/** * assumeUser Assume the identity of anothre user - Only admins may do this * * @param numeric $pUserId User ID of the user you want to hijack * @access public * @return TRUE on success, FALSE on failure - mErrors will contain reason for failure */ function assumeUser($pUserId) { global $gBitUser; $ret = FALSE; // make double sure the current logged in user has permission, check for p_users_admin, not admin, as that is all you need for assuming another user. // this enables creating of a non technical site adminstrators group, eg customer support representatives. if ($gBitUser->hasPermission('p_users_admin')) { $assumeUser = new BitPermUser($pUserId); $assumeUser->loadPermissions(); if ($assumeUser->isAdmin()) { $this->mErrors['assume_user'] = tra("User administrators cannot be assumed."); } else { $this->mDb->query("UPDATE `" . BIT_DB_PREFIX . "users_cnxn` SET `user_id`=?, `assume_user_id`=? WHERE `cookie`=?", array($pUserId, $gBitUser->mUserId, $_COOKIE[$this->getSiteCookieName()])); $ret = TRUE; } } return $ret; }
function calculateUserWeight($pUserId = NULL) { global $gBitUser, $gBitSystem; if ($gBitSystem->isFeatureActive('stars_user_weight')) { // allow overriding of currently loaded user if (@BitBase::verifyId($pUserId)) { $tmpUser = new BitPermUser($pUserId); $tmpUser->load(TRUE); } else { $tmpUser =& $gBitUser; } // age relative to site age $query = "SELECT MIN( `registration_date` ) FROM `" . BIT_DB_PREFIX . "users_users`"; $age['site'] = BitDate::getUTCTime() - $this->mDb->getOne($query); $age['user'] = BitDate::getUTCTime() - $tmpUser->getField('registration_date'); $userWeight['age'] = $age['user'] / $age['site']; // permissioning relative to full number of permissions $query = "SELECT COUNT( `perm_name` ) FROM `" . BIT_DB_PREFIX . "users_permissions`"; if ($tmpUser->isAdmin()) { $userWeight['permission'] = 1; } else { $userWeight['permission'] = count($tmpUser->mPerms) / $this->mDb->getOne($query); } // activity - we could to the same using the history as well. $query = "SELECT COUNT( `content_id` ) FROM `" . BIT_DB_PREFIX . "liberty_content` WHERE `user_id`=?"; $activity['user'] = $this->mDb->getOne($query, array($tmpUser->getField('user_id'))); $query = "SELECT COUNT( `content_id` ) FROM `" . BIT_DB_PREFIX . "liberty_content`"; $activity['site'] = $this->mDb->getOne($query); $userWeight['activity'] = $activity['user'] / $activity['site']; // here we can add some weight to various areas $custom['age'] = $gBitSystem->getConfig('stars_weight_age'); $custom['permission'] = $gBitSystem->getConfig('stars_weight_permission'); $custom['activity'] = $gBitSystem->getConfig('stars_weight_activity'); foreach ($userWeight as $type => $value) { ${$type} = 10 * $value * $custom[$type]; if (empty(${$type})) { ${$type} = 1; } } // TODO: run some tests to see if this is a good way of evaluating power of a user // ensure that we always have a positive number here to avoid chaos - this also makes sure new users have at least a bit of a say if (($ret = round(log($age * $permission * $activity, 2))) < 1) { $ret = 1; } } else { $ret = 1; } return $ret; }
// $Header$ // Copyright (c) 2002-2003, Luis Argerich, Garland Foster, Eduardo Polidor, et. al. // All Rights Reserved. See below for details and a complete list of authors. // Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See http://www.gnu.org/copyleft/lesser.html for details. // This script is used to assign groups to a particular user // ASSIGN USER TO GROUPS // Initialization require_once '../../kernel/setup_inc.php'; $gBitSystem->verifyPermission('p_users_admin'); if (!$gBitUser->userExists(array('user_id' => $_REQUEST["assign_user"]))) { $gBitSystem->fatalError(tra("User doesnt exist")); } $assignUser = new BitPermUser($_REQUEST["assign_user"]); $assignUser->setCacheableObject(FALSE); $assignUser->load(TRUE); if ($assignUser->isAdmin() && !$gBitUser->isAdmin()) { $gBitSystem->fatalError(tra('You cannot modify a system administrator.')); } if (isset($_REQUEST["action"])) { $gBitUser->verifyTicket(); if ($_REQUEST["action"] == 'assign') { $assignUser->addUserToGroup($assignUser->mUserId, $_REQUEST["group_id"]); } elseif ($_REQUEST["action"] == 'removegroup') { $assignUser->removeUserFromGroup($_REQUEST["assign_user"], $_REQUEST["group_id"]); } header('Location: ' . $_SERVER['SCRIPT_NAME'] . '?assign_user='******'set_default'])) { $gBitUser->verifyTicket(); $assignUser->storeUserDefaultGroup($assignUser->mUserId, $_REQUEST['default_group']); $assignUser->load();