diff options
| author | Christian Fowler <spider@viovio.com> | 2008-11-03 17:08:47 +0000 |
|---|---|---|
| committer | Christian Fowler <spider@viovio.com> | 2008-11-03 17:08:47 +0000 |
| commit | bb2e68613f193e2451b4d1a6b45bc4e268dfcf8c (patch) | |
| tree | 1ba6febb29ead2613eba1d2787d0a3efbd35d057 | |
| parent | 8481b8156ba38ae4049ff16a508be84a4a5e0449 (diff) | |
| download | users-bb2e68613f193e2451b4d1a6b45bc4e268dfcf8c.tar.gz users-bb2e68613f193e2451b4d1a6b45bc4e268dfcf8c.tar.bz2 users-bb2e68613f193e2451b4d1a6b45bc4e268dfcf8c.zip | |
fix assumeUser by checking hashes directly
| -rw-r--r-- | BitPermUser.php | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/BitPermUser.php b/BitPermUser.php index 852187a..1e4562f 100644 --- a/BitPermUser.php +++ b/BitPermUser.php @@ -1,6 +1,6 @@ <?php /** - * $Header: /cvsroot/bitweaver/_bit_users/BitPermUser.php,v 1.71 2008/10/19 08:14:21 squareing Exp $ + * $Header: /cvsroot/bitweaver/_bit_users/BitPermUser.php,v 1.72 2008/11/03 17:08:47 spiderr Exp $ * * Lib for user administration, groups and permissions * This lib uses pear so the constructor requieres @@ -11,7 +11,7 @@ * All Rights Reserved. See copyright.txt for details and a complete list of authors. * Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details * - * $Id: BitPermUser.php,v 1.71 2008/10/19 08:14:21 squareing Exp $ + * $Id: BitPermUser.php,v 1.72 2008/11/03 17:08:47 spiderr Exp $ * @package users */ @@ -24,7 +24,7 @@ require_once( USERS_PKG_PATH.'/BitUser.php' ); * Class that holds all information for a given user * * @author spider <spider@steelsun.com> - * @version $Revision: 1.71 $ + * @version $Revision: 1.72 $ * @package users * @subpackage BitPermUser */ @@ -63,17 +63,18 @@ class BitPermUser extends BitUser { global $gBitUser, $user_cookie_site; $ret = FALSE; // make double sure the current logged in user has permission - if( $gBitUser->isAdmin() ) { + if( !empty( $this->mPerms['p_users_admin'] ) ) { $assumeUser = new BitPermUser( $pUserId ); $assumeUser->loadPermissions(); - if( $assumeUser->isAdmin() ) { + if( !empty( $assumeUser->mPerms['p_users_admin'] ) ) { $this->mErrors['assume_user'] = tra( "User administrators cannot be assumed." ); } else { $this->mDb->query( "UPDATE `".BIT_DB_PREFIX."users_cnxn` SET `user_id`=?, `assume_user_id`=? WHERE `cookie`=?", array( $pUserId, $gBitUser->mUserId, $_COOKIE[$user_cookie_site] ) ); $ret = TRUE; } } + return $ret; } |
