTMLOUT .= "<tr class='tableb'>
  37. <td align='center'><b>{$lang['invites_username']}</b></td>
  38. <td align='center'><b>{$lang['invites_uploaded']}</b></td>
  39. <td align='center'><b>{$lang['invites_downloaded']}</b></td>
  40. <td align='center'><b>{$lang['invites_ratio']}</b></td>
  41. <td align='center'><b>{$lang['invites_status']}</b></td>
  42. <td align='center'><b>{$lang['invites_confirm']}</b></td>
  43. </tr>";
  44. for ($i = 0; $i < $rows; ++$i) {
  45. $arr = mysql_fetch_assoc($query);
  46. if ($arr['status'] == 'pending')
  47. $user = "<td align='center'>" . htmlspecialchars($arr['username']) . "</td>";
  48. else
  49. $user = "<td align='center'><a href='{$TBDEV['baseurl']}/userdetails.php?id=$arr[id]'>" . htmlspecialchars($arr['username']) . "</a>" .($arr["warned"] == "yes" ? "&nbsp;<img src='{$TBDEV['pic_base_url']}warned.gif' border='0' alt='Warned' />" : "")."&nbsp;" .($arr["enabled"] == "no" ? "&nbsp;<img src='{$TBDEV['pic_base_url']}disabled.gif' border='0' alt='Disabled' />" : "")."&nbsp;" .($arr["donor"] == "yes" ? "<img src='{$TBDEV['pic_base_url']}star.gif' border='0' alt='Donor' />" : "")."</td>";
  50. if ($arr['downloaded'] > 0) {
  51. $ratio = number_format($arr['uploaded'] / $arr['downloaded'], 3);
  52. $ratio = "<font color='" . get_ratio_color($ratio) . "'>".$ratio."</font>";
  53. } else {
  54. if ($arr['uploaded'] > 0) {
  55. $ratio = 'Inf.';
  56. }
  57. else {
  58. $ratio = '---';
  59. }
  60. }
  61. if ($arr["status"] == 'confirmed')
  62. $status = "<font color='#1f7309'>{$lang['invites_confirm1']}</font>";
  63. else
  64. $status = "<font color='#ca0226'>{$lang['invites_pend']}</font>";
  65. $HTMLOUT .= "<tr class='tableb'>".$user."<td align='center'>" . mksize($arr['uploaded']) . "</td><td align='center'>" . mksize($arr['downloaded']) . "</td><td align='center'>".$ratio."</td><td align='center'>".$status."</td>";
  66. if ($arr['status'] == 'pending') {
  67. $HTMLOUT .= "<td align='center'><a href='?do=confirm_account&amp;userid=".$arr['id']."&amp;sender=".$CURUSER['id']."'><img src='{$TBDEV['pic_base_url']}confirm.png' alt='confirm' title='Confirm' border='0' /></a></td></tr>";
  68. }
  69. else
  70. $HTMLOUT .= "<td align='center'>---</td></tr>";
  71. }
  72. }
  73. $HTMLOUT .= "</table><br />";
  74. $select = mysql_query("SELECT * FROM invite_codes WHERE sender = ".$CURUSER['id']." AND status = 'Pending'") or sqlerr();
  75. $num_row = mysql_num_rows($select);
  76. $HTMLOUT .= "<table border='1' width='750' cellspacing='0' cellpadding='5'>"."<tr class='tabletitle'><td colspan='6' class='colhead'><b>{$lang['invites_codes']}</b></td></tr>";
  77. if(!$num_row) {
  78. $HTMLOUT.= "<tr class='tableb'><td colspan='1'>{$lang['invites_nocodes']}</td></tr>";
  79. } else {
  80. $HTMLOUT .= "<tr class='tableb'><td><b>{$lang['invites_send_code']}</b></td><td><b>{$lang['invites_date']}</b></td><td><b>{$lang['invites_delete']}</b></td><td><b>{$lang['invites_status']}</b></td></tr>";
  81. for ($i = 0; $i < $num_row; ++$i)
  82. {
  83. $fetch_assoc = mysql_fetch_assoc($select);
  84. $HTMLOUT .= "<tr class='tableb'>
  85. <td>".$fetch_assoc['code']." <a href='?do=send_email&amp;id=".(int)$fetch_assoc['id']."'><img src='{$TBDEV['pic_base_url']}email.gif' border='0' alt='Email' title='Send Email' /></a></td>
  86. <td>" . get_date($fetch_assoc['invite_added'], '', 0,1)."</td>";
  87. $HTMLOUT .= "<td><a href='?do=delete_invite&amp;id=".$fetch_assoc['id']."&amp;sender=".$CURUSER['id']."'><img src='{$TBDEV['pic_base_url']}del.png' border='0' alt='Delete'/></a></td>
  88. <td>".$fetch_assoc['status']."</td></tr>";
  89. }
  90. }
  91. $HTMLOUT .= "<tr class='tableb'><td colspan='6' align='center'><form action='?do=create_invite' method='post'><input type='submit' value='{$lang['invites_create']}' style='height: 20px' /></form></td></tr>";
  92. $HTMLOUT .= "</table>";
  93. print stdhead('Invites') . $HTMLOUT . stdfoot();
  94. die;
  95. }
  96. /**
  97. * @action Create Invites
  98. */
  99. elseif ($do =='create_invite') {
  100. if ($CURUSER['invites'] <= 0)
  101. stderr($lang['invites_error'], $lang['invites_noinvite']);
  102. if ($CURUSER["invite_rights"] == 'no')
  103. stderr($lang['invites_deny'], $lang['invites_disabled']);
  104. $res = mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__);
  105. $arr = mysql_fetch_row($res);
  106. if ($arr[0] >= $TBDEV['invites'])
  107. stderr($lang['invites_error'], $lang['invites_limit']);
  108. $invite = md5(mksecret());
  109. mysql_query('INSERT INTO invite_codes (sender, invite_added, code) VALUES ( ' . sqlesc((int)$CURUSER['id']) . ', ' . sqlesc(time()) . ', ' . sqlesc($invite) . ' )') or sqlerr(__FILE__, __LINE__);
  110. mysql_query('UPDATE users SET invites = invites - 1 WHERE id = ' . sqlesc($CURUSER['id'])) or sqlerr(__FILE__, __LINE__);
  111. header("Location: ?do=view_page");
  112. }
  113. /**
  114. * @action Send e-mail
  115. */
  116. elseif ($do =='send_email') {
  117. if ($_SERVER["REQUEST_METHOD"] == "POST") {
  118. $email = (isset($_POST['email'])? htmlentities($_POST['email']) : '');
  119. $invite = (isset($_POST['code'])? $_POST['code'] : '');
  120. if (!$email) stderr($lang['invites_error'], $lang['invites_noemail']);
  121. $check = (mysql_fetch_row(mysql_query('SELECT COUNT(*) FROM users WHERE email = ' . sqlesc($email)))) or sqlerr(__FILE__, __LINE__);
  122. if ($check[0] != 0) stderr('Error', 'This email address is already in use!');
  123. if (!validemail($email)) stderr($lang['invites_error'], $lang['invites_invalidemail']);
  124. $inviter = htmlspecialchars($CURUSER['username']);
  125. $body = <<<EOD
  126. You have been invited to {$TBDEV['site_name']} by $inviter. They have
  127. specified this address ($email) as your email. If you do not know this person, please ignore this email. Please do not reply.
  128. This is a private site and you must agree to the rules before you can enter:
  129. {$TBDEV['baseurl']}/useragreement.php
  130. {$TBDEV['baseurl']}/rules.php
  131. {$TBDEV['baseurl']}/faq.php
  132. ------------------------------------------------------------
  133. To confirm your invitation, you have to follow this link and type the invite code:
  134. {$TBDEV['baseurl']}/invite_signup.php
  135. Invite Code: $invite
  136. ------------------------------------------------------------
  137. After you do this, your inviter need's to confirm your account.
  138. We urge you to read the RULES and FAQ before you start using {$TBDEV['site_name']}.
  139. EOD;
  140. $sendit = mail($email, "You have been invited to {$TBDEV['site_name']}", $body, "From: {$TBDEV['site_email']}", "-f{$TBDEV['site_email']}");
  141. if (!$sendit) stderr($lang['invites_error'], $lang['invites_unable']);
  142. else stderr('', $lang['invites_confirmation']); }
  143. $id = (isset($_GET['id']) ? (int)$_GET['id'] : (isset($_POST['id']) ? (int)$_POST['id'] : ''));
  144. if (!is_valid_id($id)) stderr($lang['invites_error'], $lang['invites_invalid']);
  145. $query = mysql_query('SELECT * FROM invite_codes WHERE id = ' . sqlesc($id) . ' AND sender = ' . sqlesc($CURUSER['id']).' AND status = "Pending"') or sqlerr(__FILE__, __LINE__);
  146. $fetch = mysql_fetch_assoc($query) or stderr($lang['invites_error'], $lang['invites_noexsist']);
  147. $HTMLOUT .= "<form method='post' action='?do=send_email'><table border='1' cellspacing='0' cellpadding='10'>
  148. <tr><td class='rowhead'>E-Mail</td><td><input type='text' size='40' name='email' /></td></tr><tr><td colspan='2' align='center'><input type='hidden' name='code' value='".$fetch['code']."' /></td></tr><tr><td colspan='2' align='center'><input type='submit' value='Send e-mail' class='btn' /></td></tr></table></form>";
  149. print stdhead('Invites') . $HTMLOUT . stdfoot();
  150. }
  151. /**
  152. * @action Delete Invites
  153. */
  154. elseif ($do =='delete_invite') {
  155. $id = (isset($_GET["id"]) ? (int)$_GET["id"] : (isset($_POST["id"]) ? (int)$_POST["id"] : ''));
  156. $query = mysql_query('SELECT * FROM invite_codes WHERE id = ' . sqlesc($id) . ' AND sender = ' . sqlesc($CURUSER['id']).' AND status = "Pending"') or sqlerr(__FILE__, __LINE__);
  157. $assoc = mysql_fetch_assoc($query);
  158. if (!$assoc)
  159. stderr($lang['invites_error'],$lang['invites_noexsist']);
  160. isset($_GET['sure']) && $sure = htmlspecialchars($_GET['sure']);
  161. if (!$sure)
  162. stderr($lang['invites_delete1'], $lang['invites_sure'].' Click <a href="'.$_SERVER['PHP_SELF'].'?do=delete_invite&amp;id='.$id.'&amp;sender='.$CURUSER['id'].'&amp;sure=yes">here</a> to delete it or <a href="?do=view_page">here</a> to go back.');
  163. mysql_query('DELETE FROM invite_codes WHERE id = ' . sqlesc($id) . ' AND sender =' . sqlesc($CURUSER['id'].' AND status = "Pending"')) or sqlerr(__FILE__, __LINE__);
  164. mysql_query('UPDATE users SET invites = invites + 1 WHERE id = '.sqlesc($CURUSER['id'])) or sqlerr(__FILE__, __LINE__);
  165. header("Location: ?do=view_page");
  166. }
  167. /**
  168. * @action Confirm Accounts
  169. */
  170. elseif ($do ='confirm_account') {
  171. $userid = (isset($_GET["userid"]) ? (int)$_GET["userid"] : (isset($_POST["userid"]) ? (int)$_POST["userid"] : ''));
  172. if (!is_valid_id($userid))
  173. stderr($lang['invites_error'], $lang['invites_invalid']);
  174. $select = mysql_query('SELECT id, username FROM users WHERE id = ' . sqlesc($userid) . ' AND invitedby = ' . sqlesc($CURUSER['id'])) or sqlerr(__FILE__, __LINE__);
  175. $assoc = mysql_fetch_assoc($select);
  176. if (!$assoc)
  177. stderr($lang['invites_error'], $lang['invites_errorid']);
  178. isset($_GET['sure']) && $sure = htmlspecialchars($_GET['sure']);
  179. if (!$sure)
  180. stderr($lang['invites_confirm1'], $lang['invites_sure1'].' '.htmlspecialchars($assoc['username']).'\'s account? Click <a href="?do=confirm_account&amp;userid='.$userid.'&amp;sender='.$CURUSER['id'].'&amp;sure=yes">here</a> to confirm it or <a href="?do=view_page">here</a> to go back.');
  181. mysql_query('UPDATE users SET status = "confirmed" WHERE id = '.sqlesc($userid).' AND invitedby = '.sqlesc($CURUSER['id']).' AND status="pending"') or sqlerr(__FILE__, __LINE__);
  182. //==pm to new invitee/////
  183. $msg = sqlesc("Hey there :wave:
  184. Welcome to {$TBDEV['site_name']}!
  185. We have made many changes to the site, and we hope you enjoy them!
  186. We have been working hard to make {$TBDEV['site_name']} somethin' special!
  187. {$TBDEV['site_name']} has a strong community (just check out forums), and is a feature rich site. We hope you'll join in on all the fun!
  188. Be sure to read the {$TBDEV['baseurl']}/rules.php]Rules and {$TBDEV['baseurl']}[/COLOR]/faq.php]FAQ before you start using the site.[/COLOR]
  189. We are a strong friendly community here {$TBDEV['site_name']} is so much more then just torrents.
  190. Just for kicks, we've started you out with 200.0 Karma Bonus Points, and a couple of bonus GB to get ya started!
  191. so, enjoy
  192. cheers,
  193. {$TBDEV['site_name']} Staff");
  194. $id = $assoc["id"];
  195. $subject = sqlesc("Welcome to {$TBDEV['site_name']} !");
  196. $added = sqlesc(time());
  197. mysql_query("INSERT INTO messages (sender, subject, receiver, msg, added) VALUES (0, $subject, $id, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  198. ///////////////////end////////////
  199. header("Location: ?do=view_page");
  200. }
  201. ?>
invite_signup.php : Code: [Select] <?php require_once('include/bittorrent.php'); require_once('include/user_functions.php'); require_once('cache/timezones.php'); require_once('include/page_verify.php'); dbconn(); get_template(); $stdfoot = array(/** include js **/'js' => array('check','jquery.pstrength-min.1.2')); $lang = array_merge( load_language('global'), load_language('signup') ); $newpage = new page_verify(); $newpage->create('tkIs'); $res = mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__); $arr = mysql_fetch_row($res); if ($arr[0] >= $TBDEV['maxusers']) stderr("Sorry", "The current user account limit (" . number_format($TBDEV['maxusers']) . ") has been reached. Inactive accounts are pruned all the time, please check back again later..."); if(!$TBDEV['openreg']) stderr('Sorry', 'Invite only - Signups are closed presently'); // TIMEZONE STUFF $offset = (string)$TBDEV['time_offset']; $time_select = "<select name='user_timezone'>"; foreach( $TZ as $off => $words ) { if ( preg_match("/^time_(-?[\d\.]+)$/", $off, $match)) { $time_select .= $match[1] == $offset ? "<option value='{$match[1]}' selected='selected'>$words</option>\n" : "<option value='{$match[1]}'>$words</option>\n"; } } $time_select .= "</select>"; // TIMEZONE END $HTMLOUT=''; $HTMLOUT .= " <script type='text/javascript'> /*<![CDATA[*/ $(function() { $('.password').pstrength(); }); /*]]>*/ </script>"; // Normal Entry Point... $value = array('...','...','...','...','...','...'); $value[rand(1,count($value)-1)] = 'X'; $HTMLOUT .="<script type='text/javascript' src='scripts/jquery.js'></script> <script type='text/javascript' src='scripts/jquery.simpleCaptcha-0.2.js'></script> <script type='text/javascript'> $(document).ready(function () { $('#captchainvite').simpleCaptcha(); }); </script> <p>Note: You need cookies enabled to sign up or log in.</p> <form method='post' action='{$TBDEV['baseurl']}/take_invite_signup.php'> <noscript>Javascript must be enabled to login and use this site</noscript> <table border='1' cellspacing='0' cellpadding='10'> <tr><td align='right' class='heading'>Desired username:</td><td align='left'><input type='text' size='40' name='wantusername' id='wantusername' onblur='checkit();' /><div id='namecheck'></div></td></tr> <tr><td align='right' class='heading'>Pick a password:</td><td align='left'><input class='password' type='password' size='40' name='wantpassword' /></td></tr> <tr><td align='right' class='heading'>Enter password again:</td><td align='left'><input type='password' size='40' name='passagain' /></td></tr> <tr><td align='right' class='heading'>Enter invite-code:</td><td align='left'><input type='text' size='40' name='invite' /></td></tr> <tr valign='top'><td align='right' class='heading'>Email address:</td><td align='left'><input type='text' size='40' name='email' /> <table width='250' border='0' cellspacing='0' cellpadding='0'><tr><td class='embedded'><font class='small'>The email address must be valid. The email address won't be publicly shown anywhere unless you chose to from your settings.</font></td></tr></table></td></tr> <tr><td align='right' class='heading'>{$lang['signup_timez']}</td><td align='left'>{$time_select}</td></tr>"; //==Passhint $passhint=""; $questions = array( array("id"=> "1", "question"=> "{$lang['signup_q1']}"), array("id"=> "2", "question"=> "{$lang['signup_q2']}"), array("id"=> "3", "question"=> "{$lang['signup_q3']}"), array("id"=> "4", "question"=> "{$lang['signup_q4']}"), array("id"=> "5", "question"=> "{$lang['signup_q5']}"), array("id"=> "6", "question"=> "{$lang['signup_q6']}")); foreach($questions as $sph){ $passhint .= "<option value='".$sph['id']."'>".$sph['question']."</option>\n"; } $HTMLOUT .= "<tr><td align='right' class='heading'>{$lang['signup_select']}</td><td align='left'><select name='passhint'>\n$passhint\n</select></td></tr> <tr><td align='right' class='heading'>{$lang['signup_enter']}</td><td align='left'><input type='text' size='40' name='hintanswer' /><br /><font class='small'>{$lang['signup_this_answer']}<br />{$lang['signup_this_answer1']}</font></td></tr> <tr><td align='right' class='heading'></td><td align='left'><input type='checkbox' name='rulesverify' value='yes' /> I will read the site rules page.<br /> <input type='checkbox' name='faqverify' value='yes' /> I agree to read the FAQ before asking questions.<br /> <input type='checkbox' name='ageverify' value='yes' /> I am at least 18 years old.</td></tr> <tr><td class='rowhead' colspan='2' id='captchainvite'></td></tr> <tr><td align='center' colspan='2'>Now click the button marked <strong>X</strong> to complete the sign up!</td></tr><tr> <td colspan='2' align='center'>"; for ($i=0; $i < count($value); $i++) { $HTMLOUT .= "<input name=\"submitme\" type=\"submit\" value=\"".$value[$i]."\" class=\"btn\" />"; } $HTMLOUT .= "</td></tr></table></form>"; print stdhead('Invites') . $HTMLOUT . stdfoot($stdfoot); ?> take_invite_signup.php : Code: PHP
  1. <?php
  2. require_once('include/bittorrent.php');
  3. require_once('include/user_functions.php');
  4. require_once('include/password_functions.php');
  5. require_once('include/page_verify.php');
  6. dbconn();
  7. get_template();
  8. $lang = array_merge( load_language('global'), load_language('takesignup') );
  9. $newpage = new page_verify();
  10. $newpage->check('tkIs');
  11. $res = mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__);
  12. $arr = mysql_fetch_row($res);
  13. if ($arr[0] >= $TBDEV['maxusers'])
  14. stderr($lang['stderr_errorhead'], sprintf($lang['stderr_ulimit'], $TBDEV['maxusers']));
  15. if (!mkglobal("wantusername:wantpassword:passagain:email:invite:captchaSelection:submitme:passhint:hintanswer"))
  16. die();
  17. if ($submitme != 'X')
  18. stderr('Ha Ha', 'You Missed, You plonker !');
  19. if(empty($captchaSelection) || $_SESSION['simpleCaptchaAnswer'] != $captchaSelection){
  20. header('Location: invite_signup.php');
  21. exit();
  22. }
  23. function validusername($username) {
  24. if ($username == "")
  25. return false;
  26. // The following characters are allowed in user names
  27. $allowedchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
  28. for ($i = 0; $i < strlen($username); ++$i)
  29. if (strpos($allowedchars, $username[$i]) === false)
  30. return false;
  31. return true;
  32. }
  33. if (empty($wantusername) || empty($wantpassword) || empty($email) || empty($invite) || empty($passhint) || empty($hintanswer))
  34. stderr("Error","Don't leave any fields blank.");
  35. if(!blacklist($wantusername))
  36. stderr($lang['takesignup_user_error'],sprintf($lang['takesignup_badusername'],htmlspecialchars($wantusername)));
  37. if (strlen($wantusername) > 12)
  38. stderr("Error","Sorry, username is too long (max is 12 chars)");
  39. if ($wantpassword != $passagain)
  40. stderr("Error","The passwords didn't match! Must've typoed. Try again.");
  41. if (strlen($wantpassword) < 6)
  42. stderr("Error","Sorry, password is too short (min is 6 chars)");
  43. if (strlen($wantpassword) > 40)
  44. stderr("Error","Sorry, password is too long (max is 40 chars)");
  45. if ($wantpassword == $wantusername)
  46. stderr("Error","Sorry, password cannot be same as user name.");
  47. if (!validemail($email))
  48. stderr("Error","That doesn't look like a valid email address.");
  49. if (!validusername($wantusername))
  50. stderr("Error","Invalid username.");
  51. // make sure user agrees to everything...
  52. if ($_POST["rulesverify"] != "yes" || $_POST["faqverify"] != "yes" || $_POST["ageverify"] != "yes")
  53. stderr("Error","Sorry, you're not qualified to become a member of this site.");
  54. // check if email addy is already in use
  55. $a = (@mysql_fetch_row(mysql_query('SELECT COUNT(*) FROM users WHERE email = ' . sqlesc($email)))) or die(mysql_error());
  56. if ($a[0] != 0)
  57. stderr('Error', 'The e-mail address <b>' . htmlspecialchars($email) . '</b> is already in use.');
  58. //=== check if ip addy is already in use
  59. $c = (@mysql_fetch_row(mysql_query("select count(*) from users where ip='" . $_SERVER['REMOTE_ADDR'] . "'"))) or die(mysql_error());
  60. if ($c[0] != 0)
  61. stderr("Error", "The ip " . $_SERVER['REMOTE_ADDR'] . " is already in use. We only allow one account per ip address.");
  62. // TIMEZONE STUFF
  63. if(isset($_POST["user_timezone"]) && preg_match('#^\-?\d{1,2}(?:\.\d{1,2})?$#', $_POST['user_timezone']))
  64. {
  65. $time_offset = sqlesc($_POST['user_timezone']);
  66. }
  67. else
  68. {
  69. $time_offset = isset($TBDEV['time_offset']) ? sqlesc($TBDEV['time_offset']) : '0'; }
  70. // have a stab at getting dst parameter?
  71. $dst_in_use = localtime(time() + ($time_offset * 3600), true);
  72. // TIMEZONE STUFF END
  73. $select_inv = mysql_query('SELECT sender, receiver, status FROM invite_codes WHERE code = ' . sqlesc($invite)) or die(mysql_error());
  74. $rows = mysql_num_rows($select_inv);
  75. $assoc = mysql_fetch_assoc($select_inv);
  76. if ($rows == 0)
  77. stderr("Error","Invite not found.\nPlease request a invite from one of our members.");
  78. if ($assoc["receiver"]!=0)
  79. stderr("Error","Invite already taken.\nPlease request a new one from your inviter.");
  80. $secret = mksecret();
  81. $wantpasshash = make_passhash( $secret, md5($wantpassword) );
  82. $editsecret = ( !$arr[0] ? "" : make_passhash_login_key() );
  83. $wanthintanswer = md5($hintanswer);
  84. $new_user = mysql_query("INSERT INTO users (username, passhash, secret, passhint, hintanswer, editsecret, invitedby, email, ". (!$arr[0]?"class, ":"") ."added, last_access, last_login, time_offset, dst_in_use) VALUES (" .
  85. implode(",", array_map("sqlesc", array($wantusername, $wantpasshash, $secret, $editsecret, $passhint, $wanthintanswer, (int)$assoc['sender'], $email))).
  86. ", ". (!$arr[0]?UC_SYSOP.", ":""). "'". time() ."','". time() ."','". time() ."', $time_offset, {$dst_in_use['tm_isdst']})");
  87. $message = "Welcome New {$TBDEV['site_name']} Member : - " . htmlspecialchars($wantusername) . "";
  88. if (!$new_user) {
  89. if (mysql_errno() == 1062)
  90. stderr("Error","Username already exists!");
  91. stderr("Error","borked");
  92. }
  93. //===send PM to inviter
  94. $sender = $assoc["sender"];
  95. $added = sqlesc(time());
  96. $msg = sqlesc("Hey there [you] ! :wave:\nIt seems that someone you invited to {$TBDEV['site_name']} has arrived ! :clap2: \n\n Please go to your {$TBDEV['baseurl']}/invite.php]Invite page to confirm them so they can log in.\n\ncheers\n"[/COLOR]);
  97. $subject = sqlesc("Someone you invited has arrived!");
  98. mysql_query("INSERT INTO messages (sender, subject, receiver, msg, added) VALUES (0, $subject, $sender, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  99. //////////////end/////////////////////
  100. $id = mysql_insert_id();
  101. mysql_query('UPDATE invite_codes SET receiver = ' . sqlesc($id) . ', status = "Confirmed" WHERE sender = ' . sqlesc((int)$assoc['sender']). ' AND code = ' . sqlesc($invite)) or sqlerr(__FILE__, __LINE__);
  102. write_log('User account '.htmlspecialchars($wantusername).' was created!');
  103. autoshout($message);
  104. stderr('Success','Signup successfull, Your inviter needs to confirm your account now before you can use your account !');
  105. ?>
lang_invite_code.php : Code: PHP
  1. <?php
  2. $lang = array(
  3. #invite errors
  4. 'invites_error' => "Error",
  5. 'invites_deny' => "Denied",
  6. 'invites_limit' => "Sorry, user limit reached. Please try again later.",
  7. 'invites_disabled' => "Your invite sending privileges has been disabled by the Staff!",
  8. 'invites_noinvite' => "No invites !",
  9. 'invites_invalidemail' => "That doesn't look like a valid email address.",
  10. 'invites_noemail' => "You must enter an email address!",
  11. 'invites_unable' => "Unable to send mail. Please contact an administrator about this error.",
  12. 'invites_confirmation' => "A confirmation email has been sent to the address you specified.",
  13. 'invites_invalid' => "Invalid ID!",
  14. 'invites_noexsist' => "This invite code does not exist.",
  15. 'invites_sure' => "Are you sure you want to delete this invite code?",
  16. 'invites_errorid' => "No user with this ID.",
  17. 'invites_sure1' => "Are you sure you want to confirm",
  18. #invites
  19. 'invites_users' => "Invited Users",
  20. 'invites_nousers' => "No Invitees Yet",
  21. 'invites_username' => "Username",
  22. 'invites_uploaded' => "Uploaded",
  23. 'invites_downloaded' => "Downloaded",
  24. 'invites_ratio' => "Ratio",
  25. 'invites_status' => "Status",
  26. 'invites_confirm' => "Confirm",
  27. 'invites_confirm1' => "Confirmed",
  28. 'invites_pend' => "Pending",
  29. 'invites_codes' => "Created Invite Codes",
  30. 'invites_nocodes' => "You have not created any invite codes at the moment!",
  31. 'invites_date' => "Created Date",
  32. 'invites_delete' => "Delete",
  33. 'invites_create' => "Create Invite Code",
  34. 'invites_send_code' => "Send Invite Code",
  35. 'invites_delete1' => "Delete Invite",
  36. 'invites_confirm1' => "Confirmed Account",
  37. );
  38. ?>





Bump: Have a try at this a sit was posted for the 09 source and I know pytn bigjjoes and pdq all used this along the way..


Code:
mproved & Safer Number Key Invite System By Neptune. 
Reworked for Tbdev 09
Xhtml Valid

The files are now up to date for 2009 final revision.

/**
* @sql
*/
Code: SQL
  1. CREATE TABLE `invite_codes` (
  2. `id` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT,
  3. `sender` INT(10) UNSIGNED NOT NULL DEFAULT '0',
  4. `receiver` VARCHAR(32) NOT NULL DEFAULT '0',
  5. `code` VARCHAR(32) NOT NULL DEFAULT '',
  6. `invite_added` INT(10) NOT NULL,
  7. `status` enum('Pending','Confirmed') NOT NULL DEFAULT 'Pending',
  8. PRIMARY KEY (`id`),
  9. KEY `sender` (`id`)
  10. ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
  11. ALTER TABLE `users` ADD `invites` INT(10) UNSIGNED NOT NULL DEFAULT '1';
  12. ALTER TABLE `users` ADD `invitedby` INT(10) UNSIGNED NOT NULL DEFAULT '0';
  13. ALTER TABLE `users` ADD `invite_rights` enum('yes','no') NOT NULL DEFAULT 'yes';
  14. ALTER TABLE `users` ADD `invitees` VARCHAR(100) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL DEFAULT '';
/** * @file config.php */ add after maxusers Code: PHP
  1. $TBDEV['invites'] = 3500; // set this to what you want
/** * @file userdetails.php */ for displaying invitees Code: PHP
  1. if ($CURUSER['class'] >= UC_MODERATOR && $user['invitedby'] > 0 || $user['id'] == $CURUSER['id'] && $user['invitedby'] > 0) {
  2. $invitedby = mysql_query('SELECT username FROM users WHERE id = ' . sqlesc($user['invitedby']));
  3. $invitedby2 = mysql_fetch_array($invitedby);
  4. $HTMLOUT .= "<tr><td class='rowhead'>{$lang['userdetails_invby']}</td><td align='left'><a href='{$TBDEV['baseurl']}/userdetails.php?id=".$user['invitedby']."'>'".htmlspecialchars($invitedby2['username'])."'</a></td></tr>"; }
Or the old original code : Code: PHP
  1. if ($CURUSER["class"] >= UC_MODERATOR && $user["invites"] > 0 || $user["id"] == $CURUSER["id"] && $user["invites"] > 0)
  2. $HTMLOUT .="<tr><td class='rowhead'>{$lang['userdetails_invites']}</td><td align='left'><a href='{$TBDEV['baseurl']}/invite.php'>".htmlspecialchars($user["invites"])."</a></td></tr>\n";
  3. if ($CURUSER["class"] >= UC_MODERATOR && $user["invitedby"] > 0 || $user["id"] == $CURUSER["id"] && $user["invitedby"] > 0)
  4. {
  5. $invitedby = mysql_query("SELECT username FROM users WHERE id=$user[invitedby]");
  6. $invited_by2 = mysql_fetch_assoc($invitedby);
  7. $HTMLOUT .="<tr><td class='rowhead'>{$lang['userdetails_invby']}invited by</td><td align='left'><a href='{$TBDEV['baseurl']}/userdetails.php?id=$user[invitedby]'>$invited_by2[username]</a></td></tr>\n";
  8. }
  9. if ($CURUSER["class"] >= UC_MODERATOR && $user["invitees"] > 0 || $user["id"] == $CURUSER["id"] && $user["invitees"] > 0)
  10. {
  11. $compl = $user["invitees"];
  12. $compl_list = explode(" ", $compl);
  13. $arr = array();
  14. foreach($compl_list as $array_list)
  15. $arr[] = $array_list;
  16. $compl_arr = array_reverse($arr, TRUE);
  17. $f=0;
  18. foreach($compl_arr as $user_id)
  19. {
  20. $compl_user = mysql_query("SELECT id, username FROM users WHERE id='$user_id' and status='confirmed'");
  21. $compl_users = mysql_fetch_assoc($compl_user);
  22. if ($compl_users["id"] > 0)
  23. {
  24. $HTMLOUT .="<tr><td class='rowhead' width='1%'>{$lang['userdetails_invitees']}</td><td>";
  25. $compl = $user["invitees"];
  26. $compl_list = explode(" ", $compl);
  27. $arr = array();
  28. foreach($compl_list as $array_list)
  29. $arr[] = $array_list;
  30. $compl_arr = array_reverse($arr, TRUE);
  31. $i = 0;
  32. foreach($compl_arr as $user_id)
  33. {
  34. $compl_user = mysql_query("SELECT id, username FROM users WHERE id='$user_id' and status='confirmed' ORDER BY username");
  35. $compl_users = mysql_fetch_assoc($compl_user);
  36. $HTMLOUT .="<a href='{$TBDEV['baseurl']}/userdetails.php?id=" . $compl_users["id"] . "'>" . $compl_users["username"] . "</a> ";
  37. if ($i == "9")
  38. break;
  39. $i++;
  40. }
  41. $HTMLOUT .="</td></tr>";
  42. $f = 1;
  43. }
  44. if ($f == "1")
  45. break;
  46. }
  47. }
@File lang/en/lang_userdetails.php : Code: PHP
  1. 'userdetails_invites' => "Invites",
  2. 'userdetails_invitees' => "Invitees",
  3. 'userdetails_invby' => 'Invited by',
/** * @file userdetails.php */ staff section, set invite on or off & invite amount Code: PHP
  1. $HTMLOUT .= "<tr><td class='rowhead'>{$lang['userdetails_invright']}</td><td class='row' colspan='2' align='left'><input type='radio' name='invite_rights' value='yes'" .($user["invite_rights"]=="yes" ? " checked='checked'" : "") . " />{$lang['userdetails_yes']}<input type='radio' name='invite_rights' value='no'" .($user["invite_rights"]=="no" ? " checked='checked'" : "") . " />{$lang['userdetails_no']}</td></tr>\n";
  2. $HTMLOUT .= "<tr><td class='rowhead' align='right'><b>{$lang['userdetails_invites']}</b></td><td colspan='2' align='left' class='rowhead'><input type='text' size='3' name='invites' value='" . htmlspecialchars($user['invites']) . "' /></td></tr>\n";
/** * @file lang/en/lang_userdetails.php */ lang_userdetails.php add Code: PHP
  1. 'userdetails_invright' => "Invite rights",
  2. 'userdetails_invites' => "Invites",
  3. 'userdetails_invby' => "Invited by",
/** * @file modtask.php */ Code: PHP
  1. // invite rights
  2. if ((isset($_POST['invite_rights'])) && (($invite_rights = $_POST['invite_rights']) != $user['invite_rights'])){
  3. if ($invite_rights == 'yes')
  4. {
  5. $modcomment = get_date( time(), 'DATE', 1 ) . " - Invite rights enabled by " . htmlspecialchars($CURUSER['username']) . ".\n" . $modcomment;
  6. $msg = sqlesc("Your invite rights have been given back by " . htmlspecialchars($CURUSER['username']) . ". You can invite users again.");
  7. $added = time();
  8. mysql_query("INSERT INTO messages (sender, receiver, msg, added) VALUES (0, $userid, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  9. }
  10. elseif ($invite_rights == 'no'){
  11. $modcomment = get_date( time(), 'DATE', 1 ) . " - Invite rights disabled by " . htmlspecialchars($CURUSER['username']) . ".\n" . $modcomment;
  12. $msg = sqlesc("Your invite rights have been removed by " . htmlspecialchars($CURUSER['username']) . ", probably because you invited a bad user.");
  13. $added = time();
  14. mysql_query("INSERT INTO messages (sender, receiver, msg, added) VALUES (0, $userid, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  15. }
  16. $updateset[] = "invite_rights = " . sqlesc($invite_rights);
  17. }
  18. // change invite amount
  19. if ((isset($_POST['invites'])) && (($invites = $_POST['invites']) != ($curinvites = $user['invites'])))
  20. {
  21. $modcomment = get_date( time(), 'DATE', 1 ) . " - Invite amount changed to ".$invites." from ".$curinvites." by " . htmlspecialchars($CURUSER['username']) . ".\n" . $modcomment;
  22. $updateset[] = "invites = " . sqlesc($invites);
  23. }
/** * @file bittorrent.php ~lines 906-907 to display invites */ Code: PHP
  1. "$IsDonor$warn [<a href='{$TBDEV['baseurl']}/logout.php'>{$lang['gl_logout']}</a>] $member_reputation".
  2. " Invites: <a href='{$TBDEV['baseurl']}/invite.php'>{$CURUSER['invites']}</a>
@ file config under : Code: PHP
  1. $TBDEV['invites'] = 3500; // LoL Who we kiddin' here?
Add : Code: PHP
  1. $TBDEV['openreg'] = true; //==true=open, false = closed
@ file signup.php under : Code: PHP
  1. $lang = array_merge( load_language('global'), load_language('signup') );
add : Code: PHP
  1. if(!$TBDEV['openreg'])
  2. stderr('Sorry', 'Invite only - Signups are closed presently');
@ file takesignup.php under : Code: PHP
  1. $lang = array_merge( load_language('global'), load_language('takesignup') );
add : Code: PHP
  1. if(!$TBDEV['openreg'])
  2. stderr('Sorry', 'Invite only - Signups are closed presently');
Then save upload the 4 files to root and that should be all. invite.php : Code: PHP
  1. <?php
  2. /*
  3. +------------------------------------------------
  4. | $Date$
  5. | $Revision$ 09 Final
  6. | $Invite
  7. | $Author$ Neptune,Bigjoos
  8. | $URL$
  9. +------------------------------------------------
  10. */
  11. require_once('include/bittorrent.php');
  12. require_once('include/user_functions.php');
  13. require_once('include/password_functions.php');
  14. dbconn();
  15. loggedinorreturn();
  16. $HTMLOUT ='';
  17. $sure ='';
  18. $lang = array_merge( load_language('global'), load_language('invite_code') );
  19. $do = (isset($_GET["do"]) ? $_GET["do"] : (isset($_POST["do"]) ? $_POST["do"] : ''));
  20. $valid_actions = array('create_invite', 'delete_invite', 'confirm_account', 'view_page', 'send_email');
  21. $do = (($do && in_array($do,$valid_actions,true)) ? $do : '') or header("Location: ?do=view_page");
  22. /**
  23. * @action Main Page
  24. */
  25. if ($do == 'view_page') {
  26. $query = myysql_query('SELECT * FROM users WHERE invitedby = '.sqlesc($CURUSER['id'])) or sqlerr(__FILE__, __LINE__);
  27. $rows = mysql_num_rows($query);
  28. $HTMLOUT ='';
  29. $HTMLOUT .= "
  30. <table border='1' width='750' cellspacing='0' cellpadding='5'>
  31. <tr class='table'>
  32. <td colspan='7' class='colhead'><b>{$lang['invites_users']}</b></td></tr>";
  33. if(!$rows){
  34. $HTMLOUT .= "<tr><td colspan='7' class='colhead'>{$lang['invites_nousers']}</td></tr>";
  35. } else {
  36. $HTMLOUT .= "<tr class='tableb'>
  37. <td align='center'><b>{$lang['invites_username']}</b></td>
  38. <td align='center'><b>{$lang['invites_uploaded']}</b></td>
  39. <td align='center'><b>{$lang['invites_downloaded']}</b></td>
  40. <td align='center'><b>{$lang['invites_ratio']}</b></td>
  41. <td align='center'><b>{$lang['invites_status']}</b></td>
  42. <td align='center'><b>{$lang['invites_confirm']}</b></td>
  43. </tr>";
  44. for ($i = 0; $i < $rows; ++$i) {
  45. $arr = mysql_fetch_assoc($query);
  46. if ($arr['status'] == 'pending')
  47. $user = "<td align='center'>" . htmlspecialchars($arr['username']) . "</td>";
  48. else
  49. $user = "<td align='center'><a href='{$TBDEV['baseurl']}/userdetails.php?id=$arr[id]'>" . htmlspecialchars($arr['username']) . "</a>" .($arr["warned"] == "yes" ? "&nbsp;<img src='{$TBDEV['pic_base_url']}warned.gif' border='0' alt='Warned' />" : "")."&nbsp;" .($arr["enabled"] == "no" ? "&nbsp;<img src='{$TBDEV['pic_base_url']}disabled.gif' border='0' alt='Disabled' />" : "")."&nbsp;" .($arr["donor"] == "yes" ? "<img src='{$TBDEV['pic_base_url']}star.gif' border='0' alt='Donor' />" : "")."</td>";
  50. if ($arr['downloaded'] > 0) {
  51. $ratio = number_format($arr['uploaded'] / $arr['downloaded'], 3);
  52. $ratio = "<font color='" . get_ratio_color($ratio) . "'>".$ratio."</font>";
  53. } else {
  54. if ($arr['uploaded'] > 0) {
  55. $ratio = 'Inf.';
  56. }
  57. else {
  58. $ratio = '---';
  59. }
  60. }
  61. if ($arr["status"] == 'confirmed')
  62. $status = "<font color='#1f7309'>{$lang['invites_confirm1']}</font>";
  63. else
  64. $status = "<font color='#ca0226'>{$lang['invites_pend']}</font>";
  65. $HTMLOUT .= "<tr class='tableb'>".$user."<td align='center'>" . mksize($arr['uploaded']) . "</td><td align='center'>" . mksize($arr['downloaded']) . "</td><td align='center'>".$ratio."</td><td align='center'>".$status."</td>";
  66. if ($arr['status'] == 'pending') {
  67. $HTMLOUT .= "<td align='center'><a href='?do=confirm_account&amp;userid=".$arr['id']."&amp;sender=".$CURUSER['id']."'><img src='{$TBDEV['pic_base_url']}confirm.png' alt='confirm' title='Confirm' border='0' /></a></td></tr>";
  68. }
  69. else
  70. $HTMLOUT .= "<td align='center'>---</td></tr>";
  71. }
  72. }
  73. $HTMLOUT .= "</table><br />";
  74. $select = mysql_query("SELECT * FROM invite_codes WHERE sender = ".$CURUSER['id']." AND status = 'Pending'") or sqlerr();
  75. $num_row = mysql_num_rows($select);
  76. $HTMLOUT .= "<table border='1' width='750' cellspacing='0' cellpadding='5'>"."<tr class='tabletitle'><td colspan='6' class='colhead'><b>{$lang['invites_codes']}</b></td></tr>";
  77. if(!$num_row) {
  78. $HTMLOUT.= "<tr class='tableb'><td colspan='1'>{$lang['invites_nocodes']}</td></tr>";
  79. } else {
  80. $HTMLOUT .= "<tr class='tableb'><td><b>{$lang['invites_send_code']}</b></td><td><b>{$lang['invites_date']}</b></td><td><b>{$lang['invites_delete']}</b></td><td><b>{$lang['invites_status']}</b></td></tr>";
  81. for ($i = 0; $i < $num_row; ++$i)
  82. {
  83. $fetch_assoc = mysql_fetch_assoc($select);
  84. $HTMLOUT .= "<tr class='tableb'>
  85. <td>".$fetch_assoc['code']." <a href='?do=send_email&amp;id=".(int)$fetch_assoc['id']."'><img src='{$TBDEV['pic_base_url']}email.gif' border='0' alt='Email' title='Send Email' /></a></td>
  86. <td>" . get_date($fetch_assoc['invite_added'], '', 0,1)."</td>";
  87. $HTMLOUT .= "<td><a href='?do=delete_invite&amp;id=".$fetch_assoc['id']."&amp;sender=".$CURUSER['id']."'><img src='{$TBDEV['pic_base_url']}del.png' border='0' alt='Delete'/></a></td>
  88. <td>".$fetch_assoc['status']."</td></tr>";
  89. }
  90. }
  91. $HTMLOUT .= "<tr class='tableb'><td colspan='6' align='center'><form action='?do=create_invite' method='post'><input type='submit' value='{$lang['invites_create']}' style='height: 20px' /></form></td></tr>";
  92. $HTMLOUT .= "</table>";
  93. print stdhead('Invites') . $HTMLOUT . stdfoot();
  94. die;
  95. }
  96. /**
  97. * @action Create Invites
  98. */
  99. elseif ($do =='create_invite') {
  100. if ($CURUSER['invites'] <= 0)
  101. stderr($lang['invites_error'], $lang['invites_noinvite']);
  102. if ($CURUSER["invite_rights"] == 'no')
  103. stderr($lang['invites_deny'], $lang['invites_disabled']);
  104. $res = mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__);
  105. $arr = mysql_fetch_row($res);
  106. if ($arr[0] >= $TBDEV['invites'])
  107. stderr($lang['invites_error'], $lang['invites_limit']);
  108. $invite = md5(mksecret());
  109. mysql_query('INSERT INTO invite_codes (sender, invite_added, code) VALUES ( ' . sqlesc((int)$CURUSER['id']) . ', ' . sqlesc(time()) . ', ' . sqlesc($invite) . ' )') or sqlerr(__FILE__, __LINE__);
  110. mysql_query('UPDATE users SET invites = invites - 1 WHERE id = ' . sqlesc($CURUSER['id'])) or sqlerr(__FILE__, __LINE__);
  111. header("Location: ?do=view_page");
  112. }
  113. /**
  114. * @action Send e-mail
  115. */
  116. elseif ($do =='send_email') {
  117. if ($_SERVER["REQUEST_METHOD"] == "POST") {
  118. $email = (isset($_POST['email'])? htmlentities($_POST['email']) : '');
  119. $invite = (isset($_POST['code'])? $_POST['code'] : '');
  120. if (!$email) stderr($lang['invites_error'], $lang['invites_noemail']);
  121. $check = (mysql_fetch_row(mysql_query('SELECT COUNT(*) FROM users WHERE email = ' . sqlesc($email)))) or sqlerr(__FILE__, __LINE__);
  122. if ($check[0] != 0) stderr('Error', 'This email address is already in use!');
  123. if (!validemail($email)) stderr($lang['invites_error'], $lang['invites_invalidemail']);
  124. $inviter = htmlspecialchars($CURUSER['username']);
  125. $body = <<<EOD
  126. You have been invited to {$TBDEV['site_name']} by $inviter. They have
  127. specified this address ($email) as your email. If you do not know this person, please ignore this email. Please do not reply.
  128. This is a private site and you must agree to the rules before you can enter:
  129. {$TBDEV['baseurl']}/useragreement.php
  130. {$TBDEV['baseurl']}/rules.php
  131. {$TBDEV['baseurl']}/faq.php
  132. ------------------------------------------------------------
  133. To confirm your invitation, you have to follow this link and type the invite code:
  134. {$TBDEV['baseurl']}/invite_signup.php
  135. Invite Code: $invite
  136. ------------------------------------------------------------
  137. After you do this, your inviter need's to confirm your account.
  138. We urge you to read the RULES and FAQ before you start using {$TBDEV['site_name']}.
  139. EOD;
  140. $sendit = mail($email, "You have been invited to {$TBDEV['site_name']}", $body, "From: {$TBDEV['site_email']}", "-f{$TBDEV['site_email']}");
  141. if (!$sendit) stderr($lang['invites_error'], $lang['invites_unable']);
  142. else stderr('', $lang['invites_confirmation']); }
  143. $id = (isset($_GET['id']) ? (int)$_GET['id'] : (isset($_POST['id']) ? (int)$_POST['id'] : ''));
  144. if (!is_valid_id($id)) stderr($lang['invites_error'], $lang['invites_invalid']);
  145. $query = mysql_query('SELECT * FROM invite_codes WHERE id = ' . sqlesc($id) . ' AND sender = ' . sqlesc($CURUSER['id']).' AND status = "Pending"') or sqlerr(__FILE__, __LINE__);
  146. $fetch = mysql_fetch_assoc($query) or stderr($lang['invites_error'], $lang['invites_noexsist']);
  147. $HTMLOUT .= "<form method='post' action='?do=send_email'><table border='1' cellspacing='0' cellpadding='10'>
  148. <tr><td class='rowhead'>E-Mail</td><td><input type='text' size='40' name='email' /></td></tr><tr><td colspan='2' align='center'><input type='hidden' name='code' value='".$fetch['code']."' /></td></tr><tr><td colspan='2' align='center'><input type='submit' value='Send e-mail' class='btn' /></td></tr></table></form>";
  149. print stdhead('Invites') . $HTMLOUT . stdfoot();
  150. }
  151. /**
  152. * @action Delete Invites
  153. */
  154. elseif ($do =='delete_invite') {
  155. $id = (isset($_GET["id"]) ? (int)$_GET["id"] : (isset($_POST["id"]) ? (int)$_POST["id"] : ''));
  156. $query = mysql_query('SELECT * FROM invite_codes WHERE id = ' . sqlesc($id) . ' AND sender = ' . sqlesc($CURUSER['id']).' AND status = "Pending"') or sqlerr(__FILE__, __LINE__);
  157. $assoc = mysql_fetch_assoc($query);
  158. if (!$assoc)
  159. stderr($lang['invites_error'],$lang['invites_noexsist']);
  160. isset($_GET['sure']) && $sure = htmlspecialchars($_GET['sure']);
  161. if (!$sure)
  162. stderr($lang['invites_delete1'], $lang['invites_sure'].' Click <a href="'.$_SERVER['PHP_SELF'].'?do=delete_invite&amp;id='.$id.'&amp;sender='.$CURUSER['id'].'&amp;sure=yes">here</a> to delete it or <a href="?do=view_page">here</a> to go back.');
  163. mysql_query('DELETE FROM invite_codes WHERE id = ' . sqlesc($id) . ' AND sender =' . sqlesc($CURUSER['id'].' AND status = "Pending"')) or sqlerr(__FILE__, __LINE__);
  164. mysql_query('UPDATE users SET invites = invites + 1 WHERE id = '.sqlesc($CURUSER['id'])) or sqlerr(__FILE__, __LINE__);
  165. header("Location: ?do=view_page");
  166. }
  167. /**
  168. * @action Confirm Accounts
  169. */
  170. elseif ($do ='confirm_account') {
  171. $userid = (isset($_GET["userid"]) ? (int)$_GET["userid"] : (isset($_POST["userid"]) ? (int)$_POST["userid"] : ''));
  172. if (!is_valid_id($userid))
  173. stderr($lang['invites_error'], $lang['invites_invalid']);
  174. $select = mysql_query('SELECT id, username FROM users WHERE id = ' . sqlesc($userid) . ' AND invitedby = ' . sqlesc($CURUSER['id'])) or sqlerr(__FILE__, __LINE__);
  175. $assoc = mysql_fetch_assoc($select);
  176. if (!$assoc)
  177. stderr($lang['invites_error'], $lang['invites_errorid']);
  178. isset($_GET['sure']) && $sure = htmlspecialchars($_GET['sure']);
  179. if (!$sure)
  180. stderr($lang['invites_confirm1'], $lang['invites_sure1'].' '.htmlspecialchars($assoc['username']).'\'s account? Click <a href="?do=confirm_account&amp;userid='.$userid.'&amp;sender='.$CURUSER['id'].'&amp;sure=yes">here</a> to confirm it or <a href="?do=view_page">here</a> to go back.');
  181. mysql_query('UPDATE users SET status = "confirmed" WHERE id = '.sqlesc($userid).' AND invitedby = '.sqlesc($CURUSER['id']).' AND status="pending"') or sqlerr(__FILE__, __LINE__);
  182. //==pm to new invitee/////
  183. $msg = sqlesc("Hey there :wave:
  184. Welcome to {$TBDEV['site_name']}!
  185. We have made many changes to the site, and we hope you enjoy them!
  186. We have been working hard to make {$TBDEV['site_name']} somethin' special!
  187. {$TBDEV['site_name']} has a strong community (just check out forums), and is a feature rich site. We hope you'll join in on all the fun!
  188. Be sure to read the {$TBDEV['baseurl']}/rules.php]Rules and {$TBDEV['baseurl']}[/COLOR]/faq.php]FAQ before you start using the site.[/COLOR]
  189. We are a strong friendly community here {$TBDEV['site_name']} is so much more then just torrents.
  190. Just for kicks, we've started you out with 200.0 Karma Bonus Points, and a couple of bonus GB to get ya started!
  191. so, enjoy
  192. cheers,
  193. {$TBDEV['site_name']} Staff");
  194. $id = $assoc["id"];
  195. $subject = sqlesc("Welcome to {$TBDEV['site_name']} !");
  196. $added = sqlesc(time());
  197. mysql_query("INSERT INTO messages (sender, subject, receiver, msg, added) VALUES (0, $subject, $id, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  198. ///////////////////end////////////
  199. header("Location: ?do=view_page");
  200. }
  201. ?>
invite_signup.php : Code: [Select] <?php require_once('include/bittorrent.php'); require_once('include/user_functions.php'); require_once('cache/timezones.php'); require_once('include/page_verify.php'); dbconn(); get_template(); $stdfoot = array(/** include js **/'js' => array('check','jquery.pstrength-min.1.2')); $lang = array_merge( load_language('global'), load_language('signup') ); $newpage = new page_verify(); $newpage->create('tkIs'); $res = mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__); $arr = mysql_fetch_row($res); if ($arr[0] >= $TBDEV['maxusers']) stderr("Sorry", "The current user account limit (" . number_format($TBDEV['maxusers']) . ") has been reached. Inactive accounts are pruned all the time, please check back again later..."); if(!$TBDEV['openreg']) stderr('Sorry', 'Invite only - Signups are closed presently'); // TIMEZONE STUFF $offset = (string)$TBDEV['time_offset']; $time_select = "<select name='user_timezone'>"; foreach( $TZ as $off => $words ) { if ( preg_match("/^time_(-?[\d\.]+)$/", $off, $match)) { $time_select .= $match[1] == $offset ? "<option value='{$match[1]}' selected='selected'>$words</option>\n" : "<option value='{$match[1]}'>$words</option>\n"; } } $time_select .= "</select>"; // TIMEZONE END $HTMLOUT=''; $HTMLOUT .= " <script type='text/javascript'> /*<![CDATA[*/ $(function() { $('.password').pstrength(); }); /*]]>*/ </script>"; // Normal Entry Point... $value = array('...','...','...','...','...','...'); $value[rand(1,count($value)-1)] = 'X'; $HTMLOUT .="<script type='text/javascript' src='scripts/jquery.js'></script> <script type='text/javascript' src='scripts/jquery.simpleCaptcha-0.2.js'></script> <script type='text/javascript'> $(document).ready(function () { $('#captchainvite').simpleCaptcha(); }); </script> <p>Note: You need cookies enabled to sign up or log in.</p> <form method='post' action='{$TBDEV['baseurl']}/take_invite_signup.php'> <noscript>Javascript must be enabled to login and use this site</noscript> <table border='1' cellspacing='0' cellpadding='10'> <tr><td align='right' class='heading'>Desired username:</td><td align='left'><input type='text' size='40' name='wantusername' id='wantusername' onblur='checkit();' /><div id='namecheck'></div></td></tr> <tr><td align='right' class='heading'>Pick a password:</td><td align='left'><input class='password' type='password' size='40' name='wantpassword' /></td></tr> <tr><td align='right' class='heading'>Enter password again:</td><td align='left'><input type='password' size='40' name='passagain' /></td></tr> <tr><td align='right' class='heading'>Enter invite-code:</td><td align='left'><input type='text' size='40' name='invite' /></td></tr> <tr valign='top'><td align='right' class='heading'>Email address:</td><td align='left'><input type='text' size='40' name='email' /> <table width='250' border='0' cellspacing='0' cellpadding='0'><tr><td class='embedded'><font class='small'>The email address must be valid. The email address won't be publicly shown anywhere unless you chose to from your settings.</font></td></tr></table></td></tr> <tr><td align='right' class='heading'>{$lang['signup_timez']}</td><td align='left'>{$time_select}</td></tr>"; //==Passhint $passhint=""; $questions = array( array("id"=> "1", "question"=> "{$lang['signup_q1']}"), array("id"=> "2", "question"=> "{$lang['signup_q2']}"), array("id"=> "3", "question"=> "{$lang['signup_q3']}"), array("id"=> "4", "question"=> "{$lang['signup_q4']}"), array("id"=> "5", "question"=> "{$lang['signup_q5']}"), array("id"=> "6", "question"=> "{$lang['signup_q6']}")); foreach($questions as $sph){ $passhint .= "<option value='".$sph['id']."'>".$sph['question']."</option>\n"; } $HTMLOUT .= "<tr><td align='right' class='heading'>{$lang['signup_select']}</td><td align='left'><select name='passhint'>\n$passhint\n</select></td></tr> <tr><td align='right' class='heading'>{$lang['signup_enter']}</td><td align='left'><input type='text' size='40' name='hintanswer' /><br /><font class='small'>{$lang['signup_this_answer']}<br />{$lang['signup_this_answer1']}</font></td></tr> <tr><td align='right' class='heading'></td><td align='left'><input type='checkbox' name='rulesverify' value='yes' /> I will read the site rules page.<br /> <input type='checkbox' name='faqverify' value='yes' /> I agree to read the FAQ before asking questions.<br /> <input type='checkbox' name='ageverify' value='yes' /> I am at least 18 years old.</td></tr> <tr><td class='rowhead' colspan='2' id='captchainvite'></td></tr> <tr><td align='center' colspan='2'>Now click the button marked <strong>X</strong> to complete the sign up!</td></tr><tr> <td colspan='2' align='center'>"; for ($i=0; $i < count($value); $i++) { $HTMLOUT .= "<input name=\"submitme\" type=\"submit\" value=\"".$value[$i]."\" class=\"btn\" />"; } $HTMLOUT .= "</td></tr></table></form>"; print stdhead('Invites') . $HTMLOUT . stdfoot($stdfoot); ?> take_invite_signup.php : Code: PHP
  1. <?php
  2. require_once('include/bittorrent.php');
  3. require_once('include/user_functions.php');
  4. require_once('include/password_functions.php');
  5. require_once('include/page_verify.php');
  6. dbconn();
  7. get_template();
  8. $lang = array_merge( load_language('global'), load_language('takesignup') );
  9. $newpage = new page_verify();
  10. $newpage->check('tkIs');
  11. $res = mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__);
  12. $arr = mysql_fetch_row($res);
  13. if ($arr[0] >= $TBDEV['maxusers'])
  14. stderr($lang['stderr_errorhead'], sprintf($lang['stderr_ulimit'], $TBDEV['maxusers']));
  15. if (!mkglobal("wantusername:wantpassword:passagain:email:invite:captchaSelection:submitme:passhint:hintanswer"))
  16. die();
  17. if ($submitme != 'X')
  18. stderr('Ha Ha', 'You Missed, You plonker !');
  19. if(empty($captchaSelection) || $_SESSION['simpleCaptchaAnswer'] != $captchaSelection){
  20. header('Location: invite_signup.php');
  21. exit();
  22. }
  23. function validusername($username) {
  24. if ($username == "")
  25. return false;
  26. // The following characters are allowed in user names
  27. $allowedchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
  28. for ($i = 0; $i < strlen($username); ++$i)
  29. if (strpos($allowedchars, $username[$i]) === false)
  30. return false;
  31. return true;
  32. }
  33. if (empty($wantusername) || empty($wantpassword) || empty($email) || empty($invite) || empty($passhint) || empty($hintanswer))
  34. stderr("Error","Don't leave any fields blank.");
  35. if(!blacklist($wantusername))
  36. stderr($lang['takesignup_user_error'],sprintf($lang['takesignup_badusername'],htmlspecialchars($wantusername)));
  37. if (strlen($wantusername) > 12)
  38. stderr("Error","Sorry, username is too long (max is 12 chars)");
  39. if ($wantpassword != $passagain)
  40. stderr("Error","The passwords didn't match! Must've typoed. Try again.");
  41. if (strlen($wantpassword) < 6)
  42. stderr("Error","Sorry, password is too short (min is 6 chars)");
  43. if (strlen($wantpassword) > 40)
  44. stderr("Error","Sorry, password is too long (max is 40 chars)");
  45. if ($wantpassword == $wantusername)
  46. stderr("Error","Sorry, password cannot be same as user name.");
  47. if (!validemail($email))
  48. stderr("Error","That doesn't look like a valid email address.");
  49. if (!validusername($wantusername))
  50. stderr("Error","Invalid username.");
  51. // make sure user agrees to everything...
  52. if ($_POST["rulesverify"] != "yes" || $_POST["faqverify"] != "yes" || $_POST["ageverify"] != "yes")
  53. stderr("Error","Sorry, you're not qualified to become a member of this site.");
  54. // check if email addy is already in use
  55. $a = (@mysql_fetch_row(mysql_query('SELECT COUNT(*) FROM users WHERE email = ' . sqlesc($email)))) or die(mysql_error());
  56. if ($a[0] != 0)
  57. stderr('Error', 'The e-mail address <b>' . htmlspecialchars($email) . '</b> is already in use.');
  58. //=== check if ip addy is already in use
  59. $c = (@mysql_fetch_row(mysql_query("select count(*) from users where ip='" . $_SERVER['REMOTE_ADDR'] . "'"))) or die(mysql_error());
  60. if ($c[0] != 0)
  61. stderr("Error", "The ip " . $_SERVER['REMOTE_ADDR'] . " is already in use. We only allow one account per ip address.");
  62. // TIMEZONE STUFF
  63. if(isset($_POST["user_timezone"]) && preg_match('#^\-?\d{1,2}(?:\.\d{1,2})?$#', $_POST['user_timezone']))
  64. {
  65. $time_offset = sqlesc($_POST['user_timezone']);
  66. }
  67. else
  68. {
  69. $time_offset = isset($TBDEV['time_offset']) ? sqlesc($TBDEV['time_offset']) : '0'; }
  70. // have a stab at getting dst parameter?
  71. $dst_in_use = localtime(time() + ($time_offset * 3600), true);
  72. // TIMEZONE STUFF END
  73. $select_inv = mysql_query('SELECT sender, receiver, status FROM invite_codes WHERE code = ' . sqlesc($invite)) or die(mysql_error());
  74. $rows = mysql_num_rows($select_inv);
  75. $assoc = mysql_fetch_assoc($select_inv);
  76. if ($rows == 0)
  77. stderr("Error","Invite not found.\nPlease request a invite from one of our members.");
  78. if ($assoc["receiver"]!=0)
  79. stderr("Error","Invite already taken.\nPlease request a new one from your inviter.");
  80. $secret = mksecret();
  81. $wantpasshash = make_passhash( $secret, md5($wantpassword) );
  82. $editsecret = ( !$arr[0] ? "" : make_passhash_login_key() );
  83. $wanthintanswer = md5($hintanswer);
  84. $new_user = mysql_query("INSERT INTO users (username, passhash, secret, passhint, hintanswer, editsecret, invitedby, email, ". (!$arr[0]?"class, ":"") ."added, last_access, last_login, time_offset, dst_in_use) VALUES (" .
  85. implode(",", array_map("sqlesc", array($wantusername, $wantpasshash, $secret, $editsecret, $passhint, $wanthintanswer, (int)$assoc['sender'], $email))).
  86. ", ". (!$arr[0]?UC_SYSOP.", ":""). "'". time() ."','". time() ."','". time() ."', $time_offset, {$dst_in_use['tm_isdst']})");
  87. $message = "Welcome New {$TBDEV['site_name']} Member : - " . htmlspecialchars($wantusername) . "";
  88. if (!$new_user) {
  89. if (mysql_errno() == 1062)
  90. stderr("Error","Username already exists!");
  91. stderr("Error","borked");
  92. }
  93. //===send PM to inviter
  94. $sender = $assoc["sender"];
  95. $added = sqlesc(time());
  96. $msg = sqlesc("Hey there [you] ! :wave:\nIt seems that someone you invited to {$TBDEV['site_name']} has arrived ! :clap2: \n\n Please go to your {$TBDEV['baseurl']}/invite.php]Invite page to confirm them so they can log in.\n\ncheers\n"[/COLOR]);
  97. $subject = sqlesc("Someone you invited has arrived!");
  98. mysql_query("INSERT INTO messages (sender, subject, receiver, msg, added) VALUES (0, $subject, $sender, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  99. //////////////end/////////////////////
  100. $id = mysql_insert_id();
  101. mysql_query('UPDATE invite_codes SET receiver = ' . sqlesc($id) . ', status = "Confirmed" WHERE sender = ' . sqlesc((int)$assoc['sender']). ' AND code = ' . sqlesc($invite)) or sqlerr(__FILE__, __LINE__);
  102. write_log('User account '.htmlspecialchars($wantusername).' was created!');
  103. autoshout($message);
  104. stderr('Success','Signup successfull, Your inviter needs to confirm your account now before you can use your account !');
  105. ?>
lang_invite_code.php : Code: PHP
  1. <?php
  2. $lang = array(
  3. #invite errors
  4. 'invites_error' => "Error",
  5. 'invites_deny' => "Denied",
  6. 'invites_limit' => "Sorry, user limit reached. Please try again later.",
  7. 'invites_disabled' => "Your invite sending privileges has been disabled by the Staff!",
  8. 'invites_noinvite' => "No invites !",
  9. 'invites_invalidemail' => "That doesn't look like a valid email address.",
  10. 'invites_noemail' => "You must enter an email address!",
  11. 'invites_unable' => "Unable to send mail. Please contact an administrator about this error.",
  12. 'invites_confirmation' => "A confirmation email has been sent to the address you specified.",
  13. 'invites_invalid' => "Invalid ID!",
  14. 'invites_noexsist' => "This invite code does not exist.",
  15. 'invites_sure' => "Are you sure you want to delete this invite code?",
  16. 'invites_errorid' => "No user with this ID.",
  17. 'invites_sure1' => "Are you sure you want to confirm",
  18. #invites
  19. 'invites_users' => "Invited Users",
  20. 'invites_nousers' => "No Invitees Yet",
  21. 'invites_username' => "Username",
  22. 'invites_uploaded' => "Uploaded",
  23. 'invites_downloaded' => "Downloaded",
  24. 'invites_ratio' => "Ratio",
  25. 'invites_status' => "Status",
  26. 'invites_confirm' => "Confirm",
  27. 'invites_confirm1' => "Confirmed",
  28. 'invites_pend' => "Pending",
  29. 'invites_codes' => "Created Invite Codes",
  30. 'invites_nocodes' => "You have not created any invite codes at the moment!",
  31. 'invites_date' => "Created Date",
  32. 'invites_delete' => "Delete",
  33. 'invites_create' => "Create Invite Code",
  34. 'invites_send_code' => "Send Invite Code",
  35. 'invites_delete1' => "Delete Invite",
  36. 'invites_confirm1' => "Confirmed Account",
  37. );
  38. ?>



Reply With Quote
Reply

Tags
disabling , invite , sign , ups

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT +2. The time now is 07:05. vBulletin skin by ForumMonkeys. Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2024, vBulletin Solutions Inc.