aboutsummaryrefslogtreecommitdiff
path: root/engine/lib/sessions.php
diff options
context:
space:
mode:
authorbrettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>2009-09-10 22:25:48 +0000
committerbrettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>2009-09-10 22:25:48 +0000
commitaf59be06054d862444024d0261866df95ce89964 (patch)
treed099a9eb6326a584c86d0b56626d4ebd42c52e48 /engine/lib/sessions.php
parent1e41f151ff3a48eeac21e2b83d9c4c4dd447b839 (diff)
downloadelgg-af59be06054d862444024d0261866df95ce89964.tar.gz
elgg-af59be06054d862444024d0261866df95ce89964.tar.bz2
Updated fixes for checking for admin in get_access_sql_prefix()
git-svn-id: https://code.elgg.org/elgg/trunk@3485 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine/lib/sessions.php')
-rw-r--r--engine/lib/sessions.php35
1 files changed, 35 insertions, 0 deletions
diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php
index 18fb9e73c..b34f07725 100644
--- a/engine/lib/sessions.php
+++ b/engine/lib/sessions.php
@@ -156,6 +156,41 @@
return false;
}
+ /**
+ * Check if the given user is an admin.
+ *
+ * @param $user_guid
+ * @return bool
+ */
+ function is_admin_user($user_guid) {
+ global $CONFIG;
+
+ // caching is done at the db level so no need to here.
+ $query = "SELECT * FROM {$CONFIG->dbprefix}users_entity as e, {$CONFIG->dbprefix}metastrings as ms1, {$CONFIG->dbprefix}metastrings as ms2, {$CONFIG->dbprefix}metadata as md
+ WHERE (
+ ms1.string = 'admin' AND ms2.string = 'yes'
+ AND md.name_id = ms1.id AND md.value_id = ms2.id
+ AND e.guid = md.entity_guid
+ AND e.guid = {$user_guid}
+ AND e.banned = 'no'
+ )
+ OR (
+ ms1.string = 'admin' AND ms2.string = '1'
+ AND md.name_id = ms1.id AND md.value_id = ms2.id
+ AND e.guid = md.entity_guid
+ AND e.guid = {$user_guid}
+ AND e.banned = 'no'
+ )";
+
+ // normalizing the results from get_data()
+ // See #1242
+ $info = get_data($query);
+ if (!((is_array($info) && count($info) < 1) || $info === false)) {
+ return true;
+ }
+ return false;
+ }
+
/**
* Perform standard authentication with a given username and password.
* Returns an ElggUser object for use with login.