1 Star 3 Fork 2

mojie126/HDCN-PT

加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
克隆/下载
takesignup.php 9.08 KB
一键复制 编辑 原始数据 按行查看 历史
mojie126 提交于 2015-12-09 14:45 . 函数名写错了...
<?php
require_once("include/bittorrent.php");
dbconn();
cur_user_check();
require_once(get_langfile_path("", true));
require_once(get_langfile_path("", false, get_langfolder_cookie()));
function bark($msg) {
global $lang_takesignup;
stdhead();
stdmsg($lang_takesignup['std_signup_failed'], $msg);
stdfoot();
exit;
}
$type = $_POST['type'];
if ($type == 'invite') {
registration_check("invitesystem", TRUE, TRUE, $_POST['hash']);
failedloginscheck("邀请注册");
if ($iv == "yes") {
check_code($_POST['imagehash'], $_POST['imagestring'], 'signup.php?type=invite&invitenumber=' . htmlspecialchars($_POST['hash']) . '&nonass=' . htmlspecialchars($_POST['checkass'] . ''));
}
$sq = sprintf("SELECT inviter FROM invites WHERE hash = '%s'", mysql_real_escape_string($_POST['hash']));
$res = sql_query($sq) or sqlerr(__FILE__, __LINE__);
$inv = mysql_fetch_assoc($res);
if (!$inv) {
stderr("错误", "不存在的邀请码", 0);
}
} else {
registration_check("normal");
failedloginscheck("自由注册");
if ($iv == "yes") {
check_code($_POST['imagehash'], $_POST['imagestring']);
}
}
function isportopen($port) {
$sd = @fsockopen($_SERVER["REMOTE_ADDR"], $port, $errno, $errstr, 1);
if ($sd) {
fclose($sd);
return true;
} else
return false;
}
function isproxy() {
$ports = array(80, 88, 1075, 1080, 1180, 1182, 2282, 3128, 3332, 5490, 6588, 7033, 7441, 8000, 8080, 8085, 8090, 8095, 8100, 8105, 8110, 8888, 22788);
for ($i = 0; $i < count($ports); ++$i)
if (isportopen($ports[$i]))
return true;
return false;
}
if ($type == 'invite') {
$inviter = $_POST["inviter"];
int_check($inviter);
$code = unesc($_POST["hash"]);
$ip = getip();
$res = sql_query("SELECT username FROM users WHERE id = $inviter") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res);
$invusername = $arr['username'];
}
if (!mkglobal("wantusername:wantpassword:passagain:email"))
die();
$email = safe_email(htmlspecialchars(trim($email)));
if (!check_email($email))
bark($lang_takesignup['std_invalid_email_address']);
if (EmailBanned($email))
bark($lang_takesignup['std_email_address_banned']);
if (!EmailAllowed($email))
bark($lang_takesignup['std_wrong_email_address_domains'] . allowedemails());
$country = $_POST["country"];
int_check($country);
if ($showschool == 'yes') {
$school = $_POST["school"];
int_check($school);
}
$gender = htmlspecialchars(trim($_POST["gender"]));
$allowed_genders = array("Male", "Female", "male", "female");
if (!in_array($gender, $allowed_genders, true))
bark($lang_takesignup['std_invalid_gender']);
if (empty($wantusername) || empty($wantpassword) || empty($email) || empty($country) || empty($gender))
bark($lang_takesignup['std_blank_field']);
//if (empty($wantusername) || empty($wantpassword) || empty($email) || empty($gender))
// bark($lang_takesignup['std_blank_field']);
if (utf8_strlen($wantusername) > 14)
bark($lang_takesignup['std_username_too_long']);
if (utf8_strlen($wantusername) < 4)
bark($lang_takesignup['std_username_too_short']);
if ($wantpassword != $passagain)
bark($lang_takesignup['std_passwords_unmatched']);
if (strlen($wantpassword) < 6)
bark($lang_takesignup['std_password_too_short']);
if (strlen($wantpassword) > 40)
bark($lang_takesignup['std_password_too_long']);
if ($wantpassword == $wantusername)
bark($lang_takesignup['std_password_equals_username']);
if (!validemail($email))
bark($lang_takesignup['std_wrong_email_address_format']);
if (!validusername($wantusername))
bark($lang_takesignup['std_invalid_username']);
// make sure user agrees to everything...
if ($_POST["rulesverify"] != "yes" || $_POST["faqverify"] != "yes" || $_POST["ageverify"] != "yes")
stderr($lang_takesignup['std_signup_failed'], $lang_takesignup['std_unqualified']);
// check if email addy is already in use
$a = mysql_num_rows(sql_query("SELECT id FROM users WHERE email = '" . mysql_real_escape_string($email) . "'"));
if ($a != 0) {
bark($lang_takesignup['std_email_address'] . $email . $lang_takesignup['std_in_use']);
}
if ($type == "invite") {
$a = mysql_num_rows(sql_query("SELECT id FROM invites WHERE hash = '" . mysql_real_escape_string($code) . "'"));
if ($a < 1) {
bark('不存在的邀请码');
}
$b = (mysql_fetch_array(sql_query("SELECT nonass FROM invites WHERE hash = '" . mysql_real_escape_string($code) . "'"))) or sqlerr(__FILE__, __LINE__);
if ($b['nonass'] == 'yes') {
$checknonass = 'no';
} else {
$checknonass = 'yes';
}
}
$secret = mksecret();
$wantpasshash = md5($secret . $wantpassword . $secret);
$editsecret = ($verification == 'admin' ? '' : $secret);
$invite_count = (int) $invite_count;
$wantusername = sqlesc($wantusername);
$wantpasshash = sqlesc($wantpasshash);
$secret = sqlesc($secret);
$editsecret = sqlesc($editsecret);
$send_email = $email;
$email = sqlesc($email);
$country = sqlesc($country);
$gender = sqlesc($gender);
$sitelangid = sqlesc(get_langid_from_langcookie());
$res_check_user = sql_query("SELECT * FROM users WHERE username = " . $wantusername);
if (mysql_num_rows($res_check_user) == 1)
bark($lang_takesignup['std_username_exists']);
$ret = sql_query("INSERT INTO users (username, passhash, secret, editsecret, email, country, gender, status, class, invites, " . ($type == 'invite' ? "invited_by," : "") . " added, last_access, lang, stylesheet" . ($showschool == 'yes' ? ", school" : "") . ",seedbonus, uploaded, ip, newuser, nonass) VALUES (" . $wantusername . "," . $wantpasshash . "," . $secret . "," . $editsecret . "," . $email . "," . $country . "," . $gender . ", 'pending', " . $defaultclass_class . "," . $invite_count . ", " . ($type == 'invite' ? "'$inviter'," : "") . " '" . date("Y-m-d H:i:s") . "' , " . " '" . date("Y-m-d H:i:s") . "' , " . $sitelangid . "," . $defcss . ($showschool == 'yes' ? "," . $school : "") . "," . ($iniseedbonus_main > 0 ? $iniseedbonus_main : 0) . "," . ($iniupload_main > 0 ? $iniupload_main : 0) . ",'" . getip() . "','" . ($type == 'invite' ? $checknonass : "yes") . "','" . ($type == 'invite' ? $b['nonass'] : "no") . "')") or sqlerr(__FILE__, __LINE__);
$id = mysql_insert_id();
$dt = sqlesc(date("Y-m-d H:i:s"));
$subject = sqlesc($lang_takesignup['msg_subject'] . $SITENAME . "!");
$msg = sqlesc($lang_takesignup['msg_congratulations'] . htmlspecialchars($wantusername) . $lang_takesignup['msg_you_are_a_member']);
sql_query("INSERT INTO messages (sender, receiver, subject, added, msg) VALUES(0, $id, $subject, $dt, $msg)") or sqlerr(__FILE__, __LINE__);
//write_log("User account $id ($wantusername) was created");
if ($securetracker == 'yes' || $securetracker == 'op')
$tracker_ssl = true;
elseif ($_COOKIE["c_secure_tracker_ssl"] == base64("yeah"))
$tracker_ssl = true;
else
$tracker_ssl = false;
if ($tracker_ssl == true) {
$ssl_invite = "https://";
} else {
$ssl_invite = "http://";
}
$res = sql_query("SELECT passhash, secret, editsecret, status FROM users WHERE id = " . sqlesc($id)) or sqlerr(__FILE__, __LINE__);
$row = mysql_fetch_assoc($res);
$psecret = md5($row['secret']);
$ip = getip();
$usern = htmlspecialchars($wantusername);
$title = $SITENAME . $lang_takesignup['mail_title'];
$body = <<<EOD
{$lang_takesignup['mail_one']}$usern{$lang_takesignup['mail_two']}($email){$lang_takesignup['mail_three']}$ip{$lang_takesignup['mail_four']}
<b><a href="$ssl_invite$BASEURL/confirm.php?id=$id&secret=$psecret" target=_blank>$ssl_invite$BASEURL/confirm.php?id=$id&secret=$psecret</a></b><br />
{$lang_takesignup['mail_four_1']}
<b><a href="$ssl_invite$BASEURL/confirm_resend.php" target=_blank>$ssl_invite$BASEURL/confirm_resend.php</a></b><br />
<br />
{$lang_takesignup['mail_five']}
EOD;
if ($verification == 'admin') {
if ($type == 'invite')
header("Location: " . get_protocol_prefix() . "$BASEURL/ok.php?type=inviter");
else
header("Location: " . get_protocol_prefix() . "$BASEURL/ok.php?type=adminactivate");
}
elseif ($verification == 'automatic' || $smtptype == 'none') {
header("Location: " . get_protocol_prefix() . "$BASEURL/confirm.php?id=$id&secret=$psecret");
} else {
sent_mail($send_email, $SITENAME, $SITEEMAIL, change_email_encode(get_langfolder_cookie(), $title), change_email_encode(get_langfolder_cookie(), $body), "signup", false, false, '', get_email_encode(get_langfolder_cookie()));
header("Location: " . get_protocol_prefix() . "$BASEURL/ok.php?type=signup&email=" . rawurlencode($send_email));
}
if ($type == 'invite') {
//don't forget to delete confirmed invitee's hash code from table invites
sql_query("DELETE FROM invites WHERE hash = '" . mysql_real_escape_string($code) . "'");
$dt = sqlesc(date("Y-m-d H:i:s"));
$subject = sqlesc($lang_takesignup_target[get_user_lang($inviter)]['msg_invited_user_has_registered']);
$msg = sqlesc($lang_takesignup_target[get_user_lang($inviter)]['msg_user_you_invited'] . $usern . $lang_takesignup_target[get_user_lang($inviter)]['msg_has_registered']);
//sql_query("UPDATE users SET uploaded = uploaded + 10737418240 WHERE id = $inviter"); //add 10GB to invitor's uploading credit
sql_query("INSERT INTO messages (sender, receiver, subject, added, msg) VALUES(0, $inviter, $subject, $dt, $msg)") or sqlerr(__FILE__, __LINE__);
$Cache->delete_value('user_' . $inviter . '_unread_message_count');
$Cache->delete_value('user_' . $inviter . '_inbox_count');
}
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
PHP
1
https://gitee.com/mojie126/HDCN-PT.git
git@gitee.com:mojie126/HDCN-PT.git
mojie126
HDCN-PT
HDCN-PT
master

搜索帮助