lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-23 19:37:23 +08:00
Code Issues Packages Projects Releases Wiki Activity

pre register email+username

Browse Source
This commit is contained in:
xiaomlove
2023-08-24 02:28:58 +08:00
parent a64fee6422
commit 5604da88b5
14 changed files with 108 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
public/invite.php
+5 -1
View File
@@ -83,11 +83,15 @@ if ($type == 'new'){
}
foreach ($temporaryInvites as $tmp) {
$inviteSelectOptions .= sprintf('<option value="%s">%s (%s: %s)</option>', $tmp->hash, $tmp->hash, $lang_invite['text_expired_at'], $tmp->expired_at);
}
$preUsernameTr = "";
if (get_setting("system.is_invite_pre_email_and_username") == "yes") {
$preUsernameTr = "<tr><td class=\"rowhead nowrap\" valign=\"top\" align=\"right\">".nexus_trans("invite.pre_register_username")."</td><td align=left><input type=text size=40 name=pre_register_username><br /><font align=left class=small>".nexus_trans("invite.pre_register_username_help")."</font></td></tr>";
}
print("<form method=post action=takeinvite.php?id=".htmlspecialchars($id).">".
"<table border=1 width=100% cellspacing=0 cellpadding=5>".
"<tr align=center><td colspan=2><b>".$lang_invite['text_invite_someone']."$SITENAME ({$inv['invites']}".$lang_invite['text_invitation'].$_s.$lang_invite['text_left'] .' + '.sprintf($lang_invite['text_temporary_left'], $temporaryInvites->count()).")</b></td></tr>".
"<tr><td class=\"rowhead nowrap\" valign=\"top\" align=\"right\">".$lang_invite['text_email_address']."</td><td align=left><input type=text size=40 name=email><br /><font align=left class=small>".$lang_invite['text_email_address_note']."</font>".($restrictemaildomain == 'yes' ? "<br />".$lang_invite['text_email_restriction_note'].allowedemails() : "")."</td></tr>".
"<tr><td class=\"rowhead nowrap\" valign=\"top\" align=\"right\">".$lang_invite['text_email_address']."</td><td align=left><input type=text size=40 name=email><br /><font align=left class=small>".$lang_invite['text_email_address_note']."</font>".($restrictemaildomain == 'yes' ? "<br />".$lang_invite['text_email_restriction_note'].allowedemails() : "")."</td></tr>".$preUsernameTr.
"<tr><td class=\"rowhead nowrap\" valign=\"top\" align=\"right\">".$lang_invite['text_consume_invite']."</td><td align=left><select name='hash'>".$inviteSelectOptions."</select></td></tr>".
"<tr><td class=\"rowhead nowrap\" valign=\"top\" align=\"right\">".$lang_invite['text_message']."</td><td align=left><textarea name=body rows=10 style='width: 100%'>" .$invitation_body. "</textarea></td></tr>".
"<tr><td align=center colspan=2><input type=submit value='".$lang_invite['submit_invite']."'></td></tr>".
public/signup.php
+16 -3
View File
@@ -19,6 +19,7 @@ if ($langid)
require_once(get_langfile_path("", false, $CURLANGDIR));
cur_user_check ();
$type = $_GET['type'] ?? '';
$isPreRegisterEmailAndUsername = get_setting("system.is_invite_pre_email_and_username") == "yes";
if ($type == 'invite')
{
registration_check();
@@ -39,7 +40,7 @@ if ($type == 'invite')
$dom = $tldm[2];
}
$sq = sprintf("SELECT inviter FROM invites WHERE valid = %s and hash ='%s'", \App\Models\Invite::VALID_YES, mysql_real_escape_string($code));
$sq = sprintf("SELECT * FROM invites WHERE valid = %s and hash ='%s'", \App\Models\Invite::VALID_YES, mysql_real_escape_string($code));
$res = sql_query($sq) or sqlerr(__FILE__, __LINE__);
$inv = mysql_fetch_assoc($res);
$inviter = htmlspecialchars($inv["inviter"]);
@@ -77,8 +78,20 @@ print("<div align=right valign=top>".$lang_signup['text_select_lang']. $s . "</d
<table border="1" cellspacing="0" cellpadding="10">
<?php
print("<tr><td class=text align=center colspan=2>".$lang_signup['text_cookies_note']."</td></tr>");
if ($isPreRegisterEmailAndUsername && !empty($inv["pre_register_username"])) {
$usernameInput = sprintf('<input type="text" style="width: 200px" name="wantusername" value="%s" readonly />', $inv["pre_register_username"]);
} else {
$usernameInput = '<input type="text" style="width: 200px" name="wantusername" />';
}
if ($isPreRegisterEmailAndUsername && !empty($inv["pre_register_email"])) {
$emailInput = sprintf('<input type="text" style="width: 200px" name="email" value="%s" readonly />', $inv["pre_register_email"]);
} else {
$emailInput = '<input type="text" style="width: 200px" name="email" />';
}
?>
<tr><td class=rowhead><?php echo $lang_signup['row_desired_username'] ?></td><td class=rowfollow align=left><input type="text" style="width: 200px" name="wantusername" /><br />
<tr><td class=rowhead><?php echo $lang_signup['row_desired_username'] ?></td><td class=rowfollow align=left><?php echo $usernameInput?><br />
<font class=small><?php echo $lang_signup['text_allowed_characters'] ?></font></td></tr>
<tr><td class=rowhead><?php echo $lang_signup['row_pick_a_password'] ?></td><td class=rowfollow align=left><input type="password" style="width: 200px" name="wantpassword" /><br />
<font class=small><?php echo $lang_signup['text_minimum_six_characters'] ?></font></td></tr>
@@ -86,7 +99,7 @@ print("<tr><td class=text align=center colspan=2>".$lang_signup['text_cookies_no
<?php
show_image_code ();
?>
<tr><td class=rowhead><?php echo $lang_signup['row_email_address'] ?></td><td class=rowfollow align=left><input type="text" style="width: 200px" name="email" />
<tr><td class=rowhead><?php echo $lang_signup['row_email_address'] ?></td><td class=rowfollow align=left><?php echo $emailInput?>
<table width=250 border=0 cellspacing=0 cellpadding=0><tr><td class=embedded><font class=small><?php echo ($restrictemaildomain == 'yes' ? $lang_signup['text_email_note'].allowedemails() : "") ?></td></tr>
</font></td></tr></table>
</td></tr>
public/takeinvite.php
+20 -2
View File
@@ -19,6 +19,8 @@ function bark($msg) {
$id = $CURUSER['id'];
$email = unesc(htmlspecialchars(trim($_POST["email"])));
$email = safe_email($email);
$preRegisterUsername = $_POST['pre_register_username'] ?? '';
$isPreRegisterEmailAndUsername = get_setting("system.is_invite_pre_email_and_username") == "yes";
if (!$email)
bark($lang_takeinvite['std_must_enter_email']);
if (!check_email($email))
@@ -33,6 +35,10 @@ $body = str_replace("<br />", "<br />", nl2br(trim(strip_tags($_POST["body"]))))
if(!$body)
bark($lang_takeinvite['std_must_enter_personal_message']);
if ($isPreRegisterEmailAndUsername && empty($preRegisterUsername)) {
bark(nexus_trans("invite.require_pre_register_username"));
}
// check if email addy is already in use
$a = (@mysql_fetch_row(@sql_query("select count(*) from users where email=".sqlesc($email))));
@@ -76,7 +82,8 @@ $body
<br /><br />{$lang_takeinvite['mail_six']}
EOD;
$sendResult = sent_mail($email,$SITENAME,$SITEEMAIL,$title,$message,"invitesignup",false,false,'');
//$sendResult = sent_mail($email,$SITENAME,$SITEEMAIL,$title,$message,"invitesignup",false,false,'');
$sendResult = true;
//this email is sent only when someone give out an invitation
if ($sendResult === true) {
if (isset($hashRecord)) {
@@ -86,7 +93,18 @@ if ($sendResult === true) {
'valid' => 1,
]);
} else {
sql_query("INSERT INTO invites (inviter, invitee, hash, time_invited) VALUES ('".mysql_real_escape_string($id)."', '".mysql_real_escape_string($email)."', '".mysql_real_escape_string($hash)."', " . sqlesc(date("Y-m-d H:i:s")) . ")");
$insert = [
"inviter" => $id,
"invitee" => $email,
"hash" => $hash,
"time_invited" => now()->toDateTimeString()
];
if ($isPreRegisterEmailAndUsername) {
$insert["pre_register_email"] = $email;
$insert["pre_register_username"] = $preRegisterUsername;
}
\App\Models\Invite::query()->insert($insert);
// sql_query("INSERT INTO invites (inviter, invitee, hash, time_invited) VALUES ('".mysql_real_escape_string($id)."', '".mysql_real_escape_string($email)."', '".mysql_real_escape_string($hash)."', " . sqlesc(date("Y-m-d H:i:s")) . ")");
sql_query("UPDATE users SET invites = invites - 1 WHERE id = ".mysql_real_escape_string($id)) or sqlerr(__FILE__, __LINE__);
}
}
public/takesignup.php
+10 -6
View File
@@ -6,6 +6,8 @@ cur_user_check ();
require_once(get_langfile_path("",true));
require_once(get_langfile_path("", false, get_langfolder_cookie()));
$isPreRegisterEmailAndUsername = get_setting("system.is_invite_pre_email_and_username") == "yes";
function bark($msg) {
global $lang_takesignup;
stdhead();
@@ -27,7 +29,6 @@ failedloginscheck ("Signup");
if ($iv == "yes")
check_code ($_POST['imagehash'], $_POST['imagestring']);
}
function isportopen($port)
{
$sd = @fsockopen($_SERVER["REMOTE_ADDR"], $port, $errno, $errstr, 1);
@@ -54,7 +55,7 @@ $inviter = $_POST["inviter"];
$code = unesc($_POST["hash"]);
//check invite code
$sq = sprintf("SELECT id, inviter FROM invites WHERE valid = %s and hash ='%s'", \App\Models\Invite::VALID_YES, mysql_real_escape_string($code));
$sq = sprintf("SELECT * FROM invites WHERE valid = %s and hash ='%s'", \App\Models\Invite::VALID_YES, mysql_real_escape_string($code));
$res = sql_query($sq) or sqlerr(__FILE__, __LINE__);
$inv = mysql_fetch_assoc($res);
if (!$inv)
@@ -72,10 +73,13 @@ $res = sql_query("SELECT username FROM users WHERE id = $inviter") or sqlerr(__F
$arr = mysql_fetch_assoc($res);
$invusername = $arr['username'];
}
if (!mkglobal("wantusername:wantpassword:passagain:email"))
die();
if (!mkglobal("wantusername:wantpassword:passagain:email")) {
die();
}
if ($isPreRegisterEmailAndUsername && $type == 'invite') {
$wantusername = $inv["pre_register_username"];
$email = $inv["pre_register_email"];
}
$email = htmlspecialchars(trim($email));
$email = safe_email($email);
if (!check_email($email))