unset($userinfo["sso__impersonation_auto"]); } else { if (!isset($userinfo["sso__impersonation"])) { $userinfo["sso__impersonation"] = "1"; $userinfo["sso__impersonation_key"] = $sso_rng->GenerateString(64); $userinfo["sso__impersonation_auto"] = "0"; } if (isset($_REQUEST["reset_impersonation_key"]) && $_REQUEST["reset_impersonation_key"] == "yes") { $userinfo["sso__impersonation_key"] = $sso_rng->GenerateString(64); } if (isset($_REQUEST["impersonation_auto"])) { $userinfo["sso__impersonation_auto"] = (string) (int) $_REQUEST["impersonation_auto"]; } } } $info2 = SSO_CreateEncryptedUserInfo($userinfo); $sso_db->Query("UPDATE", array($sso_db_users, array("version" => (int) $_REQUEST["version"], "info" => serialize($userinfo), "info2" => $info2), "WHERE" => "id = ?"), $row->id); if ($sso_site_admin && $_REQUEST["tag_id"] != "" && $_REQUEST["tag_reason"] != "") { try { $sso_db->Query("INSERT", array($sso_db_user_tags, array("user_id" => $row->id, "tag_id" => (int) $_REQUEST["tag_id"], "issuer_id" => $sso_user_id, "reason" => $_REQUEST["tag_reason"], "created" => CSDB::ConvertToDBTime(time())))); } catch (Exception $e) { // Don't do anything here. Just catch the database exception and let the code fall through. // It should be nearly impossible to get here in the first place. } } BB_RedirectPage("success", "Successfully updated the user.", array("action=edituser&id=" . $row->id . "&sec_t=" . BB_CreateSecurityToken("edituser"))); } } $lastipaddr = IPAddr::NormalizeIP($row->lastipaddr); $lastipaddrid = $sso_db->GetOne("SELECT", array("*", "FROM" => "?", "WHERE" => "ipaddr = ?"), $sso_db_ipcache, $lastipaddr["ipv6"]); $desc = "<br />" . implode(" | ", isset($sso_providers[$sso_provider]) ? $sso_providers[$sso_provider]->GetEditUserLinks($row->provider_id) : array());
function SSO_SetUserVersion($version) { global $sso_db, $sso_db_users, $sso_userrow, $sso_user_info; try { $info2 = $sso_user_info; $info3 = SSO_CreateEncryptedUserInfo($info2); $sso_db->Query("UPDATE", array($sso_db_users, array("version" => $version, "info" => serialize($info2), "info2" => $info3), "WHERE" => "id = ?"), $sso_userrow->id); return true; } catch (Exception $e) { // Don't do anything here. Just catch the database exception and let the code fall through. // It should be nearly impossible to get here in the first place. } return false; }
$result = array("success" => true); } } } } if (!$result["success"]) { SSO_EndpointError("Unable to delete the old session."); } // Update the user session. if (!isset($sso_data["delete_old"]) || $sso_data["delete_old"] == 0) { $sso_db->Query("UPDATE", array($sso_db_user_sessions, array("updated" => CSDB::ConvertToDBTime(time() + (int) $sso_data["expires"])), "WHERE" => "id = ?"), $sso_sessionrow->id); } // Update the user account. if ($userupdated) { $info2 = $sso_user_info; $info3 = SSO_CreateEncryptedUserInfo($info2); $sso_db->Query("UPDATE", array($sso_db_users, array("info" => serialize($info2), "info2" => $info3), "WHERE" => "id = ?"), $sso_userrow->id); } SSO_EndpointOutput($result); } else { if ($sso_data["action"] == "logout") { if ($sso_apikey_info["type"] != "normal") { SSO_EndpointError("Invalid API key type."); } // Remove the session and all sessions in the same namespace. if (!isset($sso_data["sso_id"])) { SSO_EndpointError("Session ID expected."); } $sso_session_id = explode("-", $sso_data["sso_id"]); if (count($sso_session_id) != 2) { SSO_EndpointError("Invalid session ID specified.");