& Matías Parodi # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as # published by the Free Software Foundation, either version 3 of the # License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . # ## if (!defined("SECURITY")) { exit; } if ($_SESSION['LOGIN'] !== true) header("Location: {$base}home"); if ($_POST) { if (empty($_POST['email'])) header('Location: ' . $_SERVER['HTTP_REFERER']); $email = safe_str($_POST['email'], true); if (eregi('^[a-zA-Z0-9._-]+@[a-zA-Z0-9-]+\.[a-zA-Z.]{2,5}$', $email)) { $sql = "SELECT * FROM `users` WHERE (`users`.`username` = '" . $_SESSION['USERNAME'] . "') LIMIT 1;"; $result = mysql_query($sql); $row = mysql_fetch_assoc($result); mysql_free_result($result); if ($row['invitations'] > 0) { $token = substr(md5(rand()), 0, 10); $sql = "INSERT INTO `tokens` (`username`, `type`, `token`, `date`) VALUES ('" . $_SESSION['USERNAME'] . "', 'invitation', '" . $token . "', UNIX_TIMESTAMP());"; mysql_query($sql); $sql = "UPDATE `users` SET `invitations` = `invitations`-1 WHERE (`users`.`id_user` = '" . $_SESSION['ID_USER'] . "') LIMIT 1;"; mysql_query($sql); $old_msg_body = sprintf(_("%s te ha invitado a utilizar Jisko. ¿Por qué no pulsas en el enlace de debajo y te registras?\n\nLink de registro\n\nLa invitación es válida para la creación de un sólo usuario; después, será revocada.\n--\nAdministración de Jisko (%s)"), $_SESSION['USERNAME'], $token, $token, $CONFIG['EMAIL_CONTACT'], $CONFIG['EMAIL_CONTACT']); $msg_body = ereg_replace("\n", "
", $old_msg_body); $subject = sprintf(_("%s te ha invitado a Jisko"), $_SESSION['USERNAME']); $headers = "MIME-Version: 1.0\r\n"; $headers .= "Content-type: text/html; UTF-8\r\n"; $headers .= "From: Jisko <" . $CONFIG['EMAIL_CONTACT'] . ">"; @ mail($email, $subject, $msg_body, $headers); header('Location: ' . $_SERVER['HTTP_REFERER']); } else { echo _("No tienes ninguna invitación disponible."); } } else { $register_err = _('E-mail inválido'); } } ?>