user-classes.php 25 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647
  1. <?php
  2. ////////////////////////////////////////////////////////////////////////////////
  3. // Copyright (C) ReloadCMS Development Team //
  4. // http://reloadcms.sf.net //
  5. // //
  6. // This program is distributed in the hope that it will be useful, //
  7. // but WITHOUT ANY WARRANTY, without even the implied warranty of //
  8. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. //
  9. // //
  10. // This product released under GNU General Public License v2 //
  11. ////////////////////////////////////////////////////////////////////////////////
  12. class rcms_access {
  13. var $rights_database = array();
  14. var $rights = array();
  15. var $root = false;
  16. var $level = 0;
  17. function initialiseAccess($rights, $level) {
  18. $this->rights = array();
  19. $this->root = false;
  20. if ($rights !== '*') {
  21. preg_match_all('/\|(.*?)\|/', $rights, $rights_r);
  22. foreach ($rights_r[1] as $right) {
  23. $this->rights[$right] = (empty($this->rights_database[$right])) ? ' ' : $this->rights_database[$right];
  24. }
  25. } else {
  26. $this->root = true;
  27. }
  28. $this->level = $level;
  29. return true;
  30. }
  31. /**
  32. * @param string $right
  33. * @return boolean
  34. * @desc Check if user have specified right
  35. */
  36. function checkForRight($right = '-any-', $username = '') {
  37. if (empty($username)) {
  38. $rights = &$this->rights;
  39. $root = &$this->root;
  40. } else {
  41. if (!$this->getRightsForUser($username, $rights, $root, $level)) {
  42. return false;
  43. }
  44. }
  45. return $root || ($right == '-any-' && !empty($rights)) || !empty($rights[$right]);
  46. }
  47. function getRightsForUser($username, &$rights, &$root, &$level) {
  48. if (!($userdata = $this->getUserData($username)))
  49. return false;
  50. if (!empty($this->config['registered_accesslevel'])) {
  51. $level = (int) $this->config['registered_accesslevel'];
  52. if (!isset($userdata['accesslevel']) || $level > $userdata['accesslevel']) {
  53. $userdata['accesslevel'] = $level;
  54. }
  55. }
  56. $rights = array();
  57. $root = false;
  58. if ($userdata['admin'] !== '*') {
  59. preg_match_all('/\|(.*?)\|/', $userdata['admin'], $rights_r);
  60. foreach ($rights_r[1] as $right) {
  61. $rights[$right] = (empty($this->rights_database[$right])) ? ' ' : $this->rights_database[$right];
  62. }
  63. } else {
  64. $root = true;
  65. }
  66. $level = (int) @$userdata['accesslevel'];
  67. return true;
  68. }
  69. function setRightsForUser($username, $rights, $root = false, $level = 0) {
  70. if (empty($rights))
  71. $rights = array();
  72. if (!empty($this->config['registered_accesslevel'])) {
  73. $reg_level = (int) $this->config['registered_accesslevel'];
  74. if ($level === '') {
  75. $userdata['accesslevel'] = $reg_level;
  76. }
  77. }
  78. if ($root) {
  79. $rights_string = '*';
  80. } else {
  81. $rights_string = '';
  82. if (is_array($rights)) {
  83. foreach ($rights as $right => $cond) {
  84. if ($cond)
  85. $rights_string .= '|' . $right . '|';
  86. }
  87. }
  88. }
  89. user_change_field($username, 'admin', $rights_string);
  90. user_change_field($username, 'accesslevel', $level);
  91. return true;
  92. }
  93. }
  94. class rcms_user_cache {
  95. var $cache_filename = 'users.cache.dat';
  96. var $cache = array();
  97. public function __construct() {
  98. if (!is_file(DATA_PATH . $this->cache_filename)) {
  99. $this->cache = array();
  100. } else {
  101. if (!($this->cache = @unserialize(@file_get_contents(DATA_PATH . 'users.cache.dat')))) {
  102. $this->cache = array();
  103. }
  104. }
  105. }
  106. function save() {
  107. file_write_contents(DATA_PATH . $this->cache_filename, serialize($this->cache));
  108. }
  109. function registerUser($username, $usernick, $email) {
  110. $this->cache['nicks'][$username] = $usernick;
  111. $this->cache['mails'][$username] = $email;
  112. $this->save();
  113. return true;
  114. }
  115. function getUser($field, $value) {
  116. return array_search($value, $this->cache[$field]);
  117. }
  118. function removeUser($username) {
  119. if (!empty($this->cache['nicks'][$username])) {
  120. $this->cache['nicks'][$username] = '';
  121. unset($this->cache['nicks'][$username]);
  122. }
  123. if (!empty($this->cache['mails'][$username])) {
  124. $this->cache['mails'][$username] = '';
  125. unset($this->cache['mails'][$username]);
  126. }
  127. $this->save();
  128. return true;
  129. }
  130. function checkField($field, $value) {
  131. if (empty($this->cache[$field]))
  132. return true;
  133. return !in_array_i($value, $this->cache[$field]);
  134. }
  135. }
  136. define('USERS_ALLOW_CHANGE', 0);
  137. define('USERS_ALLOW_SET', 1);
  138. define('USERS_DISALLOW_CHANGE', 2);
  139. define('USERS_DISALLOW_CHANGE_ALL', 3);
  140. class rcms_user extends rcms_access {
  141. var $profile_fields = array();
  142. var $profile_defaults = array();
  143. /**
  144. * This property indicates if user is registered or just a guest
  145. *
  146. * @access public
  147. * @var boolean
  148. */
  149. var $logged_in = false;
  150. /**
  151. * This array contain data from user's profile
  152. *
  153. * @access public
  154. * @var array
  155. */
  156. var $user = array();
  157. /**
  158. * Name for user cookie
  159. *
  160. * @access private
  161. * @var string
  162. */
  163. var $cookie_user = 'ubilling_user';
  164. var $users_cache = null;
  165. /**
  166. * @return boolean
  167. * @param string $skipcheck Use this parameter to skip userdata checks
  168. * @desc This function is an internal private function for class rcms_system
  169. and must not be used externally. This function initialize user and
  170. load his profile to object.
  171. */
  172. function initializeUser($skipcheck = false) {
  173. $this->users_cache = new rcms_user_cache();
  174. $this->data['apf'] = parse_ini_file(CONFIG_PATH . 'users.fields.ini');
  175. // Enter access levels for fields here
  176. $this->profile_fields = array(
  177. 'hideemail' => USERS_ALLOW_CHANGE,
  178. 'admin' => USERS_DISALLOW_CHANGE_ALL,
  179. 'tz' => USERS_ALLOW_CHANGE,
  180. 'accesslevel' => USERS_DISALLOW_CHANGE_ALL,
  181. 'last_prr' => USERS_DISALLOW_CHANGE_ALL,
  182. 'blocked' => USERS_DISALLOW_CHANGE
  183. );
  184. foreach ($this->data['apf'] as $field => $desc) {
  185. $this->profile_fields[$field] = USERS_ALLOW_CHANGE;
  186. }
  187. $this->profile_defaults = array('hideemail' => 0, 'admin' => ' ', 'tz' => 0, 'accesslevel' => 0, 'blocked' => 0, 'last_prr' => 0);
  188. // Load default guest userdata
  189. $this->user = array('nickname' => __('Guest'), 'username' => 'guest', 'admin' => '', 'tz' => (int) @$this->config['default_tz'], 'accesslevel' => 0);
  190. $this->initialiseAccess($this->user['admin'], (int) @$userdata['accesslevel']);
  191. // Ability for guests to enter nick
  192. $gst_nickTmp = @$_POST['gst_nick'];
  193. if (!empty($gst_nickTmp)) {
  194. $_POST['gst_nick'] = substr(trim($gst_nickTmp), 0, 32);
  195. }
  196. if (!empty($_POST['gst_nick']) && !$this->logged_in) {
  197. $this->user['nickname'] = $_POST['gst_nick'];
  198. setcookie('reloadcms_nick', $this->user['nickname']);
  199. $_COOKIE['reloadcms_nick'] = $this->user['nickname'];
  200. } elseif (!$this->logged_in && !empty($_COOKIE['reloadcms_nick'])) {
  201. $this->user['nickname'] = substr(trim($_COOKIE['reloadcms_nick']), 0, 32);
  202. }
  203. if (!$this->users_cache->checkField('nicks', $this->user['nickname'])) {
  204. $this->user['nickname'] = __('Guest');
  205. setcookie('reloadcms_nick', '', time() - 16000);
  206. unset($_COOKIE['reloadcms_nick']);
  207. }
  208. // Secure the nickname
  209. $this->user['nickname'] = htmlspecialchars($this->user['nickname']);
  210. // If user cookie is not present we exiting without error
  211. if (empty($_COOKIE[$this->cookie_user])) {
  212. $this->logged_in = false;
  213. return true;
  214. }
  215. // So we have a cookie, let's extract data from it
  216. if (is_string($_COOKIE[$this->cookie_user])) {
  217. $cookie_data = explode(':', $_COOKIE[$this->cookie_user], 2);
  218. } else {
  219. $cookie_data=array();
  220. }
  221. if (!$skipcheck) {
  222. // If this cookie is invalid - we exiting destroying cookie and exiting with error
  223. if (sizeof($cookie_data) != 2) {
  224. setcookie($this->cookie_user, '', time() - 3600);
  225. return false;
  226. }
  227. // Now we must validate user's data
  228. if (!$this->checkUserData($cookie_data[0], $cookie_data[1], 'user_init', true, $this->user)) {
  229. setcookie($this->cookie_user, '', time() - 3600);
  230. $this->logged_in = false;
  231. return false;
  232. }
  233. }
  234. $userdata = $this->getUserData($cookie_data[0]);
  235. if ($userdata == false) {
  236. setcookie($this->cookie_user, '', time() - 3600);
  237. $this->logged_in = false;
  238. return false;
  239. }
  240. $this->user = $userdata;
  241. $this->logged_in = true;
  242. if (!empty($this->config['registered_accesslevel'])) {
  243. $level = (int) $this->config['registered_accesslevel'];
  244. if (!isset($userdata['accesslevel'])) {
  245. $this->user['accesslevel'] = $level;
  246. }
  247. }
  248. // Initialise access levels
  249. $this->initialiseAccess($this->user['admin'], (int) @$this->user['accesslevel']);
  250. // Secure the nickname
  251. $this->user['nickname'] = htmlspecialchars($this->user['nickname']);
  252. return true;
  253. }
  254. /**
  255. * @return boolean
  256. * @param string $username
  257. * @param string $password
  258. * @param string $report_to
  259. * @param boolean $hash
  260. * @param link $userdata
  261. * @desc This function is an internal private function for class rcms_system
  262. and must not be used externally. This function check user's data and
  263. validate his data file.
  264. */
  265. function checkUserData($username, $password, $report_to, $hash, &$userdata) {
  266. if (preg_replace("/[\d\w]+/i", "", $username) != "") {
  267. $this->results[$report_to] = __('Invalid username');
  268. return false;
  269. }
  270. // If login is not exists - we exiting with error
  271. if (!is_file(USERS_PATH . $username)) {
  272. $this->results[$report_to] = __('There are no user with this username');
  273. return false;
  274. }
  275. // So all is ok. Let's load userdata
  276. $result = $this->getUserData($username);
  277. // If userdata is invalid we must exit with error
  278. if (empty($result))
  279. return false;
  280. // If password is invalid - exit with error
  281. if ((!$hash && md5($password) !== $result['password']) || ($hash && $password !== $result['password'])) {
  282. $this->results[$report_to] = __('Invalid password');
  283. return false;
  284. }
  285. // If user is blocked - exit with error
  286. if (@$result['blocked']) {
  287. $this->results[$report_to] = __('This account has been blocked by administrator');
  288. return false;
  289. }
  290. $userdata = $result;
  291. return true;
  292. }
  293. /**
  294. * @return boolean
  295. * @param string $username
  296. * @param string $password
  297. * @param boolean $remember
  298. * @desc This function check user's data and log in him.
  299. */
  300. function logInUser($username, $password, $remember) {
  301. $username = basename($username);
  302. if ($username == 'guest')
  303. return false;
  304. if (!$this->logged_in && $this->checkUserData($username, $password, 'user_login', false, $userdata)) {
  305. rcms_log_put('Notification', $this->user['username'], 'Logged in as ' . $username);
  306. // OK... Let's allow user to log in :)
  307. setcookie($this->cookie_user, $username . ':' . $userdata['password'], ($remember) ? time() + 3600 * 24 * 365 : 0);
  308. $_COOKIE[$this->cookie_user] = $username . ':' . $userdata['password'];
  309. $this->initializeUser(true);
  310. return true;
  311. } else {
  312. if (!$this->logged_in) {
  313. rcms_log_put('Notification', $this->user['username'], 'Attempted to log in as ' . $username);
  314. }
  315. return false;
  316. }
  317. }
  318. /**
  319. * @return boolean
  320. * @desc This function log out user from system and destroys his cookie.
  321. */
  322. function logOutUser() {
  323. if ($this->logged_in) {
  324. //normal user logout
  325. if (!@$_COOKIE['ghost_user']) {
  326. rcms_log_put('Notification', $this->user['username'], 'Logged out');
  327. setcookie($this->cookie_user, '', time() - 3600);
  328. $_COOKIE[$this->cookie_user] = '';
  329. $this->initializeUser(false);
  330. } else {
  331. //ghostmode logout
  332. $this->deinitGhostMode();
  333. }
  334. return true;
  335. }
  336. }
  337. /**
  338. * Deinits ghost mode for current ghost administrator
  339. *
  340. * @return void
  341. */
  342. function deinitGhostMode() {
  343. global $system;
  344. if (@$_COOKIE['ghost_user']) {
  345. $myLogin = $this->user['username'];
  346. $ghostData = explode(':', $_COOKIE['ghost_user']);
  347. //cleanup ghostmode data
  348. setcookie('ghost_user', '', 0);
  349. $_COOKIE['ghost_user'] = '';
  350. //login of another admin
  351. rcms_log_put('Notification', $ghostData[0], 'Ghost logged out as ' . $myLogin);
  352. setcookie('ubilling_user', $ghostData[0] . ':' . $ghostData[1], 0);
  353. $_COOKIE['ubilling_user'] = $ghostData[0] . ':' . $ghostData[1];
  354. }
  355. }
  356. function registerUser($username, $nickname, $password, $confirm, $email, $userdata) {
  357. $username = basename($username);
  358. $nickname = empty($nickname) ? $username : substr(trim($nickname), 0, 32);
  359. if (empty($username) || preg_replace("/[\d\w]+/i", '', $username) != '' || strlen($username) > 32 || $username == 'guest') {
  360. $this->results['registration'] = __('Invalid username');
  361. return false;
  362. }
  363. if (is_file(USERS_PATH . $username)) {
  364. $this->results['registration'] = __('User with this username already exists');
  365. return false;
  366. }
  367. if (!user_check_nick_in_cache($username, $nickname, $cache)) {
  368. $this->results['registration'] = __('User with this nickname already exists');
  369. return false;
  370. }
  371. if (empty($email) || !rcms_is_valid_email($email)) {
  372. $this->results['registration'] = __('Invalid e-mail address');
  373. return false;
  374. }
  375. if (!user_check_email_in_cache($username, $email, $cache)) {
  376. $this->results['registration'] = __('This e-mail address already registered');
  377. return false;
  378. }
  379. if (!empty($this->config['regconf']))
  380. $password = $confirm = rcms_random_string(8);
  381. if (empty($password) || empty($confirm) || $password != $confirm) {
  382. $this->results['registration'] = __('Password doesnot match it\'s confirmation');
  383. return false;
  384. }
  385. // If our user is first - we must set him an admin rights
  386. $_userdata['admin'] = (sizeof(rcms_scandir(USERS_PATH)) == 0) ? '*' : ' ';
  387. // Also we must set a md5 hash of user's password to userdata
  388. $_userdata['password'] = md5($password);
  389. $_userdata['nickname'] = $nickname;
  390. $_userdata['username'] = $username;
  391. $_userdata['email'] = $email;
  392. // Parse some system fields
  393. $userdata['hideemail'] = empty($userdata['hideemail']) ? '0' : '1';
  394. $userdata['tz'] = (float) @$userdata['tz'];
  395. foreach ($this->profile_fields as $field => $acc) {
  396. if ($acc <= USERS_ALLOW_SET || $acc == USERS_ALLOW_CHANGE) {
  397. if (!isset($userdata[$field])) {
  398. $userdata[$field] = $this->profile_defaults[$field];
  399. } else {
  400. $_userdata[$field] = strip_tags(trim($userdata[$field]));
  401. }
  402. }
  403. }
  404. foreach ($this->data['apf'] as $field => $desc) {
  405. $_userdata[$field] = strip_tags(trim($userdata[$field]));
  406. }
  407. if (!file_write_contents(USERS_PATH . $username, serialize($_userdata))) {
  408. $this->results['registration'] = __('Cannot save profile');
  409. return false;
  410. }
  411. user_register_in_cache($username, $nickname, $email, $cache);
  412. if (!empty($this->config['regconf'])) {
  413. $site_url = parse_url($this->url);
  414. rcms_send_mail($email, 'no_reply@' . $site_url['host'], __('Password'), $this->config['encoding'], __('Your password at') . ' ' . $site_url['host'], __('Your username at') . ' ' . $site_url['host'] . ': ' . $username . "\r\n" . __('Your password at') . ' ' . $site_url['host'] . ': ' . $password);
  415. }
  416. $this->results['registration'] = __('Registration complete. You can now login with your username and password.');
  417. rcms_log_put('Notification', $this->user['username'], 'Registered account ' . $username);
  418. return true;
  419. }
  420. function updateUser($username, $nickname, $password, $confirm, $email, $userdata, $admin = false) {
  421. $username = basename($username);
  422. $nickname = empty($nickname) ? $username : substr(strip_tags($nickname), 0, 20);
  423. if (empty($username) || preg_replace("/[\d\w]+/i", '', $username) != '') {
  424. $this->results['profileupdate'] = __('Invalid username');
  425. return false;
  426. }
  427. if ($username == 'guest')
  428. return false;
  429. if (!is_file(USERS_PATH . $username)) {
  430. $this->results['profileupdate'] = __('There is no user with this name');
  431. return false;
  432. }
  433. user_remove_from_cache($username, $cache);
  434. if (!($_userdata = $this->getUserData($username))) {
  435. $this->results['profileupdate'] = __('Cannot open profile');
  436. return false;
  437. }
  438. if (!user_check_nick_in_cache($username, $nickname, $cache)) {
  439. $this->results['profileupdate'] = __('User with this nickname already exists');
  440. return false;
  441. }
  442. if (empty($email) || !rcms_is_valid_email($email)) {
  443. $this->results['profileupdate'] = __('Invalid e-mail address');
  444. return false;
  445. }
  446. if (!user_check_email_in_cache($username, $email, $cache)) {
  447. $this->results['profileupdate'] = __('This e-mail address already registered');
  448. return false;
  449. }
  450. if (!empty($password) && !empty($confirm) && $password != $confirm) {
  451. $this->results['profileupdate'] = __('Password doesnot match it\'s confirmation');
  452. return false;
  453. }
  454. // Also we must set a md5 hash of user's password to userdata
  455. $_userdata['password'] = (empty($password)) ? $_userdata['password'] : md5($password);
  456. $_userdata['nickname'] = $nickname;
  457. $_userdata['email'] = $email;
  458. // Parse some system fields
  459. $userdata['hideemail'] = empty($userdata['hideemail']) ? '0' : '1';
  460. $userdata['tz'] = (float) $userdata['tz'];
  461. $userdata['accesslevel'] = (int) @$userdata['accesslevel'];
  462. foreach ($this->profile_fields as $field => $acc) {
  463. if (($admin && $acc < USERS_DISALLOW_CHANGE_ALL) || $acc <= USERS_ALLOW_SET || $acc == USERS_ALLOW_CHANGE) {
  464. if (!isset($userdata[$field])) {
  465. $userdata[$field] = $this->profile_defaults[$field];
  466. } else {
  467. $_userdata[$field] = strip_tags(trim($userdata[$field]));
  468. }
  469. }
  470. }
  471. foreach ($this->data['apf'] as $field => $desc) {
  472. $_userdata[$field] = strip_tags(trim($userdata[$field]));
  473. }
  474. if (!file_write_contents(USERS_PATH . $username, serialize($_userdata))) {
  475. $this->results['profileupdate'] = __('Cannot save profile');
  476. return false;
  477. }
  478. user_register_in_cache($username, $nickname, $email, $cache);
  479. $this->results['profileupdate'] = __('Profile updated');
  480. if ($this->user['username'] == $username) {
  481. $this->user = $_userdata;
  482. }
  483. rcms_log_put('Notification', $this->user['username'], 'Updated userinfo for ' . $username);
  484. return true;
  485. }
  486. function recoverPassword($username, $email) {
  487. $username = basename($username);
  488. if (!($data = $this->getUserData($username))) {
  489. $this->results['passrec'] = __('Cannot open profile');
  490. return false;
  491. }
  492. if ($email != $data['email']) {
  493. $this->results['passrec'] = __('Your e-mail doesn\'t match e-mail in profile');
  494. return false;
  495. }
  496. $new_password = rcms_random_string(8);
  497. $site_url = parse_url($this->url);
  498. $time = time();
  499. if (!empty($data['last_prr']) && !empty($this->config['pr_flood']) && (int) $time <= ((int) $data['last_prr'] + (int) $this->config['pr_flood'])) {
  500. $this->results['passrec'] = __('Too many requests in limited period of time. Try later.');
  501. $data['last_prr'] = time();
  502. if (!file_write_contents(USERS_PATH . $username, serialize($data))) {
  503. $this->results['passrec'] .= '<br />' . __('Cannot save profile');
  504. }
  505. rcms_log_put('Notification', $this->user['username'], 'Attempted to recover password for ' . $username);
  506. return false;
  507. }
  508. if (rcms_send_mail($email, 'no_reply@' . $site_url['host'], __('Password'), $this->config['encoding'], __('Your new password at') . ' ' . $site_url['host'], __('Your username at') . ' ' . $site_url['host'] . ': ' . $username . "\r\n" . __('Your new password at') . ' ' . $site_url['host'] . ': ' . $new_password)) {
  509. $data['password'] = md5($new_password);
  510. $data['last_prr'] = $time;
  511. if (!file_write_contents(USERS_PATH . $username, serialize($data))) {
  512. $this->results['passrec'] = __('Cannot save profile');
  513. return false;
  514. }
  515. $this->results['passrec'] = __('New password has been sent to your e-mail');
  516. rcms_log_put('Notification', $this->user['username'], 'Recovered password for ' . $username);
  517. return true;
  518. } else {
  519. rcms_log_put('Notification', $this->user['username'], 'Recovered password for ' . $username . '" (BUT E-MAIL WAS NOT SENT)');
  520. $this->results['passrec'] = __('Cannot send e-mail');
  521. return false;
  522. }
  523. }
  524. function getUserData($username) {
  525. $result = @unserialize(@file_get_contents(USERS_PATH . basename($username)));
  526. if (empty($result))
  527. return false;
  528. else
  529. return $result;
  530. }
  531. function getUserList($expr = '*', $id_field = '') {
  532. $return = array();
  533. $users = rcms_scandir(USERS_PATH, $expr);
  534. foreach ($users as $user) {
  535. if ($data = $this->getUserData($user)) {
  536. if (!empty($id_field) && !empty($data[$id_field])) {
  537. $return[$data[$id_field]] = $data;
  538. } else {
  539. $return[] = $data;
  540. }
  541. }
  542. }
  543. return $return;
  544. }
  545. function changeProfileField($username, $field, $value) {
  546. $username = basename($username);
  547. if (!($userdata = $this->getUserData($username)))
  548. return false;
  549. $userdata[$field] = $value;
  550. if (!file_write_contents(USERS_PATH . $username, serialize($userdata)))
  551. return false;
  552. return true;
  553. }
  554. function deleteUser($username) {
  555. $username = basename($username);
  556. if (!rcms_delete_files(USERS_PATH . $username))
  557. return false;
  558. user_remove_from_cache($username, $cache);
  559. return true;
  560. }
  561. function createLink($user, $nick, $target = '') {
  562. if (!empty($target))
  563. $target = ' target="' . $target . '"';
  564. if ($user != 'guest') {
  565. return '<a href="' . RCMS_ROOT_PATH . '?module=user.list&amp;user=' . $user . '"' . $target . '>' . strip_tags($nick) . '</a>';
  566. } elseif (!empty($nick)) {
  567. return $nick;
  568. } else {
  569. return __('Guest');
  570. }
  571. }
  572. }