From 68b412fb8de6e2a13c63fc6eb347f5f853c9a03f Mon Sep 17 00:00:00 2001 From: MW Date: Thu, 15 Nov 2007 21:01:43 +0000 Subject: remove old admin_add kludge and replace with proper admin permission check --- BitUser.php | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/BitUser.php b/BitUser.php index d1f65d5..06af878 100644 --- a/BitUser.php +++ b/BitUser.php @@ -1,6 +1,6 @@ - * @version $Revision: 1.161 $ + * @version $Revision: 1.162 $ * @package users * @subpackage BitUser */ @@ -291,7 +291,7 @@ class BitUser extends LibertyAttachable { } function verify( &$pParamHash ) { - global $gBitSystem; + global $gBitSystem, $gBitUser; trim_array( $pParamHash ); @@ -317,7 +317,8 @@ class BitUser extends LibertyAttachable { // LOWER CASE all emails $pParamHash['email'] = strtolower( $pParamHash['email'] ); // jht 2006-08-05 08:32:28 -1000 allow override from admin add - if( ( !empty($pParamHash['admin_add']) && $pParamHash['admin_add'] ) || $this->verifyEmail( $pParamHash['email'] ) ) { + // yettyn 2007-11-15 updated to use class call for permission check. + if( $gBitUser->hasPermission( 'p_users_admin' ) || $this->verifyEmail( $pParamHash['email'] ) ) { $pParamHash['user_store']['email'] = strtolower( substr( $pParamHash['email'], 0, 200 ) ); } } @@ -333,9 +334,7 @@ class BitUser extends LibertyAttachable { if( empty( $pParamHash['email'] ) ) { $this->mErrors['email'] = tra( 'You must enter your email address' ); } - // jht 2005-06-22_23:51:58 $pParamHash['admin_add'] is set on adds from admin page - a kludge - // that should be fixed in some better way. - if(empty($pParamHash['admin_add']) && $gBitSystem->isFeatureActive( 'users_validate_user' ) ) { + if( !$gBitUser->hasPermission( 'p_users_admin' ) && $gBitSystem->isFeatureActive( 'users_validate_user' ) ) { $pParamHash['user_store']['provpass'] = md5(BitSystem::genPass()); $pParamHash['pass_due'] = 0; } elseif( empty( $pParamHash['password'] ) ) { -- cgit v1.3