unset($userinfo["sso__impersonation_auto"]);
} else {
if (!isset($userinfo["sso__impersonation"])) {
$userinfo["sso__impersonation"] = "1";
$userinfo["sso__impersonation_key"] = $sso_rng->GenerateString(64);
$userinfo["sso__impersonation_auto"] = "0";
}
if (isset($_REQUEST["reset_impersonation_key"]) && $_REQUEST["reset_impersonation_key"] == "yes") {
$userinfo["sso__impersonation_key"] = $sso_rng->GenerateString(64);
}
if (isset($_REQUEST["impersonation_auto"])) {
$userinfo["sso__impersonation_auto"] = (string) (int) $_REQUEST["impersonation_auto"];
}
}
}
$info2 = SSO_CreateEncryptedUserInfo($userinfo);
$sso_db->Query("UPDATE", array($sso_db_users, array("version" => (int) $_REQUEST["version"], "info" => serialize($userinfo), "info2" => $info2), "WHERE" => "id = ?"), $row->id);
if ($sso_site_admin && $_REQUEST["tag_id"] != "" && $_REQUEST["tag_reason"] != "") {
try {
$sso_db->Query("INSERT", array($sso_db_user_tags, array("user_id" => $row->id, "tag_id" => (int) $_REQUEST["tag_id"], "issuer_id" => $sso_user_id, "reason" => $_REQUEST["tag_reason"], "created" => CSDB::ConvertToDBTime(time()))));
} catch (Exception $e) {
// Don't do anything here. Just catch the database exception and let the code fall through.
// It should be nearly impossible to get here in the first place.
}
}
BB_RedirectPage("success", "Successfully updated the user.", array("action=edituser&id=" . $row->id . "&sec_t=" . BB_CreateSecurityToken("edituser")));
}
}
$lastipaddr = IPAddr::NormalizeIP($row->lastipaddr);
$lastipaddrid = $sso_db->GetOne("SELECT", array("*", "FROM" => "?", "WHERE" => "ipaddr = ?"), $sso_db_ipcache, $lastipaddr["ipv6"]);
$desc = "<br />" . implode(" | ", isset($sso_providers[$sso_provider]) ? $sso_providers[$sso_provider]->GetEditUserLinks($row->provider_id) : array());
function SSO_SetUserVersion($version)
{
global $sso_db, $sso_db_users, $sso_userrow, $sso_user_info;
try {
$info2 = $sso_user_info;
$info3 = SSO_CreateEncryptedUserInfo($info2);
$sso_db->Query("UPDATE", array($sso_db_users, array("version" => $version, "info" => serialize($info2), "info2" => $info3), "WHERE" => "id = ?"), $sso_userrow->id);
return true;
} catch (Exception $e) {
// Don't do anything here. Just catch the database exception and let the code fall through.
// It should be nearly impossible to get here in the first place.
}
return false;
}
$result = array("success" => true);
}
}
}
}
if (!$result["success"]) {
SSO_EndpointError("Unable to delete the old session.");
}
// Update the user session.
if (!isset($sso_data["delete_old"]) || $sso_data["delete_old"] == 0) {
$sso_db->Query("UPDATE", array($sso_db_user_sessions, array("updated" => CSDB::ConvertToDBTime(time() + (int) $sso_data["expires"])), "WHERE" => "id = ?"), $sso_sessionrow->id);
}
// Update the user account.
if ($userupdated) {
$info2 = $sso_user_info;
$info3 = SSO_CreateEncryptedUserInfo($info2);
$sso_db->Query("UPDATE", array($sso_db_users, array("info" => serialize($info2), "info2" => $info3), "WHERE" => "id = ?"), $sso_userrow->id);
}
SSO_EndpointOutput($result);
} else {
if ($sso_data["action"] == "logout") {
if ($sso_apikey_info["type"] != "normal") {
SSO_EndpointError("Invalid API key type.");
}
// Remove the session and all sessions in the same namespace.
if (!isset($sso_data["sso_id"])) {
SSO_EndpointError("Session ID expected.");
}
$sso_session_id = explode("-", $sso_data["sso_id"]);
if (count($sso_session_id) != 2) {
SSO_EndpointError("Invalid session ID specified.");
