From bd06baf3a9714c902d20f5aef09cfc13f87a981d Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Thu, 28 Jan 2010 12:07:14 +0000
Subject: [PATCH] Implemented: FS#1049 - Allow "Login as" also from the client
list as it is allready possible from sysuser list.
---
interface/web/admin/login_as.php | 156 ++++++++++--------
.../web/client/templates/clients_list.htm | 3 +-
.../web/client/templates/resellers_list.htm | 5 +-
3 files changed, 89 insertions(+), 75 deletions(-)
diff --git a/interface/web/admin/login_as.php b/interface/web/admin/login_as.php
index 4c9c0b6ca..9a4e1ab28 100644
--- a/interface/web/admin/login_as.php
+++ b/interface/web/admin/login_as.php
@@ -1,72 +1,84 @@
-<?php
-/*
-Copyright (c) 2008, Till Brehm, projektfarm Gmbh and Oliver Vogel www.muv.com
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without modification,
-are permitted provided that the following conditions are met:
-
- * Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- * Redistributions in binary form must reproduce the above copyright notice,
- this list of conditions and the following disclaimer in the documentation
- and/or other materials provided with the distribution.
- * Neither the name of ISPConfig nor the names of its contributors
- may be used to endorse or promote products derived from this software without
- specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
-INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
-OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
-EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-*/
-
-
-require_once('../../lib/config.inc.php');
-require_once('../../lib/app.inc.php');
-
-/* Check permissions for module */
-$app->auth->check_module_permissions('admin');
-
-/* for security reasons ONLY the admin can login as other user */
-if ($_SESSION["s"]["user"]["typ"] != 'admin') {
- die ("You don't have the right to login as other user!");
-}
-
-/* get the id of the user (must be int!) */
-if (!isset($_GET['id'])){
- die ("No user selected!");
-}
-$userId = intval($_GET['id']);
-
-/*
- * Get the data to login as user x
- */
-$dbData = $app->db->queryOneRecord(
- "SELECT username, passwort FROM sys_user WHERE userid = " . $userId);
-
-/*
- * Now generate the login-Form
- */
-echo '
- <br /> <br /> <br /> <br />
- Do you want to login as user ' . $dbData['username'] . '?<br />
- If you do so, you can "go back" by clicking at logout.<br />
- <div style="visibility:hidden">
- <input type="text" name="username" value="' . $dbData['username'] . '" />
- <input type="password" name="passwort" value="' . $dbData['passwort'] .'" />
- </div>
- <input type="hidden" name="s_mod" value="login" />
- <input type="hidden" name="s_pg" value="index" />
- <div class="wf_actions buttons">
- <button class="positive iconstxt icoPositive" type="button" value="Yes, login as Client" onClick="submitLoginForm(' . "'pageForm'" . ');"><span>Yes, login as Client</span></button>
- <button class="negative iconstxt icoNegative" type="button" value="No, back to list" onClick="loadContent('. "'admin/users_list.php'" . ');"><span>No, back to list</span></button>
- </div>
-';
-?>
+<?php
+/*
+Copyright (c) 2008, Till Brehm, projektfarm Gmbh and Oliver Vogel www.muv.com
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+ * Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+ * Neither the name of ISPConfig nor the names of its contributors
+ may be used to endorse or promote products derived from this software without
+ specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+
+require_once('../../lib/config.inc.php');
+require_once('../../lib/app.inc.php');
+
+/* Check permissions for module */
+$app->auth->check_module_permissions('admin');
+
+/* for security reasons ONLY the admin can login as other user */
+if ($_SESSION["s"]["user"]["typ"] != 'admin') {
+ die ("You don't have the right to login as other user!");
+}
+
+/* get the id of the user (must be int!) */
+if (!isset($_GET['id']) && !isset($_GET['cid'])){
+ die ("No user selected!");
+}
+
+if(isset($_GET['id'])) {
+ $userId = intval($_GET['id']);
+ $backlink = 'admin/users_list.php';
+} else {
+ $client_id = intval($_GET['cid']);
+ $tmp_client = $app->db->queryOneRecord("SELECT username FROM client WHERE client_id = $client_id");
+ $tmp_sys_user = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE username = '".$app->db->quote($tmp_client['username'])."'");
+ $userId = $tmp_sys_user['userid'];
+ unset($tmp_client);
+ unset($tmp_sys_user);
+ $backlink = 'client/client_list.php';
+}
+
+/*
+ * Get the data to login as user x
+ */
+$dbData = $app->db->queryOneRecord(
+ "SELECT username, passwort FROM sys_user WHERE userid = " . $userId);
+
+/*
+ * Now generate the login-Form
+ */
+echo '
+ <br /> <br /> <br /> <br />
+ Do you want to login as user ' . $dbData['username'] . '?<br />
+ If you do so, you can "go back" by clicking at logout.<br />
+ <div style="visibility:hidden">
+ <input type="text" name="username" value="' . $dbData['username'] . '" />
+ <input type="password" name="passwort" value="' . $dbData['passwort'] .'" />
+ </div>
+ <input type="hidden" name="s_mod" value="login" />
+ <input type="hidden" name="s_pg" value="index" />
+ <div class="wf_actions buttons">
+ <button class="positive iconstxt icoPositive" type="button" value="Yes, login as Client" onClick="submitLoginForm(' . "'pageForm'" . ');"><span>Yes, login as Client</span></button>
+ <button class="negative iconstxt icoNegative" type="button" value="No, back to list" onClick="loadContent('. "'$backlink'" . ');"><span>No, back to list</span></button>
+ </div>
+';
+?>
diff --git a/interface/web/client/templates/clients_list.htm b/interface/web/client/templates/clients_list.htm
index 2f081e71a..76e9bd142 100644
--- a/interface/web/client/templates/clients_list.htm
+++ b/interface/web/client/templates/clients_list.htm
@@ -43,7 +43,8 @@
<td class="tbl_col_city"><a href="#" onClick="loadContent('client/client_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="city"}</a></td>
<td class="tbl_col_country"><a href="#" onClick="loadContent('client/client_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="country"}</a></td>
<td class="tbl_col_buttons">
- <div class="buttons icons16">
+ <div class="buttons icons16">
+ <a class="icons16 icoLoginAs" href="#" onclick="loadContent('admin/login_as.php?cid={tmpl_var name='id'}');"><span>{tmpl_var name='login_as_txt'}</span></a>
<a class="icons16 icoDelete" href="javascript: del_record('client/client_del.php?id={tmpl_var name='id'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span>{tmpl_var name='delete_txt'}</span></a>
</div>
</td>
diff --git a/interface/web/client/templates/resellers_list.htm b/interface/web/client/templates/resellers_list.htm
index d3326635b..b6c1707b7 100644
--- a/interface/web/client/templates/resellers_list.htm
+++ b/interface/web/client/templates/resellers_list.htm
@@ -43,8 +43,9 @@
<td class="tbl_col_city"><a href="#" onClick="loadContent('client/reseller_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="city"}</a></td>
<td class="tbl_col_country"><a href="#" onClick="loadContent('client/reseller_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="country"}</a></td>
<td class="tbl_col_buttons">
- <div class="buttons icons16">
- <a class="icons16 icoDelete" href="javascript: del_record('client/reseller_del.php?id={tmpl_var name='id'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span>{tmpl_var name='delete_txt'}</span></a>
+ <div class="buttons icons16">
+ <a class="icons16 icoLoginAs" href="#" onclick="loadContent('admin/login_as.php?cid={tmpl_var name='id'}');"><span>{tmpl_var name='login_as_txt'}</span></a>
+ <a class="icons16 icoDelete" href="javascript: del_record('client/reseller_del.php?id={tmpl_var name='id'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span>{tmpl_var name='delete_txt'}</span></a>
</div>
</td>
</tr>
--
GitLab