/**
* Save changes made to an existing user's permissions
*
*/
function SaveChanges()
{
global $langmessage, $gpAdmin;
$username =& $_REQUEST['username'];
if (!isset($this->users[$username])) {
message($langmessage['OOPS']);
return false;
}
if (!empty($_POST['email'])) {
$this->users[$username]['email'] = $_POST['email'];
}
$this->users[$username]['granted'] = $this->GetPostedPermissions($username);
$this->users[$username]['editing'] = $this->GetEditingPermissions();
//this needs to happen before SaveUserFile();
//update the /_session file
includeFile('tool/sessions.php');
$userinfo =& $this->users[$username];
$userinfo = gpsession::SetSessionFileName($userinfo, $username);
//make sure $userinfo['file_name'] is set
if (!$this->SaveUserFile()) {
message($langmessage['OOPS']);
return false;
}
// update the $user_file_name file
$is_curr_user = $gpAdmin['username'] == $username;
$this->UserFileDetails($username, $is_curr_user);
return true;
}
function create(&$user_info, $username)
{
global $dataDir, $langmessage;
//update the session files to .php files
//changes to $userinfo will be saved by UpdateAttempts() below
$user_info = gpsession::SetSessionFileName($user_info, $username);
$user_file_name = $user_info['file_name'];
$user_file = $dataDir . '/data/_sessions/' . $user_file_name;
//use an existing session_id if the new login matches an existing session (uid and file_name)
$sessions = gpsession::GetSessionIds();
$uid = gpsession::auth_browseruid();
$session_id = false;
foreach ($sessions as $sess_temp_id => $sess_temp_info) {
if (isset($sess_temp_info['uid']) && $sess_temp_info['uid'] == $uid && $sess_temp_info['file_name'] == $user_file_name) {
$session_id = $sess_temp_id;
}
}
//create a unique session id if needed
if ($session_id === false) {
do {
$session_id = common::RandomString(40);
} while (isset($sessions[$session_id]));
}
$expires = !isset($_POST['remember']);
gpsession::cookie(gp_session_cookie, $session_id, $expires);
//save session id
$sessions[$session_id] = array();
$sessions[$session_id]['file_name'] = $user_file_name;
$sessions[$session_id]['uid'] = $uid;
//$sessions[$session_id]['time'] = time(); //for session locking
if (!gpsession::SaveSessionIds($sessions)) {
return false;
}
//make sure the user's file exists
$new_data = gpsession::SessionData($user_file, $checksum);
$new_data['username'] = $username;
$new_data['granted'] = $user_info['granted'];
admin_tools::EditingValue($new_data);
gpFiles::SaveArray($user_file, 'gpAdmin', $new_data);
return $session_id;
}