Problem with invite system:

Ulovlig · #1 21st April 2011, 09:11

Hi!

I've added invite system. Everything is working gr8.
The only thing that doesnt work is wount print "Invited by" in userdetails.php Using TBDEV 2008 vers.

Line in userdetails:

Code:

print("<tr><td class=rowhead>Invited byt</td><td align=left>$invby</a></td></tr>\n");

Signup_inv.php

Code:

<?

require_once("include/bittorrent.php");
dbconn();

$res = mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res);
if ($arr[0] >= $maxusers)
    stderr("Sorry", "The current user account limit (" . number_format($maxusers) . ") has been reached. Inactive accounts are pruned all the time, please check back again later...");


stdhead("Signup");

?>
<!--
<table width=500 border=1 cellspacing=0 cellpadding=10><tr><td align=left>
<h2 align=center>Proxy check</h2>
<b><font color=red>Important - please read:</font></b> We do not accept users connecting through public proxies. When you
submit the form below we will check whether any commonly used proxy ports on your computer is open. If you have a firewall it may alert of you of port
scanning activity originating from <b>69.10.142.42</b> (torrentbits.org). This is only our proxy-detector in action.
<b>The check takes up to 30 seconds to complete, please be patient.</b> The IP address we will test is <b><?= $HTTP_SERVER_VARS["REMOTE_ADDR"]; ?></b>.
By proceeding with submitting the form below you grant us permission to scan certain ports on this computer.
</td></tr></table>
<p>
-->
Note: You need cookies enabled to sign up or log in.
<p>
<form method="post" action="takesignup.php">
<table border="1" cellspacing=0 cellpadding="10">
<tr><td align="right" class="heading">Desired username:</td><td align=left><input type="text" size="40" name="wantusername" /></td></tr>
<tr><td align="right" class="heading">Pick a password:</td><td align=left><input type="password" size="40" name="wantpassword" /></td></tr>
<tr><td align="right" class="heading">Enter password again:</td><td align=left><input type="password" size="40" name="passagain" /></td></tr>
<tr><td align="right" class="heading">Enter invite-code:<br><small>(Provided by your inviter)</small></td><td align=left><input type="text" size="40" name="invite" /></td></tr>
<tr valign=top><td align="right" class="heading">Email address:</td><td align=left><input type="text" size="40" name="email" />
<table width=250 border=0 cellspacing=0 cellpadding=0><tr><td class=embedded><font class=small>The email address must be valid.
You will receive a confirmation email which you need to respond to. The email address won't be publicly shown anywhere.</td></tr>
</font></td></tr></table>
</td></tr>
</td></tr>
<tr><td align="right" class="heading"></td><td align=left><input type=checkbox name=rulesverify value=yes> I have read the site rules page.<br>
<input type=checkbox name=faqverify value=yes> I agree to read the FAQ before asking questions.<br>
<input type=checkbox name=ageverify value=yes> I am at least 13 years old.</td></tr>
<tr><td colspan="2" align="center"><input type=submit value="Sign up! (PRESS ONLY ONCE)" style='height: 25px'></td></tr>
</table>
</form>
<?

stdfoot();

?>

Takesignup_inv.php

Code:

<?

require_once("include/bittorrent.php");

hit_start();

dbconn();

$res = mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res);
if ($arr[0] >= $maxusers)
    stderr("Error", "Sorry, user limit reached. Please try again later.");

if (!mkglobal("wantusername:wantpassword:passagain:invite:email"))
    die();

function bark($msg) {
  stdhead();
    stdmsg("Signup failed!", $msg);
  stdfoot();
  exit;
}

function validusername($username)
{
    if ($username == "")
   return false;

    // The following characters are allowed in user names
    $allowedchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";

    for ($i = 0; $i < strlen($username); ++$i)
   if (strpos($allowedchars, $username[$i]) === false)
     return false;

    return true;
}

function isportopen($port)
{
    global $HTTP_SERVER_VARS;
    $sd = @fsockopen($HTTP_SERVER_VARS["REMOTE_ADDR"], $port, $errno, $errstr, 1);
    if ($sd)
    {
  fclose($sd);
  return true;
    }
    else
  return false;
}
/*
function isproxy()
{
    $ports = array(80, 88, 1075, 1080, 1180, 1182, 2282, 3128, 3332, 5490, 6588, 7033, 7441, 8000, 8080, 8085, 8090, 8095, 8100, 8105, 8110, 8888, 22788);
    for ($i = 0; $i < count($ports); ++$i)
  if (isportopen($ports[$i])) return true;
    return false;
}
*/

if (empty($wantusername) || empty($wantpassword) || empty($email))
    bark("Don't leave any fields blank.");

if (strlen($wantusername) > 12)
    bark("Sorry, username is too long (max is 12 chars)");

if ($wantpassword != $passagain)
    bark("The passwords didn't match! Must've typoed. Try again.");

if (strlen($wantpassword) < 6)
    bark("Sorry, password is too short (min is 6 chars)");

if (strlen($wantpassword) > 40)
    bark("Sorry, password is too long (max is 40 chars)");

if ($wantpassword == $wantusername)
    bark("Sorry, password cannot be same as user name.");

if (!validemail($email))
    bark("That doesn't look like a valid email address.");

if (!validusername($wantusername))
    bark("Invalid username.");


// check if email addy is already in use
$a = (@mysql_fetch_row(@mysql_query("select count(*) from users where email='$email'"))) or die(mysql_error());
if ($a[0] != 0)
  bark("The e-mail address $email is already in use.");

/*
// do simple proxy check
if (isproxy())
    bark("You appear to be connecting through a proxy server. Your organization or ISP may use a transparent caching HTTP proxy. Please try and access the site on <a href=http://torrentbits.org:81/signup.php>port 81</a> (this should bypass the proxy server). <p><b>Note:</b> if you run an Internet-accessible web server on the local machine you need to shut it down until the sign-up is complete.");
*/
hit_count();

$secret = mksecret();
$wantpasshash = md5($secret . $wantpassword . $secret);
$editsecret = (!$arr[0]?"":mksecret());

$r = mysql_query("SELECT inviter, inviteid, confirmed FROM invites WHERE invite='$invite'");

if (mysql_num_rows($r) == 0)
    bark ("Invite $invite not found.\nPlease retry signup or request a new one.");

$a = mysql_fetch_assoc($r);

if ($a["inviteid"]!=0)
    bark ("Invite $invite already taken.\nPlease request a new one with your inviter.");

$ret = mysql_query("INSERT INTO users (username, passhash, secret, editsecret, invitedby, email, ". (!$arr[0]?"class, ":"") ."added) VALUES (" .
  implode(",", array_map("sqlesc", array($wantusername, $wantpasshash, $secret, $editsecret, $a['inviter'], $email))).
  ", ". (!$arr[0]?UC_SYSOP.", ":""). "'". get_date_time() ."')");

if (!$ret) {
    if (mysql_errno() == 1062)
  bark("Username already exists!");
    bark("borked");
}

$id = mysql_insert_id();

//write_log("User account $id ($wantusername) was created");

$psecret = md5($editsecret);

$ret = mysql_query("UPDATE invites SET inviteid=$id, confirmed='yes' WHERE invite='$invite'");

if($arr[0])
$id = mysql_insert_id();

$dt = sqlesc(get_date_time());
$msg = sqlesc("Congratulations $wantusername,\nYou Are Now A Member of $SITENAME,\nWe Would Like To Take This Opportunity To Say Hello And Welcome To $SITENAME!\nPlease Be Sure To Read The Rules And Be Sure To Stop By The Forums And Say Hello!Please don't use cheat mods, or RatioFucker/RatioMaker. We have scripts embedded within the tracker that can highlight anomilies, and alert staff. So far, most of our cheaters have received warnings, and have their upload reset to ZERO. We are constantly refining the scripts to spot the new mods appearing, and we have trained administrators who can recognise when someone is cheating. This practice is unneccessary, as we have the three day rule, so ratio cheating serves no purposes anyway. Not one member has been disabled for a poor ratio. We have only disabled members for Hit & Running, and Cheating.We expect members to seed to 1.00 on every torrent, or until 3 people complete it, whichever comes first.Please also note that we don't allow duplicate IP accounts. If you need a duplicate IP account, such as a family member/friend using the same PC for their account, please speak to the staff first, explaining why you need a dupliacte account. Any duplicate accounts created without the knowledge of the staff will be disabled.\nEnjoy Your Stay.\nRegards\nThe Staff of $SITENAME ");
mysql_query("INSERT INTO messages (sender, receiver, added, msg, poster) VALUES(0, $id, $dt, $msg, 0)") or sqlerr(__FILE__, __LINE__);

//write_log("User account $id ($wantusername) was created");

$psecret = md5($editsecret);

$body = "Signup successfull! Your inviter needs to confirm your account now. Then you can login.";

//mail($email, "$SITENAME user registration confirmation", $body, "From: $SITEEMAIL", "-f$SITEEMAIL");

stdhead();
print($body);
stdfoot();

hit_end();

?>

cherwonk · #2 30th April 2011, 01:36

in userdetails you need more than just the line of code that displays who invited.. you need a query to actually get the info from the database.
I use 09 source mine might not work for you , but heres a somewhat converted one

Code:

if ($CURUSER['class'] >= UC_MODERATOR && $user['invitedby'] > 0 || $user['id'] == $CURUSER['id'] && $user['invitedby'] > 0) {
                 $invitedby = mysql_query('SELECT username FROM users WHERE id = ' . sqlesc($user['invitedby']));
                 $invitedby2 = mysql_fetch_array($invitedby);
print("<tr><td class='rowhead'>Invited by</td><td align='left'><a href='{$BASEURL]}/userdetails.php?id=".$user['invitedby']."'>'".htmlspecialchars($invitedby2['username'])."'</a></td></tr>\n"); 
}

give this a shot,