modules/su/su_customer.php (dcc202f) - webinterface.git

dcc202fb249a446ac15c7cf413b9f1b4a3f31b58

Zeige Menüpunkt für su_cust... Bernd Wurst authored 8 years ago	`1) <?php 2) /* 3) This file belongs to the Webinterface of schokokeks.org Hosting 4)`
Change license from CC0 to... Hanno Böck authored 1 year ago	`5) Written by schokokeks.org Hosting, namely`
Zeige Menüpunkt für su_cust... Bernd Wurst authored 8 years ago	`6) Bernd Wurst <bernd@schokokeks.org> 7) Hanno Böck <hanno@schokokeks.org> 8)`
Change license from CC0 to... Hanno Böck authored 1 year ago	`9) This code is published under a 0BSD license.`
Zeige Menüpunkt für su_cust... Bernd Wurst authored 8 years ago	10) 11) Nevertheless, in case you use a significant part of this code, we ask (but not require, see the license) that you keep the authors' names in place and return your changes to the public. We would be especially happy if you tell us what you're going to do with this code. 12) */ 13) 14) require_once('inc/base.php'); 15) require_once('inc/security.php'); 16) require_once('inc/debug.php'); 17) 18) require_once('session/start.php'); 19) require_once('su.php'); 20) 21) require_role(ROLE_CUSTOMER); 22)
Fix coding style with php-c... Hanno authored 5 years ago	`23) if (isset($_GET['uid'])) { 24) $uid = (int) $_GET['uid']; 25) $token = $_GET['token']; 26) $cid = (int) $_SESSION['customerinfo']['customerno']; 27) $users = find_users_for_customer($cid); 28) $found = false; 29) foreach ($users as $u) { 30) if ($uid == $u['uid']) { 31) $found = true; 32) } 33) } 34) if (! $found) { 35) system_failure('Unerlaubter Useraccount');`
Zeige Menüpunkt für su_cust... Bernd Wurst authored 8 years ago	`36) } 37)`
Fix coding style with php-c... Hanno authored 5 years ago	`38) if (!isset($_SESSION['su_customer_timestamp']) \|\| $_SESSION['su_customer_timestamp'] < time() - 30) { 39) system_failure("Aus Sicherheitsgründen muss die Auswahl auf dieser Seite innerhalb von 30 Sekunden getroffen werden."); 40) }`
Zeige Menüpunkt für su_cust... Bernd Wurst authored 8 years ago	`41)`
Fix coding style with php-c... Hanno authored 5 years ago	`42) if (!isset($_SESSION['su_customer_token']) \|\| $_SESSION['su_customer_token'] != $token) { 43) system_failure("Ungültige Reihenfolge der Aufrufe"); 44) }`
Zeige Menüpunkt für su_cust... Bernd Wurst authored 8 years ago	`45)`
Fix coding style with php-c... Hanno authored 5 years ago	`46) su('u', $uid);`
Zeige Menüpunkt für su_cust... Bernd Wurst authored 8 years ago	47) } 48) 49) title("Benutzer wechseln"); 50) 51) output('<p>Hiermit können Sie das Webinterface mit den Rechten eines beliebigen anderen Benutzers aus Ihrem Kundenaccount benutzen.</p> 52) '); 53) 54) $token = random_string(20); 55) $_SESSION['su_customer_token'] = $token; 56) $_SESSION['su_customer_timestamp'] = time(); 57) 58) $cid = (int) $_SESSION['customerinfo']['customerno']; 59) $users = find_users_for_customer($cid); 60) 61) output('<p>Zu Ihrem Kundenkonto gehören die folgenden Benutzer. Klicken Sie einen Benutzernamen an um zu diesem zu wechseln.</p><ul>'); 62) 63) foreach ($users as $u) {
Fix coding style with php-c... Hanno authored 5 years ago	`64) if ($u['uid'] == $_SESSION['userinfo']['uid']) { 65) output("<li>{$u['username']} - (Eigener Benutzeraccount)</li>"); 66) continue; 67) } 68) $realname = $u['name']; 69) if ($realname) { 70) $realname = ' - '.$realname; 71) } 72) output("<li>".internal_link('', "{$u['username']}{$realname}", "uid={$u['uid']}&token={$token}")."</li>");`