Location: PHPKode > projects > H-tracker > takeinvite.php
<?
//
//  H-Tracker v0.2
//    http://h-tracker.org
//    Based on TorrentTrader (http://www.torrenttrader.org)
//
//

require_once('backend/functions.php');
dbconn(false);
loggedinonly();

if (!$CURUSER)
show_error_msg("Error", "Access denied.",1);

$res = mysql_query("SELECT COUNT(*) FROM users") or die(mysql_error());
$arr = mysql_fetch_row($res);

$mess= unesc($_POST["mess"]);

if (!$mess)
show_error_msg("Error!", "You must enter a message!",1);

if (!mkglobal("email"))
die();


if (!validemail($email))
show_error_msg("Error!", "That doesn't look like a valid email address.",1);

// check if email addy is already in use
$a = (@mysql_fetch_row(@mysql_query("select count(*) from users where email='$email'"))) or die (mysql_error());
if ($a[0] != 0)
show_error_msg("Error!","The e-mail address $email is already in use.",1);

$secret = mksecret();
$editsecret = mksecret();
$username = rand();
$ret = mysql_query("INSERT INTO users (username, secret, editsecret, email, status, invited_by, added) VALUES (" .
implode(",", array_map("sqlesc", array($username, $secret, $editsecret, $email, 'pending', $CURUSER["id"]))) .
",'" . get_date_time() . "')");
if (!$ret) {
if (mysql_errno() == 1062)
show_error_msg("Error!", "Username already exists!",1);
//barkmsg("borked");
}
$id = mysql_insert_id();
$id2 = $CURUSER["id"];
$invites = $CURUSER["invites"]-1;
$invitees = $CURUSER["invitees"];
$invitees2 = "$id $invitees";
$ret2 = mysql_query("UPDATE users SET invites='$invites', invitees='$invitees2' WHERE id = $id2");
$username=$CURUSER["username"];

$psecret = md5($editsecret);

$message = ($html ? strip_tags($mess) : $mess);

$body = <<<EOD
You have been invited to $site_config[SITENAME] by $username. They have specified 
this address ($email) as your email. If you do not know this person, please 
ignore this email. Please do not reply.

Message:
-------------------------------------------------------------------------------
$message
-------------------------------------------------------------------------------

This is a private site and you must agree to the rules before you can enter:

$site_config[SITEURL]/rules.php

$site_config[SITEURL]/faq.php


To confirm your invitation, you have to follow this link:

$site_config[SITEURL]/confirminvite.php?id=$id&secret=$psecret

After you do this, you will be able to use your new account. If you fail to
do this, your account will be deleted within a few days. We urge you to read
the RULES and FAQ before you start using $site_config[SITENAME].
EOD;
mail($email, "$site_config[SITENAME] user registration confirmation", $body, "From: $site_config[SITEEMAIL]");

header("Refresh: 0; url=account-confirm-ok.php?type=invite&email=" . urlencode($email));


?>
Return current item: H-tracker