39 lines
1.3 KiB
Plaintext
39 lines
1.3 KiB
Plaintext
|
{%
|
||
|
|
local worked = false
|
||
|
|
|
||
|
|
if verified and request.querystring.csrf and DB.csrfverify(verified.id, Escapes.urlunescape(request.querystring.csrf)) and request.querystring.z and DB.isemailvalid(Escapes.urlunescape(request.querystring.z)) then
|
||
|
|
local em = Escapes.urlspunescape(request.querystring.z)
|
||
|
|
local u = DB.getuserbyemail(em)
|
||
|
|
|
||
|
|
-- When done this way, a member can't tell if another is already registered.
|
||
|
|
worked = true
|
||
|
|
|
||
|
|
if not u and (
|
||
|
|
(BigGlobe.cfg.membexcl == BigGlobe.MEMBEXCL_MEMBERS_INVITE and verified.privs >= DB.USER_PRIVS_APPROVED)
|
||
|
|
or (BigGlobe.cfg.membexcl == BigGlobe.MEMBEXCL_MODS_INVITE and verified.privs >= DB.USER_PRIVS_MOD)
|
||
|
|
or (BigGlobe.cfg.membexcl == BigGlobe.MEMBEXCL_ADMIN_INVITES and verified.privs >= DB.USER_PRIVS_ADMIN)) then
|
||
|
|
|
||
|
|
-- Invitation
|
||
|
|
SMTPAuth.sendregisterinfo(em)
|
||
|
|
end
|
||
|
|
end
|
||
|
|
|
||
|
|
title = BigGlobe.cfg.sitename .. " - Invitation"
|
||
|
|
%}
|
||
|
|
|
||
|
|
{% function content() %}
|
||
|
|
{% if worked then %}
|
||
|
|
<p>Invite sent.</p>
|
||
|
|
{% elseif verified then %}
|
||
|
|
<form action="/invite" method="GET">
|
||
|
|
<p>Use this form to invite anyone to the platform.</p>
|
||
|
|
|
||
|
|
<input type="hidden" name="csrf" value="{{ Escapes.htmlescape(DB.csrf(verified.id)) }}" />
|
||
|
|
|
||
|
|
<input type="email" name="z" placeholder="E-mail" autocomplete="off" />
|
||
|
|
<input type="submit" value="Invite" />
|
||
|
|
</form>
|
||
|
|
{% end %}
|
||
|
|
{% end %}
|
||
|
|
|
||
|
|
{# base.inc
|