Implemented: FS#1049 - Allow "Login as" also from the client list as it is allready possible from sysuser list.

tbrehm · tbrehm · commit bd06baf3a971 · 2010-01-28T12:07:14.000Z
diff --git a/interface/web/admin/login_as.php b/interface/web/admin/login_as.php
@@ -1,72 +1,84 @@
-<?php
-/*
-Copyright (c) 2008, Till Brehm, projektfarm Gmbh and Oliver Vogel www.muv.com
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without modification,
-are permitted provided that the following conditions are met:
-
-    * Redistributions of source code must retain the above copyright notice,
-      this list of conditions and the following disclaimer.
-    * Redistributions in binary form must reproduce the above copyright notice,
-      this list of conditions and the following disclaimer in the documentation
-      and/or other materials provided with the distribution.
-    * Neither the name of ISPConfig nor the names of its contributors
-      may be used to endorse or promote products derived from this software without
-      specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
-INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
-OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
-EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-*/
-
-
-require_once('../../lib/config.inc.php');
-require_once('../../lib/app.inc.php');
-
-/* Check permissions for module */
-$app->auth->check_module_permissions('admin');
-
-/* for security reasons ONLY the admin can login as other user */
-if ($_SESSION["s"]["user"]["typ"] != 'admin') {
-	die ("You don't have the right to login as other user!");
-}
-
-/* get the id of the user (must be int!) */
-if (!isset($_GET['id'])){
-    die ("No user selected!");
-}
-$userId = intval($_GET['id']);
-
-/*
- * Get the data to login as user x
- */
-$dbData = $app->db->queryOneRecord(
-    "SELECT username, passwort FROM sys_user WHERE userid = " . $userId);
-
-/*
- * Now generate the login-Form
- */
-echo '
-	<br /> <br />	<br /> <br />
-	Do you want to login as user ' .  $dbData['username'] . '?<br />
-	If you do so, you can "go back" by clicking at logout.<br />
-	<div style="visibility:hidden">
-		<input type="text" name="username" value="' . $dbData['username'] . '" />
-		<input type="password" name="passwort" value="' . $dbData['passwort'] .'" />
-	</div>
-	<input type="hidden" name="s_mod" value="login" />
-	<input type="hidden" name="s_pg" value="index" />
-    <div class="wf_actions buttons">
-      <button class="positive iconstxt icoPositive" type="button" value="Yes, login as Client" onClick="submitLoginForm(' . "'pageForm'" . ');"><span>Yes, login as Client</span></button>
-      <button class="negative iconstxt icoNegative" type="button" value="No, back to list" onClick="loadContent('. "'admin/users_list.php'" . ');"><span>No, back to list</span></button>
-    </div>
-';
-?>
+<?php
+/*
+Copyright (c) 2008, Till Brehm, projektfarm Gmbh and Oliver Vogel www.muv.com
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of ISPConfig nor the names of its contributors
+      may be used to endorse or promote products derived from this software without
+      specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+
+require_once('../../lib/config.inc.php');
+require_once('../../lib/app.inc.php');
+
+/* Check permissions for module */
+$app->auth->check_module_permissions('admin');
+
+/* for security reasons ONLY the admin can login as other user */
+if ($_SESSION["s"]["user"]["typ"] != 'admin') {
+	die ("You don't have the right to login as other user!");
+}
+
+/* get the id of the user (must be int!) */
+if (!isset($_GET['id']) && !isset($_GET['cid'])){
+    die ("No user selected!");
+}
+
+if(isset($_GET['id'])) {
+	$userId = intval($_GET['id']);
+	$backlink = 'admin/users_list.php';
+} else {
+	$client_id = intval($_GET['cid']);
+	$tmp_client = $app->db->queryOneRecord("SELECT username FROM client WHERE client_id = $client_id");
+	$tmp_sys_user = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE username = '".$app->db->quote($tmp_client['username'])."'");
+	$userId = $tmp_sys_user['userid'];
+	unset($tmp_client);
+	unset($tmp_sys_user);
+	$backlink = 'client/client_list.php';
+}
+
+/*
+ * Get the data to login as user x
+ */
+$dbData = $app->db->queryOneRecord(
+    "SELECT username, passwort FROM sys_user WHERE userid = " . $userId);
+
+/*
+ * Now generate the login-Form
+ */
+echo '
+	<br /> <br />	<br /> <br />
+	Do you want to login as user ' .  $dbData['username'] . '?<br />
+	If you do so, you can "go back" by clicking at logout.<br />
+	<div style="visibility:hidden">
+		<input type="text" name="username" value="' . $dbData['username'] . '" />
+		<input type="password" name="passwort" value="' . $dbData['passwort'] .'" />
+	</div>
+	<input type="hidden" name="s_mod" value="login" />
+	<input type="hidden" name="s_pg" value="index" />
+    <div class="wf_actions buttons">
+      <button class="positive iconstxt icoPositive" type="button" value="Yes, login as Client" onClick="submitLoginForm(' . "'pageForm'" . ');"><span>Yes, login as Client</span></button>
+      <button class="negative iconstxt icoNegative" type="button" value="No, back to list" onClick="loadContent('. "'$backlink'" . ');"><span>No, back to list</span></button>
+    </div>
+';
+?>
diff --git a/interface/web/client/templates/clients_list.htm b/interface/web/client/templates/clients_list.htm
@@ -43,7 +43,8 @@ <h2><tmpl_var name="list_head_txt"></h2>
             <td class="tbl_col_city"><a href="#" onClick="loadContent('client/client_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="city"}</a></td>
             <td class="tbl_col_country"><a href="#" onClick="loadContent('client/client_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="country"}</a></td>
             <td class="tbl_col_buttons">
-              <div class="buttons icons16">    
+              <div class="buttons icons16">
+			    <a class="icons16 icoLoginAs" href="#" onclick="loadContent('admin/login_as.php?cid={tmpl_var name='id'}');"><span>{tmpl_var name='login_as_txt'}</span></a>  
                 <a class="icons16 icoDelete" href="javascript: del_record('client/client_del.php?id={tmpl_var name='id'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span>{tmpl_var name='delete_txt'}</span></a>
               </div>
             </td>
diff --git a/interface/web/client/templates/resellers_list.htm b/interface/web/client/templates/resellers_list.htm
@@ -43,8 +43,9 @@ <h2><tmpl_var name="list_head_txt"></h2>
             <td class="tbl_col_city"><a href="#" onClick="loadContent('client/reseller_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="city"}</a></td>
             <td class="tbl_col_country"><a href="#" onClick="loadContent('client/reseller_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="country"}</a></td>
             <td class="tbl_col_buttons">
-              <div class="buttons icons16">    
-                <a class="icons16 icoDelete" href="javascript: del_record('client/reseller_del.php?id={tmpl_var name='id'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span>{tmpl_var name='delete_txt'}</span></a>
+              <div class="buttons icons16">
+                <a class="icons16 icoLoginAs" href="#" onclick="loadContent('admin/login_as.php?cid={tmpl_var name='id'}');"><span>{tmpl_var name='login_as_txt'}</span></a>
+				<a class="icons16 icoDelete" href="javascript: del_record('client/reseller_del.php?id={tmpl_var name='id'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span>{tmpl_var name='delete_txt'}</span></a>
               </div>
             </td>
           </tr>
