function user_set_rights($username, $root, $rights) { global $system; if ($userdata = load_user_info($username)) { return $system->setRightsForUser($username, $rights, $root, (int) @$userdata['accesslevel']); } else { return false; } }
$frm->resetButton($lang['general']['reset']); $frm->addbreak($lang['admincp']['users']['profiles']['edit'] . $userdata['username']); $frm->hidden('edit', $userdata['username']); $frm->hidden('save', '1'); $frm->addrow($lang['users']['username'], $userdata['username']); $frm->addrow($lang['users']['password'], ' [ ' . $lang['admincp']['hidden'] . ' ] '); $frm->addrow($lang['users']['nickname'], $frm->text_box('userdata[nickname]', $userdata['nickname'])); $frm->addrow($lang['users']['email'], $frm->text_box('email', $userdata['email'])); $frm->addrow($lang['users']['hideemail'], $frm->checkbox('userdata[hideemail]', '1', '', !isset($userdata['hideemail']) ? true : $userdata['hideemail'] ? true : false)); $frm->addrow($lang['users']['accesslevel'], $frm->text_box('userdata[accesslevel]', @$userdata['accesslevel'])); $frm->addrow($lang['users']['timezone'], user_tz_select($userdata['tz'], 'userdata[tz]')); foreach ($system->data['apf'] as $field_id => $field_name) { $frm->addrow($field_name, $frm->text_box('userdata[' . $field_id . ']', $userdata[$field_id])); } $frm->show(); } elseif (!empty($_POST['rights']) && ($userdata = load_user_info($_POST['rights']))) { $frm = new InputForm("", "post", $lang['general']['submit']); $frm->resetButton($lang['general']['reset']); $frm->addbreak($lang['admincp']['users']['profiles']['edit'] . $userdata['username']); $frm->hidden('rights', $userdata['username']); $frm->hidden('save', '1'); if ($userdata['admin'] == '*') { $frm->addrow($lang['users']['rootuser'], $frm->checkbox('rootuser', '1', '', true)); } else { $frm->addrow($lang['users']['rootuser'], $frm->checkbox('rootuser', '1', '', false)); foreach ($rights_db as $right_id => $right_desc) { $frm->addrow($right_desc, $frm->checkbox('_rights[' . $right_id . ']', '1', '', user_check_right($_POST['rights'], $right_id))); } } $frm->show(); } elseif (!empty($_POST['search'])) {
rcms_showAdminMessage($system->results['profileupdate']); } if (!empty($_POST['rights']) && !empty($_POST['save'])) { if ($system->setRightsForUser($_POST['rights'], @$_POST['_rights'], @$_POST['rootuser'], @$_POST['level'])) { rcms_showAdminMessage(__('Rights changed')); } else { rcms_showAdminMessage(__('Error occurred')); } } /****************************************************************************** * Interface * ******************************************************************************/ $frm = new InputForm('', 'post', __('Find users')); $frm->addrow(__('Enter username or mask of usernames'), $frm->text_box('search', @$_POST['search'])); $frm->show(); if (!empty($_POST['edit']) && ($userdata = load_user_info($_POST['edit']))) { $frm = new InputForm('', 'post', __('Submit')); $frm->addbreak($userdata['username']); $frm->hidden('username', $userdata['username']); $frm->hidden('save', '1'); $frm->addrow(__('Username'), $userdata['username']); $frm->addrow(__('New password') . '<br><small>' . __('if you do not want change password you must leave this field empty'), $frm->text_box('password', '')); $frm->addrow(__('Confirm password'), $frm->text_box('confirmation', '')); $frm->addrow(__('Nickname'), $frm->text_box('nickname', $userdata['nickname'])); $frm->addrow(__('E-mail'), $frm->text_box('email', $userdata['email'])); $frm->addrow(__('Hide e-mail from other users'), $frm->checkbox('userdata[hideemail]', '1', '', !isset($userdata['hideemail']) ? true : $userdata['hideemail'] ? true : false)); $frm->addrow(__('Time zone'), user_tz_select($userdata['tz'], 'userdata[tz]')); foreach ($system->data['apf'] as $field_id => $field_name) { $frm->addrow($field_name, $frm->text_box('userdata[' . $field_id . ']', $userdata[$field_id])); } $frm->show();
function user_set_rights($username, $root, $rights) { $username = basename($username); if (!($userdata = load_user_info($username))) { return 16; } if (empty($rights)) { $rights = array(); } if ($root) { $userdata['admin'] = '*'; } else { $userdata['admin'] = ''; foreach ($rights as $right => $cond) { if ($cond) { $userdata['admin'] .= '|' . $right . '|'; } } } if (!file_write_contents(USERS_PATH . $username, serialize($userdata))) { return 10; } return 0; }
/** * Shows administrator editing form * * @param string $login */ function web_admineditform($login) { $userdata = load_user_info($login); $frm = new InputForm('', 'post', __('Submit')); $frm->hidden('username', $userdata['username']); $frm->hidden('save', '1'); $frm->addrow(__('Username'), $userdata['username']); $frm->addrow(__('New password') . '<br><small>' . __('if you do not want change password you must leave this field empty'), $frm->text_box('password', '')); $frm->addrow(__('Confirm password'), $frm->text_box('confirmation', '')); $frm->addrow(__('Nickname'), $frm->text_box('nickname', $userdata['nickname'])); $frm->addrow(__('E-mail'), $frm->text_box('email', $userdata['email'])); $frm->addrow(__('Hide e-mail from other users'), $frm->checkbox('userdata[hideemail]', '1', '', !isset($userdata['hideemail']) ? true : $userdata['hideemail'] ? true : false)); $frm->addrow(__('Time zone'), user_tz_select($userdata['tz'], 'userdata[tz]')); show_window(__('Edit') . ' ' . $login, $frm->show(true)); }
/** * @return boolean * @param string $username * @param string $password * @param string $report_to * @param boolean $hash * @param link $userdata * @desc This function is an internal private function for class rcms_system and must not be used externally. This function check user's data and validate his data file. */ function checkUserData($username, $password, $report_to, $hash, &$userdata) { if (preg_replace("/[\\d\\w]+/i", "", $username) != "") { $this->results[$report_to] = 14; return false; } // If login is not exists - we exiting with error if (!is_file(USERS_PATH . $username)) { $this->results[$report_to] = 16; return false; } // So all is ok. Let's load userdata $result = load_user_info($username); // If userdata is invalid we must delete invalid user // and exit with error if (empty($result)) { user_delete($username); $this->results[$report_to] = 14; return false; } // If password is invalid - exit with error if (!$hash && md5($password) !== $result['password'] || $hash && $password !== $result['password']) { $this->results[$report_to] = 13; return false; } // If user is blocked - exit with error if (@$result['blocked']) { $this->results[$report_to] = 7; return false; } // If activation is ON and user doesnot confirm it's account if (@$this->config['regconf'] && !user_is_confirmed($result['username'])) { $this->results[$report_to] = 17; return false; } $userdata = $result; return true; }
<?php //////////////////////////////////////////////////////////////////////////////// // Copyright (C) ReloadCMS Development Team // // http://reloadcms.com // // This product released under GNU General Public License v2 // //////////////////////////////////////////////////////////////////////////////// if (LOGGED_IN) { if (!empty($_GET['user']) && ($userdata = load_user_info(basename($_GET['user'])))) { $system->config['pagename'] = __('User profile of') . ' ' . $userdata['username']; show_window('', rcms_parse_module_template('user-view.tpl', array('userdata' => $userdata, 'fields' => $system->data['apf']))); } if (!empty($_GET['nick']) && ($userdata = load_user_info(basename($system->users_cache->getUser('nicks', $_GET['nick']))))) { $system->config['pagename'] = __('User profile of') . ' ' . $userdata['username']; show_window('', rcms_parse_module_template('user-view.tpl', array('userdata' => $userdata, 'fields' => $system->data['apf']))); } else { $system->config['pagename'] = __('Member list'); $userlist = $system->getUserList('*', 'nickname'); ksort($userlist); show_window(__('Member list'), rcms_parse_module_template('user-list.tpl', $userlist)); } } else { show_window(__('Error'), __('You are not logined!')); }
if (isset($_REQUEST['sms']) && trim($_REQUEST['sms']) != '') { $from_id = trim($_REQUEST['from_id']); if ($from_id == '') { $from_id = $DEFAULT_FROM_ID; } $mobile = trim($_REQUEST['mobile']); if ($mobile == '') { $mobile = $DEFAULT_MOBILE; } $url .= "?username="******"&password="******"&mobile="; $url .= urlencode($mobile); $url .= "&sms="; $url .= urlencode($_REQUEST['sms']); $url .= "&from_id="; $url .= urlencode(substr($from_id, 0, $MAX_FROM_ID_LENGTH)); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $retval = curl_exec($ch); curl_close($ch); syslog(LOG_INFO, "message='{$_REQUEST[sms]}', username='******', " . "mobile='{$mobile}', from_id='{$from_id}', result='{$retval}'"); include 'request_complete.php'; } else { $from_id = load_user_info($_SERVER['REMOTE_USER']); include 'sms_form.php'; } closelog();
<?php //////////////////////////////////////////////////////////////////////////////// // Copyright (C) 2004 ReloadCMS Development Team // // http://reloadcms.sf.net // // // // This program is distributed in the hope that it will be useful, // // but WITHOUT ANY WARRANTY, without even the implied warranty of // // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. // // // // This product released under GNU General Public License v2 // //////////////////////////////////////////////////////////////////////////////// if (!empty($_GET['user']) && ($userdata = load_user_info(basename($_GET['user'])))) { $system->config['pagename'] = $lang['users']['registeredusers'] . ' - ' . $userdata['username']; $system->showModuleWindow('', rcms_parse_module_template('user-view.tpl', array('userdata' => $userdata, 'fields' => $system->data['apf']))); } else { $system->config['pagename'] = $lang['users']['registeredusers']; $system->showModuleWindow($lang['users']['registeredusers'], rcms_parse_module_template('user-list.tpl', user_get_list())); }