From 7bee460df28bcd956206c3719e091fb500e3045d Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Thu, 4 Oct 2012 23:05:45 -0700
Subject: provide auto admin registration as before, but allow the current
 admin to create other admins

---
 include/account.php  | 19 ++++++++++++++++++-
 include/security.php |  4 ++--
 2 files changed, 20 insertions(+), 3 deletions(-)

(limited to 'include')

diff --git a/include/account.php b/include/account.php
index fa56afe7d..b850fcffd 100644
--- a/include/account.php
+++ b/include/account.php
@@ -77,6 +77,15 @@ function check_account_invite($invite_code) {
 
 }
 
+function check_account_admin($arr) {
+	if(is_site_admin())
+		return true;
+	$admin_mail = trim(get_config('system','admin_email'));
+	if(strlen($admin_email) && $admin_email === trim($arr['email']))
+		return true;
+	return false;
+}
+
 
 function create_account($arr) {
 
@@ -90,6 +99,7 @@ function create_account($arr) {
 	$password2   = ((x($arr,'password2'))     ? trim($arr['password2'])            : '');
 	$parent      = ((x($arr,'parent'))        ? intval($arr['parent'])             : 0 );
 	$flags       = ((x($arr,'account_flags')) ? intval($arr['account_flags'])      : ACCOUNT_OK);
+	$roles       = ((x($arr,'account_roles')) ? intval($arr['account_roles'])      : 0 );
 
 	$default_service_class = get_config('system','default_service_class');
 	if($default_service_class === false)
@@ -100,6 +110,13 @@ function create_account($arr) {
 		return $result;
 	}
 
+	if($roles & ACCOUNT_ROLE_ADMIN) {
+		$admin_result = check_account_admin($arr);
+		if(! $admin_result) {
+			$roles = 0;
+		}
+	}
+
 	$invite_result = check_account_invite($invite_code);
 	if($invite_result['error']) {
 		$result['message'] = $invite_result['message'];
@@ -134,7 +151,7 @@ function create_account($arr) {
 		dbesc(get_best_language()),
 		dbesc(datetime_convert()),
 		dbesc($flags),
-		dbesc(0),
+		dbesc($roles),
 		dbesc($expires),
 		dbesc($default_service_class)
 
diff --git a/include/security.php b/include/security.php
index da58a65c3..926b2a8fe 100644
--- a/include/security.php
+++ b/include/security.php
@@ -10,9 +10,9 @@ function authenticate_success($user_record, $login_initial = false, $interactive
 //	logger('authenticate_success: ' . print_r($_SESSION,true));
 
 	if(x($user_record,'account_id')) {
-		logger('authenticate_success: Red-style');
+//		logger('authenticate_success: Red-style');
 		$a->account = $user_record;
-		$_SESSION['account_id'] = $a->account['account_id'];
+		$_SESSION['account_id'] = $user_record['account_id'];
 		$_SESSION['authenticated'] = 1;
 		
 		if($login_initial) {
-- 
cgit v1.2.3