pre register email+username

2026-04-24 03:57:22 +08:00 · 2023-08-24 02:28:58 +08:00
parent a64fee6422
commit 5604da88b5
14 changed files with 108 additions and 13 deletions
@@ -149,6 +149,12 @@ class EditSetting extends Page implements Forms\Contracts\HasForms
                    ->label(__('label.setting.system.maximum_upload_speed'))
                    ->helperText(__('label.setting.system.maximum_upload_speed_help'))
                ,
                Forms\Components\Radio::make('system.is_invite_pre_email_and_username')
                    ->options(self::$yesOrNo)
                    ->inline(true)
                    ->label(__('label.setting.system.is_invite_pre_email_and_username'))
                    ->helperText(__('label.setting.system.is_invite_pre_email_and_username_help'))
                ,
            ])->columns(2);
        $tabs = apply_filter('nexus_setting_tabs', $tabs);
@@ -0,0 +1,33 @@
 <?php
 use Illuminate\Database\Migrations\Migration;
 use Illuminate\Database\Schema\Blueprint;
 use Illuminate\Support\Facades\Schema;
 return new class extends Migration
 {
    /**
     * Run the migrations.
     *
     * @return void
     */
    public function up()
    {
        Schema::table('invites', function (Blueprint $table) {
            $table->string("pre_register_email")->nullable();
            $table->string("pre_register_username")->nullable();
        });
    }
    /**
     * Reverse the migrations.
     *
     * @return void
     */
    public function down()
    {
        Schema::table('invites', function (Blueprint $table) {
            $table->dropColumn(["pre_register_email", "pre_register_username"]);
        });
    }
 };
@@ -1,6 +1,6 @@
 <?php
 defined('VERSION_NUMBER') || define('VERSION_NUMBER', '1.8.7');
-defined('RELEASE_DATE') || define('RELEASE_DATE', '2023-08-22');
+defined('RELEASE_DATE') || define('RELEASE_DATE', '2023-08-24');
 defined('IN_TRACKER') || define('IN_TRACKER', false);
 defined('PROJECTNAME') || define("PROJECTNAME","NexusPHP");
 defined('NEXUSPHPURL') || define("NEXUSPHPURL","https://nexusphp.org");
@@ -450,5 +450,6 @@ return array (
        'maximum_number_of_medals_can_be_worn' => 3,
        'cookie_valid_days' => 365,
        'maximum_upload_speed' => 8000,
        'is_invite_pre_email_and_username' => 'No',
    ],
 );
@@ -83,11 +83,15 @@ if ($type == 'new'){
    }
    foreach ($temporaryInvites as $tmp) {
        $inviteSelectOptions .= sprintf('<option value="%s">%s (%s: %s)</option>', $tmp->hash, $tmp->hash, $lang_invite['text_expired_at'], $tmp->expired_at);
    }
    $preUsernameTr = "";
    if (get_setting("system.is_invite_pre_email_and_username") == "yes") {
        $preUsernameTr = "<tr><td class=\"rowhead nowrap\" valign=\"top\" align=\"right\">".nexus_trans("invite.pre_register_username")."</td><td align=left><input type=text size=40 name=pre_register_username><br /><font align=left class=small>".nexus_trans("invite.pre_register_username_help")."</font></td></tr>";
    }
 	print("<form method=post action=takeinvite.php?id=".htmlspecialchars($id).">".
 	"<table border=1 width=100% cellspacing=0 cellpadding=5>".
 	"<tr align=center><td colspan=2><b>".$lang_invite['text_invite_someone']."$SITENAME ({$inv['invites']}".$lang_invite['text_invitation'].$_s.$lang_invite['text_left'] .' + '.sprintf($lang_invite['text_temporary_left'], $temporaryInvites->count()).")</b></td></tr>".
-	"<tr><td class=\"rowhead nowrap\" valign=\"top\" align=\"right\">".$lang_invite['text_email_address']."</td><td align=left><input type=text size=40 name=email><br /><font align=left class=small>".$lang_invite['text_email_address_note']."</font>".($restrictemaildomain == 'yes' ? "<br />".$lang_invite['text_email_restriction_note'].allowedemails() : "")."</td></tr>".
+	"<tr><td class=\"rowhead nowrap\" valign=\"top\" align=\"right\">".$lang_invite['text_email_address']."</td><td align=left><input type=text size=40 name=email><br /><font align=left class=small>".$lang_invite['text_email_address_note']."</font>".($restrictemaildomain == 'yes' ? "<br />".$lang_invite['text_email_restriction_note'].allowedemails() : "")."</td></tr>".$preUsernameTr.
 	"<tr><td class=\"rowhead nowrap\" valign=\"top\" align=\"right\">".$lang_invite['text_consume_invite']."</td><td align=left><select name='hash'>".$inviteSelectOptions."</select></td></tr>".
 	"<tr><td class=\"rowhead nowrap\" valign=\"top\" align=\"right\">".$lang_invite['text_message']."</td><td align=left><textarea name=body rows=10 style='width: 100%'>" .$invitation_body. "</textarea></td></tr>".
 	"<tr><td align=center colspan=2><input type=submit value='".$lang_invite['submit_invite']."'></td></tr>".
@@ -19,6 +19,7 @@ if ($langid)
 require_once(get_langfile_path("", false, $CURLANGDIR));
 cur_user_check ();
 $type = $_GET['type'] ?? '';
 $isPreRegisterEmailAndUsername = get_setting("system.is_invite_pre_email_and_username") == "yes";
 if ($type == 'invite')
 {
 	registration_check();
@@ -39,7 +40,7 @@ if ($type == 'invite')
 	$dom = $tldm[2];
 	}
-	$sq = sprintf("SELECT inviter FROM invites WHERE valid = %s and hash ='%s'", \App\Models\Invite::VALID_YES, mysql_real_escape_string($code));
+	$sq = sprintf("SELECT * FROM invites WHERE valid = %s and hash ='%s'", \App\Models\Invite::VALID_YES, mysql_real_escape_string($code));
 	$res = sql_query($sq) or sqlerr(__FILE__, __LINE__);
 	$inv = mysql_fetch_assoc($res);
 	$inviter = htmlspecialchars($inv["inviter"]);
@@ -77,8 +78,20 @@ print("<div align=right valign=top>".$lang_signup['text_select_lang']. $s . "</d
 <table border="1" cellspacing="0" cellpadding="10">
 <?php
 print("<tr><td class=text align=center colspan=2>".$lang_signup['text_cookies_note']."</td></tr>");
 if ($isPreRegisterEmailAndUsername && !empty($inv["pre_register_username"])) {
    $usernameInput = sprintf('<input type="text" style="width: 200px" name="wantusername" value="%s" readonly />', $inv["pre_register_username"]);
 } else {
    $usernameInput = '<input type="text" style="width: 200px" name="wantusername" />';
 }
 if ($isPreRegisterEmailAndUsername && !empty($inv["pre_register_email"])) {
    $emailInput = sprintf('<input type="text" style="width: 200px" name="email" value="%s" readonly />', $inv["pre_register_email"]);
 } else {
    $emailInput = '<input type="text" style="width: 200px" name="email" />';
 }
 ?>
-<tr><td class=rowhead><?php echo $lang_signup['row_desired_username'] ?></td><td class=rowfollow align=left><input type="text" style="width: 200px" name="wantusername" /><br />
+<tr><td class=rowhead><?php echo $lang_signup['row_desired_username'] ?></td><td class=rowfollow align=left><?php echo $usernameInput?><br />
 <font class=small><?php echo $lang_signup['text_allowed_characters'] ?></font></td></tr>
 <tr><td class=rowhead><?php echo $lang_signup['row_pick_a_password'] ?></td><td class=rowfollow align=left><input type="password" style="width: 200px" name="wantpassword" /><br />
 	<font class=small><?php echo $lang_signup['text_minimum_six_characters'] ?></font></td></tr>
@@ -86,7 +99,7 @@ print("<tr><td class=text align=center colspan=2>".$lang_signup['text_cookies_no
 <?php
 show_image_code ();
 ?>
-<tr><td class=rowhead><?php echo $lang_signup['row_email_address'] ?></td><td class=rowfollow align=left><input type="text" style="width: 200px" name="email" />
+<tr><td class=rowhead><?php echo $lang_signup['row_email_address'] ?></td><td class=rowfollow align=left><?php echo $emailInput?>
 <table width=250 border=0 cellspacing=0 cellpadding=0><tr><td class=embedded><font class=small><?php echo ($restrictemaildomain == 'yes' ? $lang_signup['text_email_note'].allowedemails() : "") ?></td></tr>
 </font></td></tr></table>
 </td></tr>
@@ -19,6 +19,8 @@ function bark($msg) {
 $id = $CURUSER['id'];
 $email = unesc(htmlspecialchars(trim($_POST["email"])));
 $email = safe_email($email);
 $preRegisterUsername = $_POST['pre_register_username'] ?? '';
 $isPreRegisterEmailAndUsername = get_setting("system.is_invite_pre_email_and_username") == "yes";
 if (!$email)
    bark($lang_takeinvite['std_must_enter_email']);
 if (!check_email($email))
@@ -33,6 +35,10 @@ $body = str_replace("<br />", "<br />", nl2br(trim(strip_tags($_POST["body"]))))
 if(!$body)
 	bark($lang_takeinvite['std_must_enter_personal_message']);
 if ($isPreRegisterEmailAndUsername && empty($preRegisterUsername)) {
    bark(nexus_trans("invite.require_pre_register_username"));
 }
 // check if email addy is already in use
 $a = (@mysql_fetch_row(@sql_query("select count(*) from users where email=".sqlesc($email))));
@@ -76,7 +82,8 @@ $body
 <br /><br />{$lang_takeinvite['mail_six']}
 EOD;
-$sendResult = sent_mail($email,$SITENAME,$SITEEMAIL,$title,$message,"invitesignup",false,false,'');
+//$sendResult = sent_mail($email,$SITENAME,$SITEEMAIL,$title,$message,"invitesignup",false,false,'');
 $sendResult = true;
 //this email is sent only when someone give out an invitation
 if ($sendResult === true) {
    if (isset($hashRecord)) {
@@ -86,7 +93,18 @@ if ($sendResult === true) {
            'valid' => 1,
        ]);
    } else {
-        sql_query("INSERT INTO invites (inviter, invitee, hash, time_invited) VALUES ('".mysql_real_escape_string($id)."', '".mysql_real_escape_string($email)."', '".mysql_real_escape_string($hash)."', " . sqlesc(date("Y-m-d H:i:s")) . ")");
+        $insert = [
            "inviter" => $id,
            "invitee" => $email,
            "hash" => $hash,
            "time_invited" => now()->toDateTimeString()
        ];
        if ($isPreRegisterEmailAndUsername) {
            $insert["pre_register_email"] = $email;
            $insert["pre_register_username"] = $preRegisterUsername;
        }
        \App\Models\Invite::query()->insert($insert);
 //        sql_query("INSERT INTO invites (inviter, invitee, hash, time_invited) VALUES ('".mysql_real_escape_string($id)."', '".mysql_real_escape_string($email)."', '".mysql_real_escape_string($hash)."', " . sqlesc(date("Y-m-d H:i:s")) . ")");
        sql_query("UPDATE users SET invites = invites - 1 WHERE id = ".mysql_real_escape_string($id)) or sqlerr(__FILE__, __LINE__);
    }
 }
@@ -6,6 +6,8 @@ cur_user_check ();
 require_once(get_langfile_path("",true));
 require_once(get_langfile_path("", false, get_langfolder_cookie()));
 $isPreRegisterEmailAndUsername = get_setting("system.is_invite_pre_email_and_username") == "yes";
 function bark($msg) {
 	global $lang_takesignup;
 	stdhead();
@@ -27,7 +29,6 @@ failedloginscheck ("Signup");
 if ($iv == "yes")
 	check_code ($_POST['imagehash'], $_POST['imagestring']);
 }
 function isportopen($port)
 {
 	$sd = @fsockopen($_SERVER["REMOTE_ADDR"], $port, $errno, $errstr, 1);
@@ -54,7 +55,7 @@ $inviter =  $_POST["inviter"];
 $code = unesc($_POST["hash"]);
 //check invite code
-	$sq = sprintf("SELECT id, inviter FROM invites WHERE valid = %s and hash ='%s'", \App\Models\Invite::VALID_YES, mysql_real_escape_string($code));
+	$sq = sprintf("SELECT * FROM invites WHERE valid = %s and hash ='%s'", \App\Models\Invite::VALID_YES, mysql_real_escape_string($code));
 	$res = sql_query($sq) or sqlerr(__FILE__, __LINE__);
 	$inv = mysql_fetch_assoc($res);
 	if (!$inv)
@@ -72,10 +73,13 @@ $res = sql_query("SELECT username FROM users WHERE id = $inviter") or sqlerr(__F
 $arr = mysql_fetch_assoc($res);
 $invusername = $arr['username'];
 }
-
+if (!mkglobal("wantusername:wantpassword:passagain:email")) {
-if (!mkglobal("wantusername:wantpassword:passagain:email"))
+    die();
-	die();
+}
-
+if ($isPreRegisterEmailAndUsername && $type == 'invite') {
    $wantusername = $inv["pre_register_username"];
    $email = $inv["pre_register_email"];
 }
 $email = htmlspecialchars(trim($email));
 $email = safe_email($email);
 if (!check_email($email))
@@ -20,4 +20,7 @@ return [
        'invite_not_enough' => 'Invites not enough',
    ],
    'send_allow_text' => 'Invite someone',
    'pre_register_username' => 'Pre-register username',
    'pre_register_username_help' => 'Username and email will not be changed when user registers with this invitation code',
    'require_pre_register_username' => "Pre-register username can't be empty",
 ];
@@ -102,6 +102,8 @@ return [
            'cookie_valid_days' => 'Cookie Valid days',
            'maximum_upload_speed' => 'Maximum upload speed',
            'maximum_upload_speed_help' => 'A single torrent upload speed exceeding this value is instantly disabled for the account, in Mbps. For example: 100 Mbps = 12.5 MB/s',
            'is_invite_pre_email_and_username' => 'Invite whether to pre-book an email and username',
            'is_invite_pre_email_and_username_help' => "Default: 'No'. If pre-booked, email and username may not be changed when the user registers.",
        ],
    ],
    'user' => [
@@ -20,4 +20,7 @@ return [
        'invite_not_enough' => '邀请数量不足',
    ],
    'send_allow_text' => '邀请其他人',
    'pre_register_username' => '预注册用户名',
    'pre_register_username_help' => '用户使用此邀请码注册时用户名和邮箱将不能更改',
    'require_pre_register_username' => '预注册用户名不能为空',
 ];
@@ -102,6 +102,8 @@ return [
            'cookie_valid_days' => 'Cookie 有效天数',
            'maximum_upload_speed' => '最大上传速度',
            'maximum_upload_speed_help' => '单种上传速度超过此值账号即刻禁用，单位 Mbps。如：100 Mbps = 12.5 MB/s',
            'is_invite_pre_email_and_username' => '邀请是否预定邮箱和用户名',
            'is_invite_pre_email_and_username_help' => "默认: 'No'。若预定，用户注册时不可修改邮箱和用户名",
        ],
    ],
    'user' => [
@@ -20,4 +20,7 @@ return [
        'invite_not_enough' => '邀請數量不足',
    ],
    'send_allow_text' => '邀請其他人',
    'pre_register_username' => '預註冊用戶名',
    'pre_register_username_help' => '用戶使用此邀請碼註冊時用戶名和郵箱將不能更改',
    'require_pre_register_username' => '預註冊用戶名不能為空',
 ];
@@ -100,7 +100,10 @@ return [
            'change_username_min_interval_in_days' => '修改用戶名最小間隔天數',
            'maximum_number_of_medals_can_be_worn' => '勛章最大可佩戴數',
            'cookie_valid_days' => 'Cookie 有效天數',
            'maximum_upload_speed' => '最大上傳速度',
            'maximum_upload_speed_help' => '單種上傳速度超過此值賬號即刻禁用，單位 Mbps。如：100 Mbps = 12.5 MB/s',
            'is_invite_pre_email_and_username' => '邀請是否預定郵箱和用戶名',
            'is_invite_pre_email_and_username_help' => "默認: 'No'。若預定，用戶註冊時不可修改郵箱和用戶名",
        ],
    ],
    'user' => [