auth->check_module_permissions('admin');
/* for security reasons ONLY the admin can login as other user */
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
die ("You don't have the right to login as other user!");
}
/* get the id of the user (must be int!) */
if (!isset($_GET['id']) && !isset($_GET['cid'])){
die ("No user selected!");
}
if(isset($_GET['id'])) {
$userId = $app->functions->intval($_GET['id']);
$backlink = 'admin/users_list.php';
} else {
$client_id = $app->functions->intval($_GET['cid']);
$tmp_client = $app->db->queryOneRecord("SELECT username FROM client WHERE client_id = $client_id");
$tmp_sys_user = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE username = '".$app->db->quote($tmp_client['username'])."'");
$userId = $app->functions->intval($tmp_sys_user['userid']);
unset($tmp_client);
unset($tmp_sys_user);
$backlink = 'client/client_list.php';
}
/*
* Get the data to login as user x
*/
$dbData = $app->db->queryOneRecord(
"SELECT username, passwort FROM sys_user WHERE userid = " . $userId);
/*
* Now generate the login-Form
* TODO: move the login_as form to a template file -> themeability
*/
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_login_as.lng';
include $lng_file;
echo '
'.$wb['login_1_txt'].' ' . $dbData['username'] . '?
'.$wb['login_2_txt'].'