mirror of
https://github.com/lkddi/nexusphp.git
synced 2026-04-24 20:17:24 +08:00
invite signup check code's owner
This commit is contained in:
xiaomlove
@@ -0,0 +1,12 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace App\Models;
|
||||||
|
|
||||||
|
class Invite extends NexusModel
|
||||||
|
{
|
||||||
|
protected $table = 'invites';
|
||||||
|
|
||||||
|
protected $fillable = [
|
||||||
|
'inviter', 'invitee', 'hash', 'time_invited',
|
||||||
|
];
|
||||||
|
}
|
||||||
@@ -14,7 +14,6 @@ class NexusModel extends Model
|
|||||||
// protected $perPage = 2;
|
// protected $perPage = 2;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 为数组 / JSON 序列化准备日期。
|
|
||||||
*
|
*
|
||||||
* @param \DateTimeInterface $date
|
* @param \DateTimeInterface $date
|
||||||
* @return string
|
* @return string
|
||||||
|
|||||||
+12
-7
@@ -53,11 +53,16 @@ $inviter = $_POST["inviter"];
|
|||||||
$code = unesc($_POST["hash"]);
|
$code = unesc($_POST["hash"]);
|
||||||
|
|
||||||
//check invite code
|
//check invite code
|
||||||
$sq = sprintf("SELECT inviter FROM invites WHERE hash ='%s'",mysql_real_escape_string($code));
|
$sq = sprintf("SELECT id, inviter FROM invites WHERE hash ='%s'",mysql_real_escape_string($code));
|
||||||
$res = sql_query($sq) or sqlerr(__FILE__, __LINE__);
|
$res = sql_query($sq) or sqlerr(__FILE__, __LINE__);
|
||||||
$inv = mysql_fetch_assoc($res);
|
$inv = mysql_fetch_assoc($res);
|
||||||
if (!$inv)
|
if (!$inv)
|
||||||
bark('invalid invite code');
|
bark('invalid invite code');
|
||||||
|
if ($inv['inviter'] != $inviter) {
|
||||||
|
\App\Models\Invite::query()->where('id', $inv['id'])->delete();
|
||||||
|
stderr(nexus_trans('nexus.invalid_argument'), nexus_trans('invite.invalid_inviter'));
|
||||||
|
exit();
|
||||||
|
}
|
||||||
|
|
||||||
$ip = getip();
|
$ip = getip();
|
||||||
|
|
||||||
@@ -74,7 +79,7 @@ $email = htmlspecialchars(trim($email));
|
|||||||
$email = safe_email($email);
|
$email = safe_email($email);
|
||||||
if (!check_email($email))
|
if (!check_email($email))
|
||||||
bark($lang_takesignup['std_invalid_email_address']);
|
bark($lang_takesignup['std_invalid_email_address']);
|
||||||
|
|
||||||
if(EmailBanned($email))
|
if(EmailBanned($email))
|
||||||
bark($lang_takesignup['std_email_address_banned']);
|
bark($lang_takesignup['std_email_address_banned']);
|
||||||
|
|
||||||
@@ -89,15 +94,15 @@ $school = $_POST["school"];
|
|||||||
int_check($school);
|
int_check($school);
|
||||||
}
|
}
|
||||||
|
|
||||||
$gender = htmlspecialchars(trim($_POST["gender"]));
|
$gender = htmlspecialchars(trim($_POST["gender"]));
|
||||||
$allowed_genders = array("Male","Female","male","female");
|
$allowed_genders = array("Male","Female","male","female");
|
||||||
if (!in_array($gender, $allowed_genders, true))
|
if (!in_array($gender, $allowed_genders, true))
|
||||||
bark($lang_takesignup['std_invalid_gender']);
|
bark($lang_takesignup['std_invalid_gender']);
|
||||||
|
|
||||||
if (empty($wantusername) || empty($wantpassword) || empty($email) || empty($country) || empty($gender))
|
if (empty($wantusername) || empty($wantpassword) || empty($email) || empty($country) || empty($gender))
|
||||||
bark($lang_takesignup['std_blank_field']);
|
bark($lang_takesignup['std_blank_field']);
|
||||||
|
|
||||||
|
|
||||||
if (strlen($wantusername) > 12)
|
if (strlen($wantusername) > 12)
|
||||||
bark($lang_takesignup['std_username_too_long']);
|
bark($lang_takesignup['std_username_too_long']);
|
||||||
|
|
||||||
@@ -118,7 +123,7 @@ if (!validemail($email))
|
|||||||
|
|
||||||
if (!validusername($wantusername))
|
if (!validusername($wantusername))
|
||||||
bark($lang_takesignup['std_invalid_username']);
|
bark($lang_takesignup['std_invalid_username']);
|
||||||
|
|
||||||
// make sure user agrees to everything...
|
// make sure user agrees to everything...
|
||||||
if ($_POST["rulesverify"] != "yes" || $_POST["faqverify"] != "yes" || $_POST["ageverify"] != "yes")
|
if ($_POST["rulesverify"] != "yes" || $_POST["faqverify"] != "yes" || $_POST["ageverify"] != "yes")
|
||||||
stderr($lang_takesignup['std_signup_failed'], $lang_takesignup['std_unqualified']);
|
stderr($lang_takesignup['std_signup_failed'], $lang_takesignup['std_unqualified']);
|
||||||
@@ -127,7 +132,7 @@ if ($_POST["rulesverify"] != "yes" || $_POST["faqverify"] != "yes" || $_POST["ag
|
|||||||
$a = (@mysql_fetch_row(@sql_query("select count(*) from users where email='".mysql_real_escape_string($email)."'"))) or sqlerr(__FILE__, __LINE__);
|
$a = (@mysql_fetch_row(@sql_query("select count(*) from users where email='".mysql_real_escape_string($email)."'"))) or sqlerr(__FILE__, __LINE__);
|
||||||
if ($a[0] != 0)
|
if ($a[0] != 0)
|
||||||
bark($lang_takesignup['std_email_address'].$email.$lang_takesignup['std_in_use']);
|
bark($lang_takesignup['std_email_address'].$email.$lang_takesignup['std_in_use']);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
// do simple proxy check
|
// do simple proxy check
|
||||||
if (isproxy())
|
if (isproxy())
|
||||||
|
|||||||
@@ -0,0 +1,5 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
return [
|
||||||
|
'invalid_inviter' => 'Invalid inviter! The invite code is banned!',
|
||||||
|
];
|
||||||
@@ -0,0 +1,5 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
return [
|
||||||
|
'invalid_argument' => 'Invalid argument',
|
||||||
|
];
|
||||||
@@ -0,0 +1,5 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
return [
|
||||||
|
'invalid_inviter' => '非法邀请者!此邀请码已被禁用!',
|
||||||
|
];
|
||||||
@@ -0,0 +1,5 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
return [
|
||||||
|
'invalid_argument' => '参数错误',
|
||||||
|
];
|
||||||
@@ -0,0 +1,5 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
return [
|
||||||
|
'invalid_inviter' => '非法邀請者!此邀請碼已被禁用!',
|
||||||
|
];
|
||||||
@@ -0,0 +1,5 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
return [
|
||||||
|
'invalid_argument' => '參數錯誤',
|
||||||
|
];
|
||||||
Reference in New Issue
Block a user