From 305e2b7c55ffd24a156f5788388e6d4ed2daea14 Mon Sep 17 00:00:00 2001
From: root
Date: Mon, 17 Feb 2014 18:41:58 +0100
Subject: handles most of the database stuff

---
 www/invite.php | 67 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100644 www/invite.php

(limited to 'www/invite.php')

diff --git a/www/invite.php b/www/invite.php
new file mode 100644
index 0000000..4a055e3
--- /dev/null
+++ b/www/invite.php
@@ -0,0 +1,67 @@
+<?
+
+session_start();
+
+if($_SERVER['REQUEST_METHOD'] == 'POST') {
+	$name=$_SESSION["username"];
+	$safe_name = SQLite3::escapeString("$name");
+
+	$email=$_POST["email"];
+	$safe_email=SQLite3::escapeString("$email");
+
+	$db = new SQLite3("../database/sqlite.db");
+
+	$invite_db = $db->query("SELECT invites FROM user WHERE name='$safe_name';");
+	$invite_ar = $invite_db->fetchArray(SQLITE3_NUM);
+	$invite = $invite_ar[0];
+
+	if($invite > 0){
+
+/*Generates the invite key*/
+
+		$key_array = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "_", "-", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" );
+
+		$length = count($key_array);
+		$key = "";
+
+		for ($i=0;$i<11;$i++){
+			$index = mt_rand(0,$length-1);
+			$key = "$key".$key_array[$index];
+		}
+
+		$id_db = $db->query("SELECT id FROM USER WHERE name='$safe_name';");
+		$id_ar = $id_db->fetchArray(SQLITE3_NUM);
+		$id = $id_ar[0];
+
+/*Generates the new user and decrease the invites*/
+
+		$invite = $invite - 1;
+
+		echo "ID: '$id', KEY: '$key', SAFE_EMAIL: '$safe_email'";
+
+//		$db->exec("INSERT INT0 user (id, name, senpai, key, status, email) VALUES (NULL, '$id', '$key', 0, '$safe_email');");
+//		$db->exec("UPDATE user SET invites='$invite' WHERE id='$id';");
+		if($db->exec("INSERT INTO user (id, name, senpai, key, status, email) VALUES (NULL, NULL, '$id', '$key', 0, '$safe_email');") && $db->exec("UPDATE user SET invites='$invite' WHERE id='$id';"))
+		{
+			header("Refresh: 0; /invite?reason=success");
+		} else {
+			header("Refresh: 0; /invite?reason=database");
+		}
+
+	} else {
+		header("Refresh: 0; /invite?reason=invites");
+	}
+} else {
+	foreach ($_GET as $name => $value) {
+		echo 'Name: ' . $name . ' Value: ' . $value . '<br />';
+	}
+
+	echo "Hallo $name
+		<form method='post' action='/invite.php'>
+			<p> E-Mail: <input type='text' name='email'></p>
+			<input type='hidden' name='username' value='$_SESSION[username]'>
+			<input type='submit' name='submit' value='invite'>
+		</form>";
+
+	echo "ENDE";
+}
-- 
cgit v1.2.3