This repository has been archived by the owner on May 5, 2023. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 1
/
simple_switch_user.php
106 lines (83 loc) · 3.56 KB
/
simple_switch_user.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
<?php
/**
* @author Branko Wilhelm <[email protected]>
* @link http://www.z-index.net
* @copyright (c) 2013 - 2014 Branko Wilhelm
* @license GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
*/
defined('_JEXEC') or die;
class plgSystemSimple_Switch_User extends JPlugin
{
public function onBeforeRender()
{
$app = JFactory::getApplication();
$doc = JFactory::getDocument();
$option = $app->input->get('option', null, 'cmd');
$view = $app->input->get('view', null, 'cmd');
$layout = $app->input->get('layout', null, 'cmd');
$id = $app->input->get('id', 0, 'int');
if ($app->isAdmin() && $option == 'com_users' && $view == 'user' && $layout == 'edit' && $id) {
$js = '<script type="text/javascript">
Joomla.submitbuttonOld = Joomla.submitbutton;
Joomla.submitbutton = function(task) {
if(task == "switchuser") {
window.open("' . JURI::root() . 'index.php?su=1&uid=' . $id . '");
return false;
}else{
Joomla.submitbuttonOld(task);
}
}</script>';
$content = $doc->getBuffer('component');
$content = $content . $js;
$doc->setBuffer($content, 'component');
JToolBarHelper::divider();
JToolBarHelper::custom('switchuser', 'upload', 'upload', 'Switch to User', false);
}
}
public function onAfterInitialise()
{
$app = JFactory::getApplication();
$db = JFactory::getDbo();
$user = JFactory::getUser();
$userId = $app->input->getInt('uid', 0, 'int');
if ($app->isAdmin() || !$app->input->get('su', 0, 'int') || !$userId) {
return;
}
if ($user->id == $userId) {
return $app->redirect('index.php', JText::sprintf('You already logged in as user "%s"', $user->name), 'warning');
}
if ($user->id) {
return $app->redirect('index.php', JText::_('You would login as another user, please logout first'), 'warning');
}
$query = $db->getQuery(true)
->select('userid')
->from('#__session')
->where('session_id = ' . $db->quote($app->input->cookie->get(md5(JApplication::getHash('administrator')))))
->where('client_id = 1')
->where('guest = 0');
$db->setQuery($query);
if (!$db->loadResult()) {
return $app->redirect('index.php', JText::_('Back-end User Session Expired'), 'error');
}
$instance = JFactory::getUser($userId);
if ($instance instanceof Exception) {
return $app->redirect('index.php', JText::_('User login failed'), 'error');
}
if ($instance->get('block') == 1) {
return $app->redirect('index.php', JText::_('JERROR_NOLOGIN_BLOCKED'), 'error');
}
$instance->set('guest', 0);
$session = JFactory::getSession();
$session->set('user', $instance);
$app->checkSession();
$query = $db->getQuery(true)
->update($db->quoteName('#__session'))
->set($db->quoteName('guest') . ' = ' . $db->quote($instance->get('guest')))
->set($db->quoteName('username') . ' = ' . $db->quote($instance->get('username')))
->set($db->quoteName('userid') . ' = ' . (int)$instance->get('id'))
->where($db->quoteName('session_id') . ' = ' . $db->quote($session->getId()));
$db->setQuery($query);
$db->execute();
$app->redirect('index.php', JText::sprintf('You have login successfully as user "%s"', $instance->name));
}
}