diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2006-04-17 13:09:50 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2006-04-17 13:09:50 +0000 |
| commit | a0f8e1323a0fb50e6a4b7449f93b493377eddd2c (patch) | |
| tree | ad60ba619c483e390bf767c70ff7c160e087daf5 /phpBB/includes/acp/auth.php | |
| parent | 8c2f02ca00b41d7aa3282aaacfbf2674a5347a14 (diff) | |
| download | forums-a0f8e1323a0fb50e6a4b7449f93b493377eddd2c.tar forums-a0f8e1323a0fb50e6a4b7449f93b493377eddd2c.tar.gz forums-a0f8e1323a0fb50e6a4b7449f93b493377eddd2c.tar.bz2 forums-a0f8e1323a0fb50e6a4b7449f93b493377eddd2c.tar.xz forums-a0f8e1323a0fb50e6a4b7449f93b493377eddd2c.zip | |
- clean up marklist calls (global function)
- added new feature: test out others permissions (admin permissions will not be copied)
- changed attachment processing by directly using the template engine
- fixed some attachment related bugs
- additional tiny fixes
git-svn-id: file:///svn/phpbb/trunk@5790 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/acp/auth.php')
| -rw-r--r-- | phpBB/includes/acp/auth.php | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/phpBB/includes/acp/auth.php b/phpBB/includes/acp/auth.php index 2307d413fa..e8c2c12079 100644 --- a/phpBB/includes/acp/auth.php +++ b/phpBB/includes/acp/auth.php @@ -1101,6 +1101,59 @@ class auth_admin extends auth } } } + + /** + * Use permissions from another user. This transferes a permission set from one user to another. + * The other user is always able to revert back to his permission set. + * This function does not check for lower/higher permissions, it is possible for the user to gain + * "more" permissions by this. + * + */ + function ghost_permissions($from_user_id, $to_user_id) + { + global $db; + + if ($to_user_id == ANONYMOUS) + { + return false; + } + + $hold_ary = $this->acl_raw_data($from_user_id, false, false); + + if (isset($hold_ary[$from_user_id])) + { + $hold_ary = $hold_ary[$from_user_id]; + } + + // Key 0 in $hold_ary are global options, all others are forum_ids + + // We disallow copying admin permissions + foreach ($this->acl_options['global'] as $opt => $id) + { + if (strpos($opt, 'a_') === 0) + { + $hold_ary[0][$opt] = ACL_NO; + } + } + + // Force a_switchperm to be allowed + $hold_ary[0]['a_switchperm'] = ACL_YES; + + $user_permissions = $this->build_bitstring($hold_ary); + + if (!$user_permissions) + { + return false; + } + + $sql = 'UPDATE ' . USERS_TABLE . " + SET user_permissions = '" . $db->sql_escape($user_permissions) . "', + user_perm_from = $from_user_id + WHERE user_id = " . $to_user_id; + $db->sql_query($sql); + + return true; + } } ?>
\ No newline at end of file |