function user_activate($username, $key)
{
if (!is_file(DATA_PATH . 'users.unconfirmed.dat')) {
$userdata = array();
} else {
$userdata = @unserialize(@file_get_contents(DATA_PATH . 'users.unconfirmed.dat'));
}
if (user_is_confirmed($username)) {
return true;
}
if (@$userdata[$username]['code'] == $key) {
unset($userdata[$username]);
} else {
return false;
}
@file_write_contents(DATA_PATH . 'users.unconfirmed.dat', serialize($userdata));
return true;
}
/**
* @return boolean
* @param string $username
* @param string $password
* @param string $report_to
* @param boolean $hash
* @param link $userdata
* @desc This function is an internal private function for class rcms_system
and must not be used externally. This function check user's data and
validate his data file.
*/
function checkUserData($username, $password, $report_to, $hash, &$userdata)
{
if (preg_replace("/[\\d\\w]+/i", "", $username) != "") {
$this->results[$report_to] = 14;
return false;
}
// If login is not exists - we exiting with error
if (!is_file(USERS_PATH . $username)) {
$this->results[$report_to] = 16;
return false;
}
// So all is ok. Let's load userdata
$result = load_user_info($username);
// If userdata is invalid we must delete invalid user
// and exit with error
if (empty($result)) {
user_delete($username);
$this->results[$report_to] = 14;
return false;
}
// If password is invalid - exit with error
if (!$hash && md5($password) !== $result['password'] || $hash && $password !== $result['password']) {
$this->results[$report_to] = 13;
return false;
}
// If user is blocked - exit with error
if (@$result['blocked']) {
$this->results[$report_to] = 7;
return false;
}
// If activation is ON and user doesnot confirm it's account
if (@$this->config['regconf'] && !user_is_confirmed($result['username'])) {
$this->results[$report_to] = 17;
return false;
}
$userdata = $result;
return true;
}
