' . __("Invite a friend", "secure_invite") . '

'; // if an email has been supplied if (@$_POST['invite-email'] != "" && is_email($_POST['invite-email'])) { // if the invite can be sent if (secure_invite_send()) { // show the success message echo '

' . __("Thanks, your invitation has been sent", "secure_invite") . '

'; secure_invite_buddypress_form(true, false); } else { // show the error message echo '

' . __("Sorry, your invitation could not be sent. Perhaps this email address is already registered. Please try again.", "secure_invite") . '

'; secure_invite_buddypress_form(true, true); } } else { echo '

' . __("You must supply a valid email address. Please try again.", "secure_invite") . '

'; secure_invite_buddypress_form(true, true); } echo '
'; locate_template( array( 'sidebar.php' ), true ); get_footer(); exit(); } } // add actions for Buddypress function secure_invite_add_buddypress_theme_actions() { $actionlist = stripslashes( get_site_option("secure_invite_buddypress_theme_actions") ); if ($actionlist != "") { if (strpos($actionlist, ",") !== false) { $actions = explode(",", $actionlist); foreach($actions as $action) { add_action($action, 'secure_invite_buddypress_form'); } } else { add_action($actionlist, 'secure_invite_buddypress_form'); } add_action("wp_head", "secure_invite_buddypress_head_js"); } } secure_invite_add_buddypress_theme_actions(); function secure_invite_buddypress_head_js() { echo ' '; } // when wp-signup.php or another restricted page is requested, and open signup is disabled if (secure_invite_is_restricted_page() && stripslashes( get_site_option("secure_invite_open_signup") ) != "1") { // set the signup request as not valid $valid = false; // check the email address is a valid invitation if (isset($_SERVER["QUERY_STRING"]) && (secure_invites_is_valid_email($_SERVER["QUERY_STRING"]) || secure_invites_is_valid_email(trim(@$_POST["user_email"])))) { $valid = true; if ($_SERVER["QUERY_STRING"] != "") { $_POST['user_email'] = $_SERVER["QUERY_STRING"]; } } // if the signup request is not valid if (!$valid) { // show the message $secure_invite_no_invite_message = stripslashes( get_site_option("secure_invite_no_invite_message") ); if ($secure_invite_no_invite_message == "") { $secure_invite_no_invite_message = secure_invite_default_setting("secure_invite_no_invite_message"); } // stop processing wp_die($secure_invite_no_invite_message); exit(); } } // when a user is registered function secure_invite_user_registered($user_id) { // get the email of the new user $user = get_userdata($user_id); $email = $user->user_email; // check if this is an invited email address $invited = secure_invites_is_valid_email($email); if ($invited) { // get the id of the level 1 inviter $inviterid_1 = secure_invite_get_inviter_id($email); // increase the level 1 inviter points by 5 $points_1 = (int)get_usermeta($inviterid_1, "secure_invite_points"); update_usermeta($inviterid_1, "secure_invite_points", ($points_1+5)); // get the inviter 1 email $inviter_1 = get_userdata($inviterid_1); $email_1 = $inviter_1->user_email; // get the id of the level 2 inviter $inviterid_2 = secure_invite_get_inviter_id($email_1); // if they were invited if ($inviterid_2 != "") { // increase the level 2 inviter points by 2 $points_2 = (int)get_usermeta($inviterid_2, "secure_invite_points"); update_usermeta($inviterid_2, "secure_invite_points", ($points_2+2)); // get the inviter 2 email $inviter_2 = get_userdata($inviterid_2); $email_2 = $inviter_2->user_email; // get the id of the level 3 inviter $inviterid_3 = secure_invite_get_inviter_id($email_2); // if they were invited if ($inviterid_3 != "") { // increase the level 3 inviter points by 1 $points_3 = (int)get_usermeta($inviterid_3, "secure_invite_points"); update_usermeta($inviterid_3, "secure_invite_points", ($points_3+1)); } } } } // get the inviter user id of an email address function secure_invite_get_inviter_id($email) { global $wpdb; $sql = $wpdb->prepare("select user_id from ".$wpdb->base_prefix."invitations where invited_email = '%s';", $email); return $wpdb->get_var($sql); } // check if this is a restricted page function secure_invite_is_restricted_page() { $secure_invite_signup_page = stripslashes( get_site_option("secure_invite_signup_page") ); if ( $secure_invite_signup_page == "" ) { $secure_invite_signup_page = secure_invite_default_setting("secure_invite_signup_page"); } if ( strpos( $secure_invite_signup_page, "," ) !== false ) { $pages = explode( ",", $secure_invite_signup_page ); foreach( $pages as $page ) { if ( strpos( $_SERVER["REQUEST_URI"], $page ) !== false ) { return true; } } } else { if ( strpos( $_SERVER["REQUEST_URI"], $secure_invite_signup_page ) !== false ) { return true; } } return false; } // check an email address has been invited function secure_invites_is_valid_email($email) { if ($email && is_email($email)) { $timelimit = stripslashes( get_site_option("secure_invite_signup_time_limit") ); if ($timelimit == "") { // default time limit of 3 days $timelimit = 3; } global $wpdb; $sql = $wpdb->prepare("select count(id) from ".$wpdb->base_prefix."invitations where invited_email = '%s' and UNIX_TIMESTAMP(datestamp) > %d;", $email, (time()-($timelimit*60*60*24))); $invites = $wpdb->get_var($sql); if ($invites == "0") { return false; } else { return true; } } else { return false; } } // add the admin invitation button function secure_invites_add_admin() { $secure_invite_show_admin_link = stripslashes( get_site_option("secure_invite_show_admin_link") ); if ($secure_invite_show_admin_link == "") { $secure_invite_show_admin_link = "yes"; } // if the user can send invites if (secure_invite_user_can_invite() && $secure_invite_show_admin_link == "yes") { add_submenu_page('index.php', __('Invite friends', "secure_invite"), __('Invite friends', "secure_invite"), 0, 'secure_invite', 'secure_invite_admin'); } add_submenu_page('wpmu-admin.php', __('Invites', "secure_invite"), __('Invites', "secure_invite"), 10, 'secure_invite_list', 'secure_invite_list'); } function secure_invites_add_admin_js() { if ($_GET["page"] == "secure_invite_list" && $_GET["view"] == "settings"){ echo ' '; } } // add the list of invitations function secure_invite_list() { if (@$_GET["view"] == "") { secure_invite_list_page(); } else if (@$_GET["view"] == "settings") { secure_invite_settings(); } else if (@$_GET["view"] == "users") { secure_invite_users(); } secure_invite_wp_plugin_standard_footer( "GBP", "Secure invites", "Chris Taylor", "chris@stillbreathing.co.uk", "http://wordpress.org/extend/plugins/wordpress-mu-secure-invites/" ); echo ''; } // return a default setting function secure_invite_default_setting($name) { if ($name == "secure_invite_days_after_joining") { return "30"; } if ($name == "secure_invite_signup_page") { return "wp-signup.php,/register"; } if ($name == "secure_invite_registration_page") { return trim(get_bloginfo("wpurl"), '/') . "/wp-signup.php"; } if ($name == "secure_invite_no_invite_message") { return "Sorry, you must be invited to join this community."; } if ($name == "secure_invite_signup_time_limit") { return 3; } if ($name == "secure_invite_invite_limit") { return 0; } if ($name == "secure_invite_show_admin_link") { return "yes"; } if ($name == "secure_invite_default_message") { return "---------------------------------------------------------------------------------------- You have been invited to open a free weblog at [sitename]. To open and register for your weblog today, please visit [signuplink] Regards, [name] This invitation will work for the next [timeout] days. After that your invitation will expire and you will have to be invited again. If clicking the links in this message does not work, copy and paste them into the address bar of your browser."; } if ($name == "secure_invite_buddypress_theme_actions") { return "bp_members_directory_member_types"; } } // show the settings for secure invites function secure_invite_settings() { // check the invites table exists secure_invite_check_table(); if (@$_POST && is_array($_POST) && count($_POST) > 0) { // if a preset has been chosen if ($_POST["secure_invite_preset"] != "" && $_POST["secure_invite_preset"] != "5") { // general settings $_POST["secure_invite_days_after_joining"] = secure_invite_default_setting("secure_invite_days_after_joining"); $_POST["secure_invite_signup_page"] = secure_invite_default_setting("secure_invite_signup_page"); $_POST["secure_invite_registration_page"] = secure_invite_default_setting("secure_invite_registration_page"); $_POST["secure_invite_no_invite_message"] = secure_invite_default_setting("secure_invite_no_invite_message"); $_POST["secure_invite_signup_time_limit"] = secure_invite_default_setting("secure_invite_signup_time_limit"); $_POST["secure_invite_default_message"] = secure_invite_default_setting("secure_invite_default_message"); $_POST["secure_invite_open_signup"] = "1"; $_POST["secure_invite_invite_limit"] = secure_invite_default_setting("secure_invite_invite_limit"); $_POST["secure_invite_show_admin_link"] = secure_invite_default_setting("secure_invite_show_admin_link"); // preset 1 if ($_POST["secure_invite_preset"] == "1") { $_POST["secure_invite_days_after_joining"] = 0; $_POST["secure_invite_invite_limit"] = 0; } // preset 2 if ($_POST["secure_invite_preset"] == "2") { $_POST["secure_invite_days_after_joining"] = 0; $_POST["secure_invite_invite_limit"] = 0; $_POST["secure_invite_open_signup"] = ""; } // preset 3 if ($_POST["secure_invite_preset"] == "3") { $_POST["secure_invite_days_after_joining"] = 30; $_POST["secure_invite_invite_limit"] = 0; $_POST["secure_invite_open_signup"] = ""; } // preset 4 if ($_POST["secure_invite_preset"] == "4") { $_POST["secure_invite_days_after_joining"] = 30; $_POST["secure_invite_invite_limit"] = 10; $_POST["secure_invite_open_signup"] = ""; } } // save the settings update_site_option("secure_invite_preset", (int)$_POST["secure_invite_preset"]); update_site_option("secure_invite_days_after_joining", (int)$_POST["secure_invite_days_after_joining"]); update_site_option("secure_invite_signup_page", $_POST["secure_invite_signup_page"]); update_site_option("secure_invite_registration_page", $_POST["secure_invite_registration_page"]); update_site_option("secure_invite_no_invite_message", trim($_POST["secure_invite_no_invite_message"])); update_site_option("secure_invite_signup_time_limit", trim($_POST["secure_invite_signup_time_limit"])); update_site_option("secure_invite_default_message", trim($_POST["secure_invite_default_message"])); update_site_option("secure_invite_open_signup", trim($_POST["secure_invite_open_signup"])); update_site_option("secure_invite_invite_limit", trim($_POST["secure_invite_invite_limit"])); update_site_option("secure_invite_show_admin_link", trim($_POST["secure_invite_show_admin_link"])); if (isset($_POST["secure_invite_buddypress_theme_actions"])) { $vals = implode(",", $_POST["secure_invite_buddypress_theme_actions"]); if (strpos($vals, "bp_nowhere") !== false){ $vals = "bp_nowhere"; } update_site_option("secure_invite_buddypress_theme_actions", $vals); } echo '

'.__('The settings have been updated', "secure_invite").'

'; } $secure_invite_preset = stripslashes( get_site_option("secure_invite_preset") ); $secure_invite_days_after_joining = stripslashes( get_site_option("secure_invite_days_after_joining") ); if ($secure_invite_days_after_joining == "") { $secure_invite_days_after_joining = secure_invite_default_setting("secure_invite_days_after_joining"); } $secure_invite_open_signup = stripslashes( get_site_option("secure_invite_open_signup") ); $open_signup = ""; if ($secure_invite_open_signup == "1") { $open_signup = ' checked="checked"'; } $secure_invite_signup_page = stripslashes( get_site_option("secure_invite_signup_page") ); if ($secure_invite_signup_page == "") { $secure_invite_signup_page = secure_invite_default_setting("secure_invite_signup_page"); } $secure_invite_registration_page = stripslashes( get_site_option("secure_invite_registration_page") ); if ($secure_invite_registration_page == "") { $secure_invite_registration_page = secure_invite_default_setting("secure_invite_registration_page"); } $secure_invite_no_invite_message = stripslashes( get_site_option("secure_invite_no_invite_message") ); if ($secure_invite_no_invite_message == "") { $secure_invite_no_invite_message = secure_invite_default_setting("secure_invite_no_invite_message"); } $secure_invite_signup_time_limit = stripslashes( get_site_option("secure_invite_signup_time_limit") ); if ($secure_invite_signup_time_limit == "") { $secure_invite_signup_time_limit = secure_invite_default_setting("secure_invite_signup_time_limit"); } $secure_invite_invite_limit = stripslashes( get_site_option("secure_invite_invite_limit") ); if ($secure_invite_invite_limit == "") { $secure_invite_invite_limit = secure_invite_default_setting("secure_invite_invite_limit"); } $secure_invite_show_admin_link = stripslashes( get_site_option("secure_invite_show_admin_link") ); if ($secure_invite_show_admin_link == "") { $secure_invite_show_admin_link = secure_invite_default_setting("secure_invite_show_admin_link"); } $secure_invite_default_message = stripslashes( get_site_option("secure_invite_default_message") ); if ($secure_invite_default_message == "") { $secure_invite_default_message = secure_invite_default_setting("secure_invite_default_message"); } $secure_invite_buddypress_theme_actions = stripslashes( get_site_option("secure_invite_buddypress_theme_actions") ); if ($secure_invite_buddypress_theme_actions == "") { $secure_invite_buddypress_theme_actions = secure_invite_default_setting("secure_invite_buddypress_theme_actions"); } $secure_invite_buddypress_theme_actions = $secure_invite_buddypress_theme_actions . ","; echo '

' . __("Invitation settings", "secure_invite") . ' ' . __("Invitation list", "secure_invite") . ' | ' . __("Special users", "secure_invite") . '

' . __("Settings presets", "secure_invite") . '

' . __("Custom settings", "secure_invite") . '

' . __("Use custom settings for secure invitations here.", "secure_invite") . '

' . __("Show the invite link in the admin area for normal users", "secure_invite") . '

' . __( "User settings", "secure_invite" ) . '

' . __("A user must have been registered for how many days before they can invite friends?", "secure_invite") . '

' . __('How many invites can each user send (override this for particular users here)? (set as 0 or blank for unlimited)', "secure_invite") . '

' . __( "Security settings", "secure_invite" ) . '

' . __("Allow anyone to sign up? This disables the security on the signup page", "secure_invite") . '

' . __("What is the address of the signup page? (wp-signup.php is the default). You can put multiple addresses here separated by a comma (,). For example, when using Buddypress you will want to add "wp-signup.php,wp-login.php?action=register,/register"", "secure_invite") . '

' . __( "Signup settings", "secure_invite" ) . '

' . __("What address do you want the invitation emails to send people to? Please add the full URL to the registration page.", "secure_invite") . '

' . __("How many days would you like an invitation to be open for?", "secure_invite") . '

' . __( "Message settings", "secure_invite" ) . '

' . __("What message do you want to show if someone tries to sign up without being invited?", "secure_invite") . '

' . __("Enter the message you would like to appear below the users personal message in the invite email. There are four special keywords to enter which are automatically changed when the email is sent. Use these keywords:", "secure_invite") . '

  • [sitename] ' . __("where you want the name of your site to appear", "secure_invite") . '
  • [signuplink] ' . __("where you want the special link to the signup form to appear", "secure_invite") . '
  • [name] ' . __("where you want the name of the email sender to appear", "secure_invite") . '
  • [timeout] ' . __("where you want the number of days this invitation is valid to appear", "secure_invite") . '

'; if (defined("BP_CORE_DB_VERSION")) { echo '

' . __( "BuddyPress theme settings", "secure_invite" ) . '

' . __("Where would you like the invitation form to how in your Buddypress site? The form will be hidden by default, and can be shown by clicking a button.", "secure_invite") . '

  • ' . __("At the top of every page", "secure_invite") . '
  • ' . __("Before your site homepage", "secure_invite") . '
  • ' . __("After your site homepage", "secure_invite") . '
  • ' . __("At the top of the default sidebar", "secure_invite") . '
  • ' . __("At the bottom of the default sidebar", "secure_invite") . '
  • ' . __("Don't use automatic BuddyPress integration", "secure_invite") . '
'; } echo '

'; echo '
'; } // show the users admin page function secure_invite_users() { global $wpdb; echo '

' . __("User invitation settings", "secure_invite") . ' ' . __("Invitation list", "secure_invite") . ' | ' . __("Settings", "secure_invite") . '

'; if (@$_POST && is_array($_POST) && count($_POST) > 0) { // show the user results if ($_POST["secure_invite_search_users"] != "") { $q = trim($_POST["secure_invite_search_users"]); $sql = "select u.ID, u.user_nicename, u.display_name, u.user_email, u.user_login, (select count(i.invited_email) from " . $wpdb->base_prefix . "invitations i inner join " . $wpdb->users . " s on s.user_email = i.invited_email where i.user_id = u.ID) as signups, (select count(invited_email) from " . $wpdb->base_prefix . "invitations where user_id = u.ID) as invitations from " . $wpdb->users . " u where u.user_email like '%" . mysql_real_escape_string($q) . "%' or u.user_nicename like '%" . mysql_real_escape_string($q) . "%' or u.display_name like '%" . mysql_real_escape_string($q) . "%' or u.user_login like '%" . mysql_real_escape_string($q) . "%';"; $users = $wpdb->get_results($sql); if ($users && is_array($users) && count($users) > 0) { echo '

' . __("Choose a user", "secure_invite") . '

'; foreach($users as $user) { echo ' '; } echo '
' . __("Username", "secure_invite") . ' ' . __("Nice name", "secure_invite") . ' ' . __("Display name", "secure_invite") . ' ' . __("Email", "secure_invite") . ' ' . __("Invites sent", "secure_invite") . ' ' . __("Resulting signups", "secure_invite") . '
' . $user->user_login . ' ' . $user->user_nicename . ' ' . $user->display_name . ' ' . $user->user_email . ' ' . $user->invitations . ' ' . $user->signups . '
'; } else { echo '

' . __("No users found, please try again", "secure_invite") . '

'; } } else { // update the details $can = "no"; if ($_POST["secure_invite_user_can_invite"] == "1") { $can = "yes"; } update_usermeta($_GET["id"], "secure_invite_user_can_invite", $can); update_usermeta($_GET["id"], "secure_invite_user_invite_limit", "_" .$_POST["secure_invite_user_invite_limit"]); echo '

' . __("The settings for this user have been saved", "secure_invite") . '

'; } } // get a user if (@$_GET && is_array($_GET) && $_GET["id"] != "") { $user = get_userdata($_GET["id"]); $can_invite = get_usermeta($_GET["id"], "secure_invite_user_can_invite"); if ($can_invite == "no") { $can_invite = ''; } else { $can_invite = ' checked="checked"'; } $invite_limit = trim(get_usermeta($_GET["id"], "secure_invite_user_invite_limit"), "_"); $remaining = secure_invite_user_invites_remaining($user->ID); if ($remaining != "") { $remaining = "

" . $remaining . "

"; } echo '

' . __("Set invite settings for this user", "secure_invite") . '

' . __("Username", "secure_invite") . ': ' . $user->user_login . '

' . __("Invites sent", "secure_invite") . ': ' . secure_invite_user_sent_invites($user->ID) . '

' . $remaining . '

' . __("Invites accepted", "secure_invite") . ': ' . (int)secure_invite_user_accepted_invites($user->ID) . '

' . __("Invite points", "secure_invite") . ': ' . (int)get_usermeta($user->ID, "secure_invite_points") . '

' . __("Can this user send invitations?", "secure_invites") . '

' . __("Number of invitations this user can send (leave blank to use the global default, or 0 for unlimited)", "secure_invites") . '

'; } echo '

' . __("Search users", "secure_invite") . '

' . __("Search for a user to override their invitation settings.", "secure_invite") . '

'; } function secure_invite_list_page() { global $wpdb; echo '
'; secure_invite_wp_plugin_standard_header( "GBP", "Secure invites", "Chris Taylor", "chris@stillbreathing.co.uk", "http://wordpress.org/extend/plugins/wordpress-mu-secure-invites/" ); echo '

' . __("Secure invites admin", "secure_invite") . ' ' . __("Settings", "secure_invite") . ' | ' . __("Special users", "secure_invite") . '

'; // if deleting if ((isset($_GET["delete"]) && $_GET["delete"] != "") || (isset($_POST["delete"]) && @$_POST["delete"] != "")) { if (isset($_GET["delete"]) && $_GET["delete"] != "") { $sql = "delete from ".$wpdb->base_prefix."invitations where invited_email = '" . str_replace(" ", "+", urldecode($wpdb->escape($_GET["delete"]))) . "';"; if ($wpdb->query($sql)) { echo '

' . __("The invitation for this email address has been deleted", "secure_invite") . '

'; } else { echo '

' . __("The invitation for this email address could not be deleted", "secure_invite") . '

'; } } else { $emails = str_replace(" ", "+", urldecode(implode("','", $_POST["delete"]))); $sql = "delete from ".$wpdb->base_prefix."invitations where invited_email in ('" . $emails . "');"; if ($wpdb->query($sql)) { echo '

' . __("The selected invitations have been deleted", "secure_invite") . '

'; } else { echo '

' . __("The selected invitations could not be deleted", "secure_invite") . '

'; } } } // check the invites table exists secure_invite_check_table(); // show the number of invites per month $sql = "select UNIX_TIMESTAMP(i.datestamp) as date, count(i.invited_email) as invites, (select count(i2.invited_email) from ".$wpdb->base_prefix."invitations i2 inner join ".$wpdb->users." u2 on u2.user_email = i2.invited_email where year(i2.datestamp) = year(i.datestamp) and month(i2.datestamp) = month(i.datestamp)) as signups from ".$wpdb->base_prefix."invitations i group by month(i.datestamp) order by i.datestamp desc limit 0, 12;"; $invites_per_month = $wpdb->get_results($sql); $invites_per_month_num = count($invites_per_month); echo '

' . __("Invitations per month", "secure_invite") . '

'; if ($invites_per_month && $invites_per_month_num > 0) { echo ' '; foreach ($invites_per_month as $invite_month) { if ($alt == '') { $alt = ' class="alternate"'; } else { $alt = ''; } echo ' '; } echo '
'.__("Month", "secure_invite").' '.__("Invites sent", "secure_invite").' '.__("Resulting signups", "secure_invite").'
'.__(date("F Y", $invite_month->date)).' '.__($invite_month->invites).' '.__($invite_month->signups).'
'; } else { echo '

'.__("No invitations sent yet", "secure_invite").'

'; } echo '
'; // get the best inviters by signups $sql = "select u.user_nicename, count(i.invited_email) as invites, (select count(i2.invited_email) from ".$wpdb->base_prefix."invitations i2 inner join ".$wpdb->users." u2 on u2.user_email = i2.invited_email where i2.user_id = i.user_id) as signups from ".$wpdb->base_prefix."invitations i inner join ".$wpdb->base_prefix."users u on u.id = i.user_id group by i.user_id order by count(i.invited_email) desc limit 0, 6;"; $best_inviters = $wpdb->get_results($sql); $best_inviters_num = count($best_inviters); echo '

' . __("Best inviters by signups", "secure_invite") . '

'; if ($best_inviters && $best_inviters_num > 0) { echo ' '; foreach ($best_inviters as $best_inviter) { if ($alt == '') { $alt = ' class="alternate"'; } else { $alt = ''; } echo ' '; } echo '
'.__("Name", "secure_invite").' '.__("Invites sent", "secure_invite").' '.__("Resulting signups", "secure_invite").'
'.__($best_inviter->user_nicename).' '.__($best_inviter->invites).' '.__($best_inviter->signups).'
'; } else { echo '

'.__("No invitations sent yet", "secure_invite").'

'; } echo '
'; // get the best inviters by points $sql = "select u.user_nicename, CAST(m.secure_invite_points AS SIGNED) as secure_invite_points from ".$wpdb->users." u inner join ".$wpdb->usermeta." m on m.user_id = u.ID and m.meta_key = 'secure_invite_points' order by CAST(m.secure_invite_points AS SIGNED) desc limit 0, 6;"; $best_inviters = $wpdb->get_results($sql); $best_inviters_num = count($best_inviters); if ($best_inviters && $best_inviters_num > 0) { echo '

' . __("Best inviters by points", "secure_invite") . '

'; foreach ($best_inviters as $best_inviter) { if ($alt == '') { $alt = ' class="alternate"'; } else { $alt = ''; } echo ' '; } echo '
'.__("Name", "secure_invite").' '.__("Points", "secure_invite").'
'.__($best_inviter->user_nicename).' '.__($best_inviter->secure_invite_points).'
'; } // get the page $page = @(int)$_GET["p"]; if ($page == "") { $page = "1"; } $start = ($page * 50) -50; if ($start == "") { $start = 0; } // get the invites $sql = $wpdb->prepare("select SQL_CALC_FOUND_ROWS i.user_id, i.invited_email, UNIX_TIMESTAMP(i.datestamp) as datestamp, u.user_nicename as inviter, l.user_nicename as signed_up from ".$wpdb->base_prefix."invitations i inner join ".$wpdb->users." u on u.id = i.user_id left outer join ".$wpdb->users." l on l.user_email = i.invited_email order by i.datestamp desc limit %d, 50", $start); $invites = $wpdb->get_results($sql); echo '

' . __("Invitation list", "secure_invite") . '

'; $invites_num = count($invites); $total = $wpdb->get_var( "SELECT found_rows() AS found_rows" ); $invites_pages = ceil($total/50); if ($invites && $invites_num > 0) { if ($invites_pages > 1) { $thisp = @$_GET["p"]; if ($thisp == "") { $thisp = 1; } echo ' '; } echo '
'; $alt = ''; foreach ($invites as $invite) { if ($alt == '') { $alt = ' class="alternate"'; } else { $alt = ''; } echo ' '; if ($invite->signed_up == "") { echo ' '; } else { echo ' '; } echo ' '; } echo '
'.__("Inviter", "secure_invite").' '.__("Datestamp", "secure_invite").' '.__("Invited email", "secure_invite").' '.__("Signed up name", "secure_invite").' '.__("Delete invitation", "secure_invite").'
' . $invite->inviter . ' ' . date("F j, Y, g:i a", $invite->datestamp) . ' ' . $invite->invited_email . ' ' . $invite->signed_up . ' ' . __("Delete", "secure_invite") . '

'; if ($invites_pages > 1) { echo ' '; } } else { echo '

' . __("No invitations sent yet.", "secure_invite") . '

'; } } // check the invites table exists function secure_invite_check_table() { global $wpdb; // if the invitations table does not exist $sql = "select count(id) from ".$wpdb->base_prefix."invitations;"; $exists = $wpdb->get_var($sql); if($exists == "") { require_once(ABSPATH . 'wp-admin/upgrade-functions.php'); // include the file with the required database manipulation functions // create the table $sql = "CREATE TABLE ".$wpdb->base_prefix."invitations ( id mediumint(9) NOT NULL AUTO_INCREMENT, user_id mediumint(9), invited_email varchar(255), datestamp datetime, PRIMARY KEY (id) );"; dbDelta($sql); } } // show a BuddyPress form function secure_invite_buddypress_form($hidelink = false, $usepost = false) { // if the current user is allowed to send invites if (secure_invite_user_can_invite()) { $name = ""; $email = ""; $message = ""; if ($usepost) { $name = @$_POST["name"]; $email = @$_POST["email"]; $message = @$_POST["personalmessage"]; } $rand = rand(1, 10000); $hide = "_visible"; if (!$hidelink) { $hide = ""; echo '

' . __("Invite a friend", "secure_invite") . '

'; } $qs = ""; if ($_SERVER["QUERY_STRING"] != "") { $qs = "?" . $_SERVER["QUERY_STRING"]; } echo '

' . __( "Invite a friend to join", "secure_invite" ) . '

' . secure_invite_user_invites_remaining() . '

'; $nonce = wp_nonce_field( 'secure_invite_send_invite', '_wpnonce', true, false ); $nonce = str_replace('id="_wpnonce"', 'id="_wpnonce_'.$rand.'"', $nonce); echo $nonce; echo '
'; } } // show an invitation form function secure_invite_form($success='Thanks, your invitation has been sent', $error='Sorry, your invitation could not be sent. Perhaps this email address is already registered.') { // if the current user is allowed to send invites if (secure_invite_user_can_invite()) { // if an email has been supplied if (@$_POST['invite-email'] != "" && is_email($_POST['invite-email'])) { if (secure_invite_send()) { // show the success message echo '

' . __($success, "secure_invite") . '

'; } else { // show the error message echo '

' . __($error, "secure_invite") . '

'; } } $qs = ""; if ($_SERVER["QUERY_STRING"] != "") { $qs = "?" . $_SERVER["QUERY_STRING"]; } // show the form echo '

' . secure_invite_user_invites_remaining() . '

'; } } // see if a user can send an invite function secure_invite_user_can_invite() { global $wpdb, $current_user; $site_registration = stripslashes( get_site_option( "registration" ) ); // if the current user exists and is logged in if ($current_user && $current_user->id != "") { // if site registration is allowed if ($site_registration == "all" || $site_registration == "user") { // if the user has not been overridden if (get_usermeta($current_user->ID, "secure_invite_user_can_invite") != "no") { // get the date this user was registered $registered = $wpdb->get_var($wpdb->prepare("select UNIX_TIMESTAMP(user_registered) from ".$wpdb->users." where id=%d;", $current_user->id)); // get how many days after registration invites are locked $secure_invite_days_after_joining = (int)stripslashes( get_site_option("secure_invite_days_after_joining") ); if ($secure_invite_days_after_joining == "") { $secure_invite_days_after_joining = 30; } // if the user is not too new, or is a site admin if ($registered < (time() - ($secure_invite_days_after_joining * 24 * 60 * 60)) || is_site_admin()) { // get the total number of invites a user is allowed to send $secure_invite_invite_limit = stripslashes( get_site_option("secure_invite_invite_limit") ); if ($secure_invite_invite_limit == "") { $secure_invite_invite_limit = 0; } // get the limit for this user $user_limit = trim(get_usermeta($current_user->ID, "secure_invite_user_invite_limit"), "_"); if ($user_limit != "") { $secure_invite_invite_limit = (int)$user_limit; } // get the number of invites this user has sent $sent = secure_invite_user_sent_invites(); // if the user has sent less than their limit, or there is no limit if ($sent < $secure_invite_invite_limit || $secure_invite_invite_limit == "" || $secure_invite_invite_limit == 0 || $user_limit == 0) { return true; } else { add_action('admin_head', 'secure_invites_disallowed_limit'); add_action('wp_head', 'secure_invites_disallowed_limit'); return false; } } else { add_action('admin_head', 'secure_invites_disallowed_new'); add_action('wp_head', 'secure_invites_disallowed_new'); return false; } } else { add_action('admin_head', 'secure_invites_disallowed_turnedoff'); add_action('wp_head', 'secure_invites_disallowed_turnedoff'); return false; } } else { add_action('admin_head', 'secure_invites_disallowed_registration'); add_action('wp_head', 'secure_invites_disallowed_registration'); return false; } } else { add_action('admin_head', 'secure_invites_disallowed_login'); add_action('wp_head', 'secure_invites_disallowed_login'); return false; } } // the reasons why people are disallowed from sending invites function secure_invites_disallowed_limit() { echo ''; } function secure_invites_disallowed_new() { echo ''; } function secure_invites_disallowed_registration() { echo ''; } function secure_invites_disallowed_login() { echo ''; } function secure_invites_disallowed_turnedoff() { echo ''; } // get the number of invites this user has sent function secure_invite_user_sent_invites($userid = 0) { global $wpdb, $current_user; if ($userid == 0) { $userid = $current_user->id; } return $wpdb->get_var($wpdb->prepare("select count(user_id) from ".$wpdb->base_prefix."invitations where user_id = %d", $userid)); } // get the number of invites this user has sent which have resulted in a non-spam, non-deleted signup function secure_invite_user_accepted_invites() { global $wpdb, $current_user; if ($userid == 0) { $userid = $current_user->id; } return $wpdb->get_var($wpdb->prepare("select count(u.user_id) from ".$wpdb->users." u inner join ".$wpdb->base_prefix."invitations i on i.invited_email = u.user_email where u.spam = 0 and u.deleted = 0 and i.user_id = %d", $userid)); } // show how many invites this user is allowed to send function secure_invite_user_invites_remaining() { global $current_user; // get the total number of invites a user is allowed to send $secure_invite_invite_limit = stripslashes( get_site_option("secure_invite_invite_limit") ); if ($secure_invite_invite_limit == "") { $secure_invite_invite_limit = secure_invite_default_setting("secure_invite_invite_limit"); } // get the limit for this user $user_limit = trim(get_usermeta($current_user->ID, "secure_invite_user_invite_limit"), "_"); if ($user_limit != "") { $secure_invite_invite_limit = (int)$user_limit; } if ($secure_invite_invite_limit > 0) { // get the number of invites sent $sent = secure_invite_user_sent_invites(); return __("Number of invites left to send:", "secure_invite") . " " . ($secure_invite_invite_limit - $sent); } else { return ""; } } // check if an email address exists function secure_invite_email_exists($email) { if( function_exists('email_exists') ) { return email_exists( trim( $email ) ); } else { global $wpdb; $sql = $wpdb->prepare( "select user_email from " . $wpdb->users . " where user_email = %s;", trim( $email ) ); $saved_email = $wpdb->get_var( $sql ); if ( $saved_email == trim( $email ) ) { return true; } else { return false; } } return false; } // send an invitation function secure_invite_send() { global $current_site, $current_user, $blog_id, $wpdb; // check the user can invite if (secure_invite_user_can_invite()) { // check this email address isn't already registered if ( !secure_invite_email_exists( trim($_POST['invite-email']) ) ) { $usernickname = $current_user->display_name; $to = trim($_POST['invite-email']); $from = $current_user->display_name . ' <' . $current_user->user_email . '>'; $pname = trim($_POST['invite-name']); $site_url = $current_site->domain; $site_name = stripslashes( get_site_option("site_name") ); // save the invitation $sql = $wpdb->prepare("insert into ".$wpdb->base_prefix."invitations (user_id, invited_email, datestamp) values (%d, %s, now());", $current_user->id, $to); $wpdb->print_error(); $query = $wpdb->query($sql); $query_error = mysql_error(); // if the invitation could be saved if ($query) { if(!empty($pname)) { $subject = $pname.', '.$usernickname.' has invited you to join '.$site_name; $message .= "Dear ".$pname.", "; } else { $subject = 'Hi there, '. $usernickname.' has invited you to join '.$site_name; $message .= "Hi there, "; } $secure_invite_signup_time_limit = (int)stripslashes( get_site_option("secure_invite_signup_time_limit") ); if ($secure_invite_signup_time_limit == "") { $secure_invite_signup_time_limit = secure_invite_default_setting("secure_invite_signup_time_limit"); } $secure_invite_signup_page = stripslashes( get_site_option("secure_invite_signup_page") ); if ($secure_invite_signup_page == "") { $secure_invite_signup_page = secure_invite_default_setting("secure_invite_signup_page"); } $secure_invite_registration_page = stripslashes( get_site_option("secure_invite_registration_page") ); if ($secure_invite_registration_page == "") { $secure_invite_registration_page = secure_invite_default_setting("secure_invite_registration_page"); } $secure_invite_default_message = stripslashes( get_site_option("secure_invite_default_message") ); if ($secure_invite_default_message == "") { $secure_invite_default_message = secure_invite_default_setting("secure_invite_default_message"); } $secure_invite_default_message = str_replace("[sitename]", $site_name, $secure_invite_default_message); $secure_invite_default_message = str_replace("[signuplink]", $secure_invite_registration_page . "?" . $to, $secure_invite_default_message); $secure_invite_default_message = str_replace("[name]", $usernickname, $secure_invite_default_message); $secure_invite_default_message = str_replace("[timeout]", $secure_invite_signup_time_limit, $secure_invite_default_message); $message = $message . "\n\n" . stripslashes($_POST['invite-personalmessage']) . "\n\n" . $secure_invite_default_message; $headers = 'From: '. $from . "\r\n" . 'Reply-To: ' . $from; wp_mail($to, $subject, $message, $headers); return true; } else { $headers = 'From: '. $from . "\r\n" . 'Reply-To: ' . $from; wp_mail(stripslashes( get_site_option("admin_email") ), "Secure invite failure for ".$from, "A user just tried to invite someone to join ".$site_name.". The following SQL query could not be completed:\n\n".$sql."\n\nThe error reported was:\n\n".$query_error."\n\nThis is an automatic email sent by the Secure Invites plugin.", $headers); } } } return false; } // add an invitation to the database function secure_invite_admin() { global $current_site, $current_user, $blog_id, $wpdb; $site_url = $current_site->domain; $site_name = stripslashes( get_site_option("site_name") ); // check the invites table exists secure_invite_check_table(); if($_POST['invite-action']=="send") { // if the email is valid if(is_email($_POST['invite-email'])) { // try to send if (secure_invite_send()) { echo '

'.__('Your invitation has been successfully sent to', "secure_invite").' '.$_POST['invite-email'].'.

'; // the invitation could not be saved, show an error } else { echo '

'.__('Your invitation could not be sent to', "secure_invite").' '.$_POST['invite-email'].'. '.__('Perhaps this email address is already registered. Please try again. If it fails more than twice please contact the site administrator.', "secure_invite").'

'; } } else { echo '

'.__('Please enter a valid email address', "secure_invite").'

'; } // end error } // end if action is send echo '
'; echo '

' . __("Invite a friend to join", "secure_invite") . ' '.$site_name.'

'; echo '

'; echo secure_invite_user_invites_remaining(); echo '

'; } // a standard header for your plugins, offers a PayPal donate button and link to a support page function secure_invite_wp_plugin_standard_header( $currency = "", $plugin_name = "", $author_name = "", $paypal_address = "", $bugs_page ) { $r = ""; $option = get_option( $plugin_name . " header" ); if ( $_GET[ "header" ] != "" || $_GET["thankyou"] == "true" ) { update_option( $plugin_name . " header", "hide" ); $option = "hide"; } if ( $_GET["thankyou"] == "true" ) { $r .= '

' . __( "Thank you for donating" ) . '

'; } if ( $currency != "" && $plugin_name != "" && $_GET[ "header" ] != "hide" && $option != "hide" ) { $r .= '
'; $pageURL = 'http'; if ( $_SERVER["HTTPS"] == "on" ) { $pageURL .= "s"; } $pageURL .= "://"; if ( $_SERVER["SERVER_PORT"] != "80" ) { $pageURL .= $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"] . $_SERVER["REQUEST_URI"]; } else { $pageURL .= $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]; } if ( strpos( $pageURL, "?") === false ) { $pageURL .= "?"; } else { $pageURL .= "&"; } $pageURL = htmlspecialchars( $pageURL ); if ( $bugs_page != "" ) { $r .= '

' . sprintf ( __( 'To report bugs please visit %s.' ), $bugs_page, $bugs_page ) . '

'; } if ( $paypal_address != "" && is_email( $paypal_address ) ) { $r .= '

'; if ( $author_name != "" ) { $r .= sprintf( __( 'If you found %1$s useful please consider donating to help %2$s to continue writing free Wordpress plugins.' ), $plugin_name, $author_name ); } else { $r .= sprintf( __( 'If you found %s useful please consider donating.' ), $plugin_name ); } $r .= '

'; } $r .= '

' . __( "Hide this" ) . '

'; $r .= '
'; } print $r; } function secure_invite_wp_plugin_standard_footer( $currency = "", $plugin_name = "", $author_name = "", $paypal_address = "", $bugs_page ) { $r = ""; if ( $currency != "" && $plugin_name != "" ) { $r .= ''; } print $r; } ?>