ikibooru/invite.html.l
2024-06-01 17:40:11 +03:00

39 lines
1.3 KiB
Plaintext

{%
local worked = false
if verified and request.querystring.csrf and DB.csrfverify(verified.id, Escapes.urlunescape(request.querystring.csrf)) and request.querystring.z and DB.isemailvalid(Escapes.urlunescape(request.querystring.z)) then
local em = Escapes.urlspunescape(request.querystring.z)
local u = DB.getuserbyemail(em)
-- When done this way, a member can't tell if another is already registered.
worked = true
if not u and (
(BigGlobe.cfg.membexcl == BigGlobe.MEMBEXCL_MEMBERS_INVITE and verified.privs >= DB.USER_PRIVS_APPROVED)
or (BigGlobe.cfg.membexcl == BigGlobe.MEMBEXCL_MODS_INVITE and verified.privs >= DB.USER_PRIVS_MOD)
or (BigGlobe.cfg.membexcl == BigGlobe.MEMBEXCL_ADMIN_INVITES and verified.privs >= DB.USER_PRIVS_ADMIN)) then
-- Invitation
SMTPAuth.sendregisterinfo(em)
end
end
title = BigGlobe.cfg.sitename .. " - Invitation"
%}
{% function content() %}
{% if worked then %}
<p>Invite sent.</p>
{% elseif verified then %}
<form action="/invite" method="GET">
<p>Use this form to invite anyone to the platform.</p>
<input type="hidden" name="csrf" value="{{ Escapes.htmlescape(DB.csrf(verified.id)) }}" />
<input type="email" name="z" placeholder="E-mail" autocomplete="off" />
<input type="submit" value="Invite" />
</form>
{% end %}
{% end %}
{# base.inc