- clean up marklist calls (global function)

- added new feature: test out others permissions (admin permissions will not be copied)
- changed attachment processing by directly using the template engine
- fixed some attachment related bugs
- additional tiny fixes


git-svn-id: file:///svn/phpbb/trunk@5790 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/includes/acp/acp_main.php

@@ -154,7 +154,7 @@ class acp_main
 		switch ($action)
 		{
 			case 'online':
-				if (!$auth->acl_get('a_defaults'))
+				if (!$auth->acl_get('a_board'))
 				{
 					trigger_error($user->lang['NO_ADMIN']);
 				}
@@ -165,7 +165,7 @@ class acp_main
 			break;
 
 			case 'stats':
-				if (!$auth->acl_get('a_defaults'))
+				if (!$auth->acl_get('a_board'))
 				{
 					trigger_error($user->lang['NO_ADMIN']);
 				}
@@ -215,7 +215,7 @@ class acp_main
 			break;
 
 			case 'user':
-				if (!$auth->acl_get('a_defaults'))
+				if (!$auth->acl_get('a_board'))
 				{
 					trigger_error($user->lang['NO_ADMIN']);
 				}
@@ -256,7 +256,7 @@ class acp_main
 			break;
 	
 			case 'date':
-				if (!$auth->acl_get('a_defaults'))
+				if (!$auth->acl_get('a_board'))
 				{
 					trigger_error($user->lang['NO_ADMIN']);
 				}
@@ -347,7 +347,7 @@ class acp_main
 
 			'U_ACTION'			=> "{$phpbb_admin_path}index.$phpEx$SID",
 
-			'S_ACTION_OPTIONS'	=> $s_action_options,
+			'S_ACTION_OPTIONS'	=> ($auth->acl_get('a_board')) ? $s_action_options : '',
 			)
 		);
 

phpBB/includes/acp/acp_users.php

@@ -734,7 +734,9 @@ class acp_users
 
 					'U_SHOW_IP'		=> $this->u_action . "&u=$user_id&ip=" . (($ip == 'ip') ? 'hostname' : 'ip'),
 					'U_WHOIS'		=> $this->u_action . "&action=whois&user_ip={$user_row['user_ip']}",
-					
+
+					'U_SWITCH_PERMISSIONS'	=> ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_row['user_id']) ? "{$phpbb_root_path}ucp.$phpEx$SID&mode=switch_perm&u={$user_row['user_id']}" : '',
+
 					'USER'				=> $user_row['username'],
 					'USER_REGISTERED'	=> $user->format_date($user_row['user_regdate']),
 					'REGISTERED_IP'		=> ($ip == 'hostname') ? gethostbyaddr($user_row['user_ip']) : $user_row['user_ip'],

phpBB/includes/acp/auth.php

@@ -1101,6 +1101,59 @@ class auth_admin extends auth
 			}
 		}
 	}
+
+	/**
+	* Use permissions from another user. This transferes a permission set from one user to another.
+	* The other user is always able to revert back to his permission set.
+	* This function does not check for lower/higher permissions, it is possible for the user to gain 
+	* "more" permissions by this.
+	*
+	*/
+	function ghost_permissions($from_user_id, $to_user_id)
+	{
+		global $db;
+
+		if ($to_user_id == ANONYMOUS)
+		{
+			return false;
+		}
+
+		$hold_ary = $this->acl_raw_data($from_user_id, false, false);
+
+		if (isset($hold_ary[$from_user_id]))
+		{
+			$hold_ary = $hold_ary[$from_user_id];
+		}
+		
+		// Key 0 in $hold_ary are global options, all others are forum_ids
+
+		// We disallow copying admin permissions
+		foreach ($this->acl_options['global'] as $opt => $id)
+		{
+			if (strpos($opt, 'a_') === 0)
+			{
+				$hold_ary[0][$opt] = ACL_NO;
+			}
+		}
+
+		// Force a_switchperm to be allowed
+		$hold_ary[0]['a_switchperm'] = ACL_YES;
+
+		$user_permissions = $this->build_bitstring($hold_ary);
+
+		if (!$user_permissions)
+		{
+			return false;
+		}
+
+		$sql = 'UPDATE ' . USERS_TABLE . "
+			SET user_permissions = '" . $db->sql_escape($user_permissions) . "',
+				user_perm_from = $from_user_id
+			WHERE user_id = " . $to_user_id;
+		$db->sql_query($sql);
+
+		return true;
+	}
 }
 
 ?>