function user_set_rights($username, $root, $rights)
{
global $system;
if ($userdata = load_user_info($username)) {
return $system->setRightsForUser($username, $rights, $root, (int) @$userdata['accesslevel']);
} else {
return false;
}
}
$frm->resetButton($lang['general']['reset']);
$frm->addbreak($lang['admincp']['users']['profiles']['edit'] . $userdata['username']);
$frm->hidden('edit', $userdata['username']);
$frm->hidden('save', '1');
$frm->addrow($lang['users']['username'], $userdata['username']);
$frm->addrow($lang['users']['password'], ' [ ' . $lang['admincp']['hidden'] . ' ] ');
$frm->addrow($lang['users']['nickname'], $frm->text_box('userdata[nickname]', $userdata['nickname']));
$frm->addrow($lang['users']['email'], $frm->text_box('email', $userdata['email']));
$frm->addrow($lang['users']['hideemail'], $frm->checkbox('userdata[hideemail]', '1', '', !isset($userdata['hideemail']) ? true : $userdata['hideemail'] ? true : false));
$frm->addrow($lang['users']['accesslevel'], $frm->text_box('userdata[accesslevel]', @$userdata['accesslevel']));
$frm->addrow($lang['users']['timezone'], user_tz_select($userdata['tz'], 'userdata[tz]'));
foreach ($system->data['apf'] as $field_id => $field_name) {
$frm->addrow($field_name, $frm->text_box('userdata[' . $field_id . ']', $userdata[$field_id]));
}
$frm->show();
} elseif (!empty($_POST['rights']) && ($userdata = load_user_info($_POST['rights']))) {
$frm = new InputForm("", "post", $lang['general']['submit']);
$frm->resetButton($lang['general']['reset']);
$frm->addbreak($lang['admincp']['users']['profiles']['edit'] . $userdata['username']);
$frm->hidden('rights', $userdata['username']);
$frm->hidden('save', '1');
if ($userdata['admin'] == '*') {
$frm->addrow($lang['users']['rootuser'], $frm->checkbox('rootuser', '1', '', true));
} else {
$frm->addrow($lang['users']['rootuser'], $frm->checkbox('rootuser', '1', '', false));
foreach ($rights_db as $right_id => $right_desc) {
$frm->addrow($right_desc, $frm->checkbox('_rights[' . $right_id . ']', '1', '', user_check_right($_POST['rights'], $right_id)));
}
}
$frm->show();
} elseif (!empty($_POST['search'])) {
rcms_showAdminMessage($system->results['profileupdate']);
}
if (!empty($_POST['rights']) && !empty($_POST['save'])) {
if ($system->setRightsForUser($_POST['rights'], @$_POST['_rights'], @$_POST['rootuser'], @$_POST['level'])) {
rcms_showAdminMessage(__('Rights changed'));
} else {
rcms_showAdminMessage(__('Error occurred'));
}
}
/******************************************************************************
* Interface *
******************************************************************************/
$frm = new InputForm('', 'post', __('Find users'));
$frm->addrow(__('Enter username or mask of usernames'), $frm->text_box('search', @$_POST['search']));
$frm->show();
if (!empty($_POST['edit']) && ($userdata = load_user_info($_POST['edit']))) {
$frm = new InputForm('', 'post', __('Submit'));
$frm->addbreak($userdata['username']);
$frm->hidden('username', $userdata['username']);
$frm->hidden('save', '1');
$frm->addrow(__('Username'), $userdata['username']);
$frm->addrow(__('New password') . '<br><small>' . __('if you do not want change password you must leave this field empty'), $frm->text_box('password', ''));
$frm->addrow(__('Confirm password'), $frm->text_box('confirmation', ''));
$frm->addrow(__('Nickname'), $frm->text_box('nickname', $userdata['nickname']));
$frm->addrow(__('E-mail'), $frm->text_box('email', $userdata['email']));
$frm->addrow(__('Hide e-mail from other users'), $frm->checkbox('userdata[hideemail]', '1', '', !isset($userdata['hideemail']) ? true : $userdata['hideemail'] ? true : false));
$frm->addrow(__('Time zone'), user_tz_select($userdata['tz'], 'userdata[tz]'));
foreach ($system->data['apf'] as $field_id => $field_name) {
$frm->addrow($field_name, $frm->text_box('userdata[' . $field_id . ']', $userdata[$field_id]));
}
$frm->show();
function user_set_rights($username, $root, $rights)
{
$username = basename($username);
if (!($userdata = load_user_info($username))) {
return 16;
}
if (empty($rights)) {
$rights = array();
}
if ($root) {
$userdata['admin'] = '*';
} else {
$userdata['admin'] = '';
foreach ($rights as $right => $cond) {
if ($cond) {
$userdata['admin'] .= '|' . $right . '|';
}
}
}
if (!file_write_contents(USERS_PATH . $username, serialize($userdata))) {
return 10;
}
return 0;
}
/**
* Shows administrator editing form
*
* @param string $login
*/
function web_admineditform($login)
{
$userdata = load_user_info($login);
$frm = new InputForm('', 'post', __('Submit'));
$frm->hidden('username', $userdata['username']);
$frm->hidden('save', '1');
$frm->addrow(__('Username'), $userdata['username']);
$frm->addrow(__('New password') . '<br><small>' . __('if you do not want change password you must leave this field empty'), $frm->text_box('password', ''));
$frm->addrow(__('Confirm password'), $frm->text_box('confirmation', ''));
$frm->addrow(__('Nickname'), $frm->text_box('nickname', $userdata['nickname']));
$frm->addrow(__('E-mail'), $frm->text_box('email', $userdata['email']));
$frm->addrow(__('Hide e-mail from other users'), $frm->checkbox('userdata[hideemail]', '1', '', !isset($userdata['hideemail']) ? true : $userdata['hideemail'] ? true : false));
$frm->addrow(__('Time zone'), user_tz_select($userdata['tz'], 'userdata[tz]'));
show_window(__('Edit') . ' ' . $login, $frm->show(true));
}
/**
* @return boolean
* @param string $username
* @param string $password
* @param string $report_to
* @param boolean $hash
* @param link $userdata
* @desc This function is an internal private function for class rcms_system
and must not be used externally. This function check user's data and
validate his data file.
*/
function checkUserData($username, $password, $report_to, $hash, &$userdata)
{
if (preg_replace("/[\\d\\w]+/i", "", $username) != "") {
$this->results[$report_to] = 14;
return false;
}
// If login is not exists - we exiting with error
if (!is_file(USERS_PATH . $username)) {
$this->results[$report_to] = 16;
return false;
}
// So all is ok. Let's load userdata
$result = load_user_info($username);
// If userdata is invalid we must delete invalid user
// and exit with error
if (empty($result)) {
user_delete($username);
$this->results[$report_to] = 14;
return false;
}
// If password is invalid - exit with error
if (!$hash && md5($password) !== $result['password'] || $hash && $password !== $result['password']) {
$this->results[$report_to] = 13;
return false;
}
// If user is blocked - exit with error
if (@$result['blocked']) {
$this->results[$report_to] = 7;
return false;
}
// If activation is ON and user doesnot confirm it's account
if (@$this->config['regconf'] && !user_is_confirmed($result['username'])) {
$this->results[$report_to] = 17;
return false;
}
$userdata = $result;
return true;
}
<?php
////////////////////////////////////////////////////////////////////////////////
// Copyright (C) ReloadCMS Development Team //
// http://reloadcms.com //
// This product released under GNU General Public License v2 //
////////////////////////////////////////////////////////////////////////////////
if (LOGGED_IN) {
if (!empty($_GET['user']) && ($userdata = load_user_info(basename($_GET['user'])))) {
$system->config['pagename'] = __('User profile of') . ' ' . $userdata['username'];
show_window('', rcms_parse_module_template('user-view.tpl', array('userdata' => $userdata, 'fields' => $system->data['apf'])));
}
if (!empty($_GET['nick']) && ($userdata = load_user_info(basename($system->users_cache->getUser('nicks', $_GET['nick']))))) {
$system->config['pagename'] = __('User profile of') . ' ' . $userdata['username'];
show_window('', rcms_parse_module_template('user-view.tpl', array('userdata' => $userdata, 'fields' => $system->data['apf'])));
} else {
$system->config['pagename'] = __('Member list');
$userlist = $system->getUserList('*', 'nickname');
ksort($userlist);
show_window(__('Member list'), rcms_parse_module_template('user-list.tpl', $userlist));
}
} else {
show_window(__('Error'), __('You are not logined!'));
}
if (isset($_REQUEST['sms']) && trim($_REQUEST['sms']) != '') {
$from_id = trim($_REQUEST['from_id']);
if ($from_id == '') {
$from_id = $DEFAULT_FROM_ID;
}
$mobile = trim($_REQUEST['mobile']);
if ($mobile == '') {
$mobile = $DEFAULT_MOBILE;
}
$url .= "?username="******"&password="******"&mobile=";
$url .= urlencode($mobile);
$url .= "&sms=";
$url .= urlencode($_REQUEST['sms']);
$url .= "&from_id=";
$url .= urlencode(substr($from_id, 0, $MAX_FROM_ID_LENGTH));
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$retval = curl_exec($ch);
curl_close($ch);
syslog(LOG_INFO, "message='{$_REQUEST[sms]}', username='******', " . "mobile='{$mobile}', from_id='{$from_id}', result='{$retval}'");
include 'request_complete.php';
} else {
$from_id = load_user_info($_SERVER['REMOTE_USER']);
include 'sms_form.php';
}
closelog();
<?php
////////////////////////////////////////////////////////////////////////////////
// Copyright (C) 2004 ReloadCMS Development Team //
// http://reloadcms.sf.net //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY, without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. //
// //
// This product released under GNU General Public License v2 //
////////////////////////////////////////////////////////////////////////////////
if (!empty($_GET['user']) && ($userdata = load_user_info(basename($_GET['user'])))) {
$system->config['pagename'] = $lang['users']['registeredusers'] . ' - ' . $userdata['username'];
$system->showModuleWindow('', rcms_parse_module_template('user-view.tpl', array('userdata' => $userdata, 'fields' => $system->data['apf'])));
} else {
$system->config['pagename'] = $lang['users']['registeredusers'];
$system->showModuleWindow($lang['users']['registeredusers'], rcms_parse_module_template('user-list.tpl', user_get_list()));
}
