auth->check_module_permissions('admin');
/* for security reasons ONLY the admin can login as other user */
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
die ("You don't have the right to login as other user!");
}
/* get the id of the user (must be int!) */
if (!isset($_GET['id']) && !isset($_GET['cid'])){
die ("No user selected!");
}
if(isset($_GET['id'])) {
$userId = intval($_GET['id']);
$backlink = 'admin/users_list.php';
} else {
$client_id = intval($_GET['cid']);
$tmp_client = $app->db->queryOneRecord("SELECT username FROM client WHERE client_id = $client_id");
$tmp_sys_user = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE username = '".$app->db->quote($tmp_client['username'])."'");
$userId = $tmp_sys_user['userid'];
unset($tmp_client);
unset($tmp_sys_user);
$backlink = 'client/client_list.php';
}
/*
* Get the data to login as user x
*/
$dbData = $app->db->queryOneRecord(
"SELECT username, passwort FROM sys_user WHERE userid = " . $userId);
/*
* Now generate the login-Form
* TODO: move the login_as form to a template file -> themeability
*/
echo '
Do you want to login as user ' . $dbData['username'] . '?
If you do so, you can "go back" by clicking at logout.