summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Fowler <spider@viovio.com>2008-11-03 17:08:47 +0000
committerChristian Fowler <spider@viovio.com>2008-11-03 17:08:47 +0000
commitbb2e68613f193e2451b4d1a6b45bc4e268dfcf8c (patch)
tree1ba6febb29ead2613eba1d2787d0a3efbd35d057
parent8481b8156ba38ae4049ff16a508be84a4a5e0449 (diff)
downloadusers-bb2e68613f193e2451b4d1a6b45bc4e268dfcf8c.tar.gz
users-bb2e68613f193e2451b4d1a6b45bc4e268dfcf8c.tar.bz2
users-bb2e68613f193e2451b4d1a6b45bc4e268dfcf8c.zip
fix assumeUser by checking hashes directly
-rw-r--r--BitPermUser.php11
1 files changed, 6 insertions, 5 deletions
diff --git a/BitPermUser.php b/BitPermUser.php
index 852187a..1e4562f 100644
--- a/BitPermUser.php
+++ b/BitPermUser.php
@@ -1,6 +1,6 @@
<?php
/**
- * $Header: /cvsroot/bitweaver/_bit_users/BitPermUser.php,v 1.71 2008/10/19 08:14:21 squareing Exp $
+ * $Header: /cvsroot/bitweaver/_bit_users/BitPermUser.php,v 1.72 2008/11/03 17:08:47 spiderr Exp $
*
* Lib for user administration, groups and permissions
* This lib uses pear so the constructor requieres
@@ -11,7 +11,7 @@
* All Rights Reserved. See copyright.txt for details and a complete list of authors.
* Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details
*
- * $Id: BitPermUser.php,v 1.71 2008/10/19 08:14:21 squareing Exp $
+ * $Id: BitPermUser.php,v 1.72 2008/11/03 17:08:47 spiderr Exp $
* @package users
*/
@@ -24,7 +24,7 @@ require_once( USERS_PKG_PATH.'/BitUser.php' );
* Class that holds all information for a given user
*
* @author spider <spider@steelsun.com>
- * @version $Revision: 1.71 $
+ * @version $Revision: 1.72 $
* @package users
* @subpackage BitPermUser
*/
@@ -63,17 +63,18 @@ class BitPermUser extends BitUser {
global $gBitUser, $user_cookie_site;
$ret = FALSE;
// make double sure the current logged in user has permission
- if( $gBitUser->isAdmin() ) {
+ if( !empty( $this->mPerms['p_users_admin'] ) ) {
$assumeUser = new BitPermUser( $pUserId );
$assumeUser->loadPermissions();
- if( $assumeUser->isAdmin() ) {
+ if( !empty( $assumeUser->mPerms['p_users_admin'] ) ) {
$this->mErrors['assume_user'] = tra( "User administrators cannot be assumed." );
} else {
$this->mDb->query( "UPDATE `".BIT_DB_PREFIX."users_cnxn` SET `user_id`=?, `assume_user_id`=? WHERE `cookie`=?", array( $pUserId, $gBitUser->mUserId, $_COOKIE[$user_cookie_site] ) );
$ret = TRUE;
}
}
+
return $ret;
}