|
@@ -24,6 +24,11 @@ function hspech($str) {
|
|
|
|
|
|
require('include/randstr.php');
|
|
|
|
|
|
+function parsetempline($line,$substarr) {
|
|
|
+ $patterns=array('/%guestinsturi/','/%guestname/','/%guestemail/','/%guestpassword/','/%ourdomain/');
|
|
|
+ return(preg_replace($patterns,$substarr,$line));
|
|
|
+}
|
|
|
+
|
|
|
if (array_key_exists('id',$_GET) && preg_match('/^[0-9]+$/',$_GET['id'])===1) {
|
|
|
$_GET['id']+=0;
|
|
|
$res=mysqli_query($link,'SELECT * FROM Instances WHERE ID='.$_GET['id'])
|
|
@@ -33,15 +38,32 @@ if (array_key_exists('id',$_GET) && preg_match('/^[0-9]+$/',$_GET['id'])===1) {
|
|
|
$inst=mysqli_fetch_assoc($res);
|
|
|
if (trim($inst['Email'])=='')
|
|
|
muoribene('Nessun indirizzo email è definito per questa istanza.',true);
|
|
|
- $res=mysqli_query($link,'SELECT * FROM Admins WHERE Email=\''.myesc($link,$inst['Email']).'\'')
|
|
|
- or muoribene(__LINE__.': '.mysqli_error($link),true);
|
|
|
- (mysqli_num_rows($res)==0) ? $mode='create' : $mode='update';
|
|
|
+ $createacc='false';
|
|
|
+ if (!is_null($inst['GuestID'])) {
|
|
|
+ $res=mysqli_query($link,'SELECT * FROM Admins WHERE ID='.$inst['GuestID'])
|
|
|
+ or muoribene(__LINE__.': '.mysqli_error($link),true);
|
|
|
+ if (mysqli_num_rows($res)==0)
|
|
|
+ muoribene('Non esiste alcun account con ID='.$inst['GuestID'].'.',true);
|
|
|
+ $templfp='mailtemplates/reminder';
|
|
|
+ } else {
|
|
|
+ $res=mysqli_query($link,'SELECT * FROM Admins WHERE Email=\''.myesc($link,$inst['Email']).'\'')
|
|
|
+ or muoribene(__LINE__.': '.mysqli_error($link),true);
|
|
|
+ if (mysqli_num_rows($res)==0) {
|
|
|
+ $templfp='mailtemplates/first_invitation';
|
|
|
+ $createacc='true';
|
|
|
+ } else {
|
|
|
+ $templfp='mailtemplates/more_instances';
|
|
|
+ }
|
|
|
+ }
|
|
|
+ $templ=file($templfp,FILE_IGNORE_NEW_LINES);
|
|
|
+ if ($templ===false)
|
|
|
+ muoribene('Impossibile aprire «'.$templfp.'».',true);
|
|
|
+
|
|
|
$out='<form action="invite.php" method="post" id="f" onsubmit="return send();">'.N;
|
|
|
$out.='<table class="bigtab">'.N;
|
|
|
$out.='<tbody>'.N;
|
|
|
$out.='<tr><td class="insthead">Email di invito</td></tr>'.N;
|
|
|
$out.='<tr><td>'.N;
|
|
|
- $out.='<div class="mailheader"><strong>Mittente:</strong> '.hspech($iniarr['ref_name']).' '.hspech('<'.$iniarr['ref_email'].'>').'</div>'.N;
|
|
|
if (trim($inst['AdmDisplayName'])!='')
|
|
|
$admname=$inst['AdmDisplayName'];
|
|
|
elseif (trim($inst['AdmAccount'])!='')
|
|
@@ -50,69 +72,67 @@ if (array_key_exists('id',$_GET) && preg_match('/^[0-9]+$/',$_GET['id'])===1) {
|
|
|
$admname='';
|
|
|
$haddress=$inst['Email'];
|
|
|
if ($admname!='') $haddress=$admname.' <'.$haddress.'>';
|
|
|
- $out.='<div class="mailheader"><strong>Destinatario:</strong> '.hspech($haddress).'</div>'.N;
|
|
|
- $out.='<div class="mailheader"><strong>Oggetto:</strong> <input type="text" id="subject" name="subject" class="mailsubj" value="'.hspech($inst['URI']).' in our search engine"></div>'.N;
|
|
|
$madmname='';
|
|
|
if ($admname!='') $madmname=' '.$admname;
|
|
|
+ if ($admname=='') $admname='Unknown';
|
|
|
$password=randstr(16);
|
|
|
define('RN',"\r\n");
|
|
|
- if ($mode=='create')
|
|
|
- $message='Hello'.hspech($madmname).','.RN.'we are a little group of italian people who are trying to create a search engine for Mastodon instances.'.RN.'We’d like you to ....'.RN.RN.'Your login data:'.RN.RN.'Username: '.$inst['Email'].RN.'Password: '.hspech($password).RN.RN.'Kind regards'.RN;
|
|
|
- else
|
|
|
- $message='Hello'.hspech($madmname).','.RN.'we already contacted you ...';
|
|
|
- $out.='<textarea id="message" name="message" rows="20" class="mailmsg">'.$message.'</textarea>'.N;
|
|
|
- $out.='<input type="button" value="Crea l’account e invia la mail di invito" class="mailbut" onclick="send();">'.N;
|
|
|
+ //('/%guestinsturi/','/%guestname/','/%guestemail/','/%guestpassword/','/%ourdomain/')
|
|
|
+ $subj=parsetempline($templ[0],array($inst['URI'],$madmname,$inst['Email'],$password,$iniarr['site_domain']));
|
|
|
+ $message='';
|
|
|
+ for ($i=2; $i<count($templ); $i++)
|
|
|
+ $message.=parsetempline($templ[$i],array($inst['URI'],$madmname,$inst['Email'],$password,$iniarr['site_domain'])).RN;
|
|
|
+
|
|
|
+ $out.='<div class="mailheader"><strong>Mittente:</strong> '.hspech($iniarr['ref_name']).' '.hspech('<'.$iniarr['ref_email'].'>').'</div>'.N;
|
|
|
+ $out.='<div class="mailheader"><strong>Destinatario:</strong> '.hspech($haddress).'</div>'.N;
|
|
|
+ $out.='<div class="mailheader"><strong>Oggetto:</strong> <input type="text" id="subject" name="subject" class="mailsubj" value="'.hspech($subj).'"></div>'.N;
|
|
|
+ $out.='<textarea id="message" name="message" rows="20" class="mailmsg">'.hspech($message).'</textarea>'.N;
|
|
|
+ $out.='<input type="button" value="Invia" class="mailbut" onclick="send();">'.N;
|
|
|
$out.='<input type="hidden" name="id" value="'.$inst['ID'].'">'.N;
|
|
|
+ $out.='<input type="hidden" name="insturi" value="'.hspech($inst['URI']).'">'.N;
|
|
|
$out.='<input type="hidden" name="password" value="'.hspech($password).'">'.N;
|
|
|
- //$out.='<input type="hidden" name="mode" value="'.$mode.'">'.N;
|
|
|
+ $out.='<input type="hidden" name="to" value="'.hspech($haddress).'">'.N;
|
|
|
+ $out.='<input type="hidden" name="guestname" value="'.hspech($admname).'">'.N;
|
|
|
+ $out.='<input type="hidden" name="guestaddr" value="'.hspech($inst['Email']).'">'.N;
|
|
|
+ $out.='<input type="hidden" name="createacc" value="'.$createacc.'">'.N;
|
|
|
$out.='</td></tr>'.N;
|
|
|
$out.='</tbody>'.N;
|
|
|
$out.='</table>'.N;
|
|
|
$out.='</form>'.N;
|
|
|
-} elseif (array_key_exists('id',$_POST) && preg_match('/^[0-9]+$/',$_POST['id'])===1 && array_key_exists('subject',$_POST) && trim($_POST['subject'])!='' && array_key_exists('message',$_POST) && trim($_POST['message'])!='' && array_key_exists('password',$_POST) && trim($_POST['password'])!='') {
|
|
|
+ $insturi=$inst['URI'];
|
|
|
+} elseif (array_key_exists('id',$_POST) && preg_match('/^[0-9]+$/',$_POST['id'])===1 && array_key_exists('insturi',$_POST) && trim($_POST['insturi'])!='' && array_key_exists('subject',$_POST) && trim($_POST['subject'])!='' && array_key_exists('to',$_POST) && trim($_POST['to'])!='' && array_key_exists('message',$_POST) && trim($_POST['message'])!='' && array_key_exists('password',$_POST) && trim($_POST['password'])!='' && array_key_exists('guestaddr',$_POST) && trim($_POST['guestaddr'])!='' && array_key_exists('createacc',$_POST) && preg_match('/^true|false$/',$_POST['createacc'])===1) {
|
|
|
$_POST['id']+=0;
|
|
|
- //echo('<pre>'.print_r($_POST,1).'</pre>'.N);
|
|
|
- $res=mysqli_query($link,'SELECT * FROM Instances WHERE ID='.$_POST['id'])
|
|
|
- or muoribene(__LINE__.': '.mysqli_error($link),true);
|
|
|
- if (mysqli_num_rows($res)!=1)
|
|
|
- muoribene('Non esiste alcuna istanza con ID='.$_GET['id'],true);
|
|
|
- $inst=mysqli_fetch_assoc($res);
|
|
|
- if (trim($inst['AdmDisplayName'])!='') {
|
|
|
- $admname=$inst['AdmDisplayName'];
|
|
|
- $to=$inst['AdmDisplayName'];
|
|
|
- } elseif (trim($inst['AdmAccount'])!='') {
|
|
|
- $admname=$inst['AdmAccount'];
|
|
|
- $to=$inst['AdmAccount'];
|
|
|
- } else {
|
|
|
- $admname='Unknown';
|
|
|
- $to='';
|
|
|
- }
|
|
|
- if (trim($inst['Email'])!='')
|
|
|
- if ($to=='')
|
|
|
- $to=$inst['Email'];
|
|
|
- else
|
|
|
- $to.=' <'.$inst['Email'].'>';
|
|
|
- else
|
|
|
- muoribene('Nessun indirizzo email è definito per questa istanza.',true);
|
|
|
- $to='pezcurrel@tiscali.it';
|
|
|
$from=$iniarr['ref_name'].' <'.$iniarr['ref_email'].'>';
|
|
|
+ $to=$_POST['to'];
|
|
|
+ $dbchange=true;
|
|
|
+ //questo per far provette d'invio mail senza toccare il db
|
|
|
+ if ($iniarr['mail_test_address']==false || trim($iniarr['mail_test_address'])=='') {
|
|
|
+ $to=$iniarr['mail_test_address'];
|
|
|
+ $dbchange=false;
|
|
|
+ }
|
|
|
$mail=mail($to,'=?utf-8?B?'.base64_encode($_POST['subject']).'?=',wordwrap($_POST['message'],76,"\r\n",false),array('From'=>$from,'Content-Type'=>'text/plain; charset=UTF-8','Content-Transfer-Encoding'=>'8bit'));
|
|
|
if (!$mail) {
|
|
|
- $out='Non è stato possibile inviare l’email.<br>Puoi <a href="invite.php?id='.$inst['ID'].'">riprovare</a>.';
|
|
|
- } else {
|
|
|
- $res=mysqli_query($link,'SELECT * FROM Admins WHERE Email=\''.myesc($link,$inst['Email']).'\'')
|
|
|
- or muoribene(__LINE__.': '.mysqli_error($link),true);
|
|
|
- if (mysqli_num_rows($res)==0) {
|
|
|
- mysqli_query($link,'INSERT INTO Admins (ID, Username, Email, Password, Level, Page, MaxLocalities, MaxLanguages, MaxFinancing, MaxPolicies, MaxTags) VALUES (NULL, \''.myesc($link,$admname).'\', \''.myesc($link,$inst['Email']).'\', \''.myesc($link,password_hash($_POST['password'],PASSWORD_DEFAULT)).'\', \'guest\', \'0\', \'1\', \'0\', \'3\', \'3\', \'3\')')
|
|
|
+ $out='Errori nell’invio della mail.<br>Puoi <a href="invite.php?id='.$_POST['id'].'">riprovare</a>.';
|
|
|
+ } elseif ($dbchange) {
|
|
|
+ if ($_POST['createacc']=='true') {
|
|
|
+ mysqli_query($link,'INSERT INTO Admins (ID, Username, Email, Password, Level, Page, MaxLocalities, MaxLanguages, MaxFinancing, MaxPolicies, MaxTags, Enabled) VALUES (NULL, \''.myesc($link,$_POST['guestname']).'\', \''.myesc($link,$_POST['guestaddr']).'\', \''.myesc($link,password_hash($_POST['password'],PASSWORD_DEFAULT)).'\', \'guest\', \'0\', \'1\', \'0\', \'3\', \'3\', \'3\', \'1\')')
|
|
|
or muoribene(__LINE__.': '.mysqli_error($link),true);
|
|
|
$accid=mysqli_insert_id($link);
|
|
|
} else {
|
|
|
+ $res=mysqli_query($link,'SELECT * FROM Admins WHERE Email=\''.myesc($link,$_POST['guestaddr']).'\'')
|
|
|
+ or muoribene(__LINE__.': '.mysqli_error($link),true);
|
|
|
+ if (mysqli_num_rows($res)==0)
|
|
|
+ muoribene(__LINE__.': Non esiste alcun account con Email=“'.$_POST['guestaddr'].'”.',true);
|
|
|
$row=mysqli_fetch_assoc($res);
|
|
|
$accid=$row['ID'];
|
|
|
}
|
|
|
mysqli_query($link,'UPDATE Instances SET GuestID='.$accid.' WHERE ID='.$_POST['id'])
|
|
|
or muoribene(__LINE__.': '.mysqli_error($link),true);
|
|
|
+ $out='TUTT’OCCHEI!';
|
|
|
+ } else {
|
|
|
+ $out='La mail è stata inviata correttamente all’indirizzo di test definito nella configurazione, «'.$to.'».<br>Nessuna modifica è stata apportata al database.';
|
|
|
}
|
|
|
+ $insturi=$_POST['insturi'];
|
|
|
} else {
|
|
|
muoribene('Malformed input.',true);
|
|
|
}
|
|
@@ -123,7 +143,7 @@ mysqli_close($link);
|
|
|
<!DOCTYPE HTML>
|
|
|
<html lang="it">
|
|
|
<head>
|
|
|
-<title>Mustard - Invito admin di «<?php echo(hspech($inst['URI'])); ?>»</title>
|
|
|
+<title>Mustard - Invito admin di «<?php echo(hspech($insturi)); ?>»</title>
|
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
|
<meta name="description" content="Admin pages for Mastodon Startpage">
|
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
|
|
@@ -157,7 +177,7 @@ function send() {
|
|
|
<ul>
|
|
|
<?php echo($menuout); ?>
|
|
|
</ul>
|
|
|
-<div class="mtit">Invito admin di «<?php echo(hspech($inst['URI'])); ?>»</div>
|
|
|
+<div class="mtit">Invito admin di «<?php echo(hspech($insturi)); ?>»</div>
|
|
|
<div id="rightdiv">
|
|
|
<img src="imgs/esci.svg" class="rlinks" title="Esci" onclick="document.location.href='logout.php';">
|
|
|
</div>
|