/**
* assumeUser Assume the identity of anothre user - Only admins may do this
*
* @param numeric $pUserId User ID of the user you want to hijack
* @access public
* @return TRUE on success, FALSE on failure - mErrors will contain reason for failure
*/
function assumeUser($pUserId)
{
global $gBitUser;
$ret = FALSE;
// make double sure the current logged in user has permission, check for p_users_admin, not admin, as that is all you need for assuming another user.
// this enables creating of a non technical site adminstrators role, eg customer support representatives.
if ($gBitUser->hasPermission('p_users_admin')) {
$assumeUser = new RolePermUser($pUserId);
$assumeUser->loadPermissions();
if ($assumeUser->isAdmin()) {
$this->mErrors['assume_user'] = tra("User administrators cannot be assumed.");
} else {
$this->mDb->query("UPDATE `" . BIT_DB_PREFIX . "users_cnxn` SET `user_id`=?, `assume_user_id`=? WHERE `cookie`=?", array($pUserId, $gBitUser->mUserId, $_COOKIE[$this->getSiteCookieName()]));
$ret = TRUE;
}
}
return $ret;
}
