/**
* assumeUser Assume the identity of anothre user - Only admins may do this
*
* @param numeric $pUserId User ID of the user you want to hijack
* @access public
* @return TRUE on success, FALSE on failure - mErrors will contain reason for failure
*/
function assumeUser($pUserId)
{
global $gBitUser;
$ret = FALSE;
// make double sure the current logged in user has permission, check for p_users_admin, not admin, as that is all you need for assuming another user.
// this enables creating of a non technical site adminstrators group, eg customer support representatives.
if ($gBitUser->hasPermission('p_users_admin')) {
$assumeUser = new BitPermUser($pUserId);
$assumeUser->loadPermissions();
if ($assumeUser->isAdmin()) {
$this->mErrors['assume_user'] = tra("User administrators cannot be assumed.");
} else {
$this->mDb->query("UPDATE `" . BIT_DB_PREFIX . "users_cnxn` SET `user_id`=?, `assume_user_id`=? WHERE `cookie`=?", array($pUserId, $gBitUser->mUserId, $_COOKIE[$this->getSiteCookieName()]));
$ret = TRUE;
}
}
return $ret;
}
function calculateUserWeight($pUserId = NULL)
{
global $gBitUser, $gBitSystem;
if ($gBitSystem->isFeatureActive('stars_user_weight')) {
// allow overriding of currently loaded user
if (@BitBase::verifyId($pUserId)) {
$tmpUser = new BitPermUser($pUserId);
$tmpUser->load(TRUE);
} else {
$tmpUser =& $gBitUser;
}
// age relative to site age
$query = "SELECT MIN( `registration_date` ) FROM `" . BIT_DB_PREFIX . "users_users`";
$age['site'] = BitDate::getUTCTime() - $this->mDb->getOne($query);
$age['user'] = BitDate::getUTCTime() - $tmpUser->getField('registration_date');
$userWeight['age'] = $age['user'] / $age['site'];
// permissioning relative to full number of permissions
$query = "SELECT COUNT( `perm_name` ) FROM `" . BIT_DB_PREFIX . "users_permissions`";
if ($tmpUser->isAdmin()) {
$userWeight['permission'] = 1;
} else {
$userWeight['permission'] = count($tmpUser->mPerms) / $this->mDb->getOne($query);
}
// activity - we could to the same using the history as well.
$query = "SELECT COUNT( `content_id` ) FROM `" . BIT_DB_PREFIX . "liberty_content` WHERE `user_id`=?";
$activity['user'] = $this->mDb->getOne($query, array($tmpUser->getField('user_id')));
$query = "SELECT COUNT( `content_id` ) FROM `" . BIT_DB_PREFIX . "liberty_content`";
$activity['site'] = $this->mDb->getOne($query);
$userWeight['activity'] = $activity['user'] / $activity['site'];
// here we can add some weight to various areas
$custom['age'] = $gBitSystem->getConfig('stars_weight_age');
$custom['permission'] = $gBitSystem->getConfig('stars_weight_permission');
$custom['activity'] = $gBitSystem->getConfig('stars_weight_activity');
foreach ($userWeight as $type => $value) {
${$type} = 10 * $value * $custom[$type];
if (empty(${$type})) {
${$type} = 1;
}
}
// TODO: run some tests to see if this is a good way of evaluating power of a user
// ensure that we always have a positive number here to avoid chaos - this also makes sure new users have at least a bit of a say
if (($ret = round(log($age * $permission * $activity, 2))) < 1) {
$ret = 1;
}
} else {
$ret = 1;
}
return $ret;
}
// $Header$
// Copyright (c) 2002-2003, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See below for details and a complete list of authors.
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See http://www.gnu.org/copyleft/lesser.html for details.
// This script is used to assign groups to a particular user
// ASSIGN USER TO GROUPS
// Initialization
require_once '../../kernel/setup_inc.php';
$gBitSystem->verifyPermission('p_users_admin');
if (!$gBitUser->userExists(array('user_id' => $_REQUEST["assign_user"]))) {
$gBitSystem->fatalError(tra("User doesnt exist"));
}
$assignUser = new BitPermUser($_REQUEST["assign_user"]);
$assignUser->setCacheableObject(FALSE);
$assignUser->load(TRUE);
if ($assignUser->isAdmin() && !$gBitUser->isAdmin()) {
$gBitSystem->fatalError(tra('You cannot modify a system administrator.'));
}
if (isset($_REQUEST["action"])) {
$gBitUser->verifyTicket();
if ($_REQUEST["action"] == 'assign') {
$assignUser->addUserToGroup($assignUser->mUserId, $_REQUEST["group_id"]);
} elseif ($_REQUEST["action"] == 'removegroup') {
$assignUser->removeUserFromGroup($_REQUEST["assign_user"], $_REQUEST["group_id"]);
}
header('Location: ' . $_SERVER['SCRIPT_NAME'] . '?assign_user='******'set_default'])) {
$gBitUser->verifyTicket();
$assignUser->storeUserDefaultGroup($assignUser->mUserId, $_REQUEST['default_group']);
$assignUser->load();
