= $invites) stderr( _("Error"), _("Sorry, user limit reached. Please try again later.") ); if($CURUSER["invites"] == 0) stderr(_("Sorry"),_("No invites!")); $mess= unesc($_POST["mess"]); if (!$mess) bark(_("You must enter a message!")); if (!mkglobal("email")) die(); function bark($msg) { stdhead(); stdmsg("Invite failed!", $msg); stdfoot(); exit; } if (!validemail($email)) bark( _("That doesn't look like a valid email address.") ); // check if email addy is already in use $a = (@mysql_fetch_row(@do_mysql_query("select count(*) from users where email='$email'"))) or die(mysql_error()); if ($a[0] != 0) bark("The e-mail address is already in use."); $secret = mksecret(); $editsecret = mksecret(); $username = rand(); $ret = mysql_query("INSERT INTO users (username, secret, editsecret, email, status, invited_by, added, inverted_added) VALUES (" . implode(",", array_map("sqlesc", array($username, $secret, $editsecret, $email, 'pending', $CURUSER["id"]))) . ",NOW(), 4294967295 - UNIX_TIMESTAMP())"); if (!$ret) { if (mysql_errno() == 1062) bark( _("Username already exists!") ); bark("borked"); } $id = mysql_insert_id(); $id2 = $CURUSER["id"]; $invites = $CURUSER["invites"]-1; $ret2 = do_mysql_query("UPDATE users SET invites='$invites' WHERE id = $id2"); $username=$CURUSER["username"]; $psecret = md5($editsecret); $message = ($html ? strip_tags($mess) : $mess); $body = <<