Example #1
0
 /**
  * assumeUser Assume the identity of anothre user - Only admins may do this
  * 
  * @param numeric $pUserId User ID of the user you want to hijack
  * @access public
  * @return TRUE on success, FALSE on failure - mErrors will contain reason for failure
  */
 function assumeUser($pUserId)
 {
     global $gBitUser;
     $ret = FALSE;
     // make double sure the current logged in user has permission, check for p_users_admin, not admin, as that is all you need for assuming another user.
     // this enables creating of a non technical site adminstrators group, eg customer support representatives.
     if ($gBitUser->hasPermission('p_users_admin')) {
         $assumeUser = new BitPermUser($pUserId);
         $assumeUser->loadPermissions();
         if ($assumeUser->isAdmin()) {
             $this->mErrors['assume_user'] = tra("User administrators cannot be assumed.");
         } else {
             $this->mDb->query("UPDATE `" . BIT_DB_PREFIX . "users_cnxn` SET `user_id`=?, `assume_user_id`=? WHERE `cookie`=?", array($pUserId, $gBitUser->mUserId, $_COOKIE[$this->getSiteCookieName()]));
             $ret = TRUE;
         }
     }
     return $ret;
 }
Example #2
0
 function calculateUserWeight($pUserId = NULL)
 {
     global $gBitUser, $gBitSystem;
     if ($gBitSystem->isFeatureActive('stars_user_weight')) {
         // allow overriding of currently loaded user
         if (@BitBase::verifyId($pUserId)) {
             $tmpUser = new BitPermUser($pUserId);
             $tmpUser->load(TRUE);
         } else {
             $tmpUser =& $gBitUser;
         }
         // age relative to site age
         $query = "SELECT MIN( `registration_date` ) FROM `" . BIT_DB_PREFIX . "users_users`";
         $age['site'] = BitDate::getUTCTime() - $this->mDb->getOne($query);
         $age['user'] = BitDate::getUTCTime() - $tmpUser->getField('registration_date');
         $userWeight['age'] = $age['user'] / $age['site'];
         // permissioning relative to full number of permissions
         $query = "SELECT COUNT( `perm_name` ) FROM `" . BIT_DB_PREFIX . "users_permissions`";
         if ($tmpUser->isAdmin()) {
             $userWeight['permission'] = 1;
         } else {
             $userWeight['permission'] = count($tmpUser->mPerms) / $this->mDb->getOne($query);
         }
         // activity - we could to the same using the history as well.
         $query = "SELECT COUNT( `content_id` ) FROM `" . BIT_DB_PREFIX . "liberty_content` WHERE `user_id`=?";
         $activity['user'] = $this->mDb->getOne($query, array($tmpUser->getField('user_id')));
         $query = "SELECT COUNT( `content_id` ) FROM `" . BIT_DB_PREFIX . "liberty_content`";
         $activity['site'] = $this->mDb->getOne($query);
         $userWeight['activity'] = $activity['user'] / $activity['site'];
         // here we can add some weight to various areas
         $custom['age'] = $gBitSystem->getConfig('stars_weight_age');
         $custom['permission'] = $gBitSystem->getConfig('stars_weight_permission');
         $custom['activity'] = $gBitSystem->getConfig('stars_weight_activity');
         foreach ($userWeight as $type => $value) {
             ${$type} = 10 * $value * $custom[$type];
             if (empty(${$type})) {
                 ${$type} = 1;
             }
         }
         // TODO: run some tests to see if this is a good way of evaluating power of a user
         // ensure that we always have a positive number here to avoid chaos - this also makes sure new users have at least a bit of a say
         if (($ret = round(log($age * $permission * $activity, 2))) < 1) {
             $ret = 1;
         }
     } else {
         $ret = 1;
     }
     return $ret;
 }
Example #3
0
// $Header$
// Copyright (c) 2002-2003, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See below for details and a complete list of authors.
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See http://www.gnu.org/copyleft/lesser.html for details.
// This script is used to assign groups to a particular user
// ASSIGN USER TO GROUPS
// Initialization
require_once '../../kernel/setup_inc.php';
$gBitSystem->verifyPermission('p_users_admin');
if (!$gBitUser->userExists(array('user_id' => $_REQUEST["assign_user"]))) {
    $gBitSystem->fatalError(tra("User doesnt exist"));
}
$assignUser = new BitPermUser($_REQUEST["assign_user"]);
$assignUser->setCacheableObject(FALSE);
$assignUser->load(TRUE);
if ($assignUser->isAdmin() && !$gBitUser->isAdmin()) {
    $gBitSystem->fatalError(tra('You cannot modify a system administrator.'));
}
if (isset($_REQUEST["action"])) {
    $gBitUser->verifyTicket();
    if ($_REQUEST["action"] == 'assign') {
        $assignUser->addUserToGroup($assignUser->mUserId, $_REQUEST["group_id"]);
    } elseif ($_REQUEST["action"] == 'removegroup') {
        $assignUser->removeUserFromGroup($_REQUEST["assign_user"], $_REQUEST["group_id"]);
    }
    header('Location: ' . $_SERVER['SCRIPT_NAME'] . '?assign_user='******'set_default'])) {
    $gBitUser->verifyTicket();
    $assignUser->storeUserDefaultGroup($assignUser->mUserId, $_REQUEST['default_group']);
    $assignUser->load();