Page 1 of 1

How to check someone elses' permission?

Posted: Tue Jun 14, 2011 4:36 am
by Pseudonym
Hi there,

I'm writing a little mod, and I need to be able to check whether a certain user_id is a global moderator.

Something like this:

Code: Select all

$auth->acl_get('m_');
Except that only tells me if I'm a moderator. I want to know if user_id #123 is.

How can I do that?

Re: How to check someone elses' permission?

Posted: Wed Jun 15, 2011 9:37 am
by AmigoJack
You could do:

Code: Select all

$auth_other= new auth();

$sql = 'SELECT u.*, s.*
FROM '. SESSIONS_TABLE. ' s, '. USERS_TABLE. " u
WHERE s.user_id= '. 666. '
AND u.user_id= s.session_user_id";

$result= $db-> sql_query( $sql );
$auth_other-> acl( $db-> sql_fetchrow( $result ) );
$db-> sql_freeresult( $result ); 

Re: How to check someone elses' permission?

Posted: Thu Jun 16, 2011 3:50 am
by Pseudonym
Thanks AmigoJack - you're awesome! I've tweaked the code a little bit, but you gave me the help I needed to get started.

I've removed the SESSIONS table from the query entirely. It seems you don't need it, and it restricted you to looking up members with active sessions.

In fact, it seems all you need to pass into the $auth_other->acl( ) function is an array containing "at least the following information; user_id, user_permissions and user_type."
http://utopia.duth.gr/~ariskara1/phpBB/ ... i.html#acl

Anyway, here's what I've got, in case it's of any use to someone else:

Code: Select all

$user_id = 123;

$auth_other= new auth();

$sql = 'SELECT u.*
FROM '. USERS_TABLE. ' u
WHERE u.user_id= '. $user_id;

$result = $db->sql_query( $sql );
$auth_other->acl( $db->sql_fetchrow($result) );
$db->sql_freeresult( $result ); 

if ($auth_other->acl_get('m_'))
{
    print ('true - this person is a global moderator');
} else {
    print ('false - this person is NOT a global moderator');
}
 
Thanks again!

Re: How to check someone elses' permission?

Posted: Thu Jun 16, 2011 6:04 am
by AmigoJack
Yes, you were right: I haven't considered active sessions. Just took existing code and mixed it. Thank for sharing a full example!