122 lines
3.5 KiB
PHP
122 lines
3.5 KiB
PHP
<?php
|
|
/*
|
|
$Id: adm_login.php,v 1.4 2005/04/01 17:13:10 benjamin Exp $
|
|
----------------------------------------------------------------------
|
|
AlternC - Web Hosting System
|
|
Copyright (C) 2002 by the AlternC Development Team.
|
|
http://alternc.org/
|
|
----------------------------------------------------------------------
|
|
Based on:
|
|
Valentin Lacambre's web hosting softwares: http://altern.org/
|
|
----------------------------------------------------------------------
|
|
LICENSE
|
|
|
|
This program is free software; you can redistribute it and/or
|
|
modify it under the terms of the GNU General Public License (GPL)
|
|
as published by the Free Software Foundation; either version 2
|
|
of the License, or (at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
To read the license please visit http://www.gnu.org/copyleft/gpl.html
|
|
----------------------------------------------------------------------
|
|
Original Author of file: Benjamin Sonntag
|
|
Purpose of file: Connect a super-user to another account
|
|
----------------------------------------------------------------------
|
|
*/
|
|
require_once("../class/config.php");
|
|
|
|
/*
|
|
We come into this page in two situations :
|
|
* with a user id to go to (we check the current account is admin and is allowed to connect to this account)
|
|
* with no parameter when the admin want to go back to his admin account.
|
|
*/
|
|
|
|
|
|
// * with no parameter when the admin want to go back to his admin account.
|
|
if (!$_REQUEST["id"] && $_COOKIE["oldid"]) {
|
|
// We check the cookie's value :
|
|
list($newuid,$passcheck)=explode("/",$_COOKIE["oldid"]);
|
|
$newuid=intval($newuid);
|
|
if (!$newuid) {
|
|
$error=_("Your authentication information are incorrect");
|
|
include("index.php");
|
|
exit();
|
|
}
|
|
$admin->enabled=true;
|
|
$r=$admin->get($newuid);
|
|
if ($passcheck!=md5($r["pass"])) {
|
|
$error=_("Your authentication information are incorrect");
|
|
include("index.php");
|
|
exit();
|
|
}
|
|
|
|
// Ok, so we remove the cookie :
|
|
setcookie('oldid','',0,'/');
|
|
unset($_COOKIE['oldid']);
|
|
|
|
// And we go back to the former administrator account :
|
|
if (!$mem->setid($newuid)) {
|
|
$error=$err->errstr();
|
|
include("index.php");
|
|
exit();
|
|
}
|
|
include_once("adm_list.php");
|
|
exit();
|
|
}
|
|
|
|
|
|
// * with a user id to go to (we check the current account is admin and is allowed to connect to this account)
|
|
if (!$admin->enabled) {
|
|
__("This page is restricted to authorized staff");
|
|
exit();
|
|
}
|
|
|
|
$fields = array (
|
|
"id" => array ("request", "integer", 0),
|
|
);
|
|
getFields($fields);
|
|
|
|
// Depending on subadmin_restriction, a subadmin can (or cannot) connect to account he didn't create
|
|
$subadmin=variable_get("subadmin_restriction");
|
|
if ($subadmin==0 && !$admin->checkcreator($id)) {
|
|
__("This page is restricted to authorized staff");
|
|
exit();
|
|
}
|
|
|
|
if (!$r=$admin->get($id)) {
|
|
$error=$err->errstr();
|
|
} else {
|
|
$oldid=$cuid."/".md5($mem->user["pass"]);
|
|
setcookie('oldid',$oldid,0,'/');
|
|
$_COOKIE['oldid']=$oldid;
|
|
|
|
if (!$mem->setid($id)) {
|
|
$error=$err->errstr();
|
|
include("index.php");
|
|
exit();
|
|
}
|
|
// Now we are the other user :)
|
|
include_once("main.php");
|
|
exit();
|
|
}
|
|
|
|
// If there were an error, let's show it :
|
|
include_once("head.php");
|
|
|
|
?>
|
|
<h3><?php __("Member login"); ?></h3>
|
|
<?php
|
|
|
|
if ($error) {
|
|
echo "<p class=\"error\">$error</p>";
|
|
include_once("foot.php");
|
|
exit();
|
|
}
|
|
|
|
include_once("foot.php");
|
|
|
|
?>
|