function user_activate($username, $key) { if (!is_file(DATA_PATH . 'users.unconfirmed.dat')) { $userdata = array(); } else { $userdata = @unserialize(@file_get_contents(DATA_PATH . 'users.unconfirmed.dat')); } if (user_is_confirmed($username)) { return true; } if (@$userdata[$username]['code'] == $key) { unset($userdata[$username]); } else { return false; } @file_write_contents(DATA_PATH . 'users.unconfirmed.dat', serialize($userdata)); return true; }
/** * @return boolean * @param string $username * @param string $password * @param string $report_to * @param boolean $hash * @param link $userdata * @desc This function is an internal private function for class rcms_system and must not be used externally. This function check user's data and validate his data file. */ function checkUserData($username, $password, $report_to, $hash, &$userdata) { if (preg_replace("/[\\d\\w]+/i", "", $username) != "") { $this->results[$report_to] = 14; return false; } // If login is not exists - we exiting with error if (!is_file(USERS_PATH . $username)) { $this->results[$report_to] = 16; return false; } // So all is ok. Let's load userdata $result = load_user_info($username); // If userdata is invalid we must delete invalid user // and exit with error if (empty($result)) { user_delete($username); $this->results[$report_to] = 14; return false; } // If password is invalid - exit with error if (!$hash && md5($password) !== $result['password'] || $hash && $password !== $result['password']) { $this->results[$report_to] = 13; return false; } // If user is blocked - exit with error if (@$result['blocked']) { $this->results[$report_to] = 7; return false; } // If activation is ON and user doesnot confirm it's account if (@$this->config['regconf'] && !user_is_confirmed($result['username'])) { $this->results[$report_to] = 17; return false; } $userdata = $result; return true; }