Rootユーザが別のユーザとしてログインする

提供: GeeklogJpWiki

Rootユーザが,特定ユーザとしてログインし,試験するためのものです。

注意!

この静的ページは,Rootユーザのみ表示させるよう,パーミッションを設定してください。

コード

注意! 静的ページIDは,かならずuserlogin4rootとしてください。

      URLリライトをONにして使用してください。

include_once("../lib-common.php");
global $_TABLES, $_CONF, $_USER,$LANG01;

if (!SEC_inGroup('Root')) {exit;}

$username = '';
$uid = '';
if (!isset($_POST['username'])) {
    $out .= "ユーザ名を入力して実行ボタンを押してリロードしてください。そのユーザでログインできます。.<br>"
        . "(Rootユーザに戻りたければログアウトしてログインしなおしてください。)<br> "
        . '<form action="' . "{$_CONF['site_url']}" . '/staticpages/index.php/userlogin4root" method="post">'
        . 'ユーザ名: <input type="text" name="username" value=""> '
        . '<input type="submit">';
    echo $out;
} else {
    $username = COM_applyFilter($_POST['username']);
    $result = DB_query( "SELECT status, uid FROM {$_TABLES['users']} WHERE username='$username' AND ((remoteservice is null) or (remoteservice = ''))" );
    $tmp = mysql_errno();
    $nrows = DB_numRows( $result );

    if(( $tmp == 0 ) && ( $nrows == 1 )) {
        $U = DB_fetchArray( $result );
        $uid = $U['uid'];

        $userdata = SESS_getUserDataFromId($uid);
        $_USER=$userdata;
        $sessid = SESS_newSession($_USER['uid'], $_SERVER['REMOTE_ADDR'], $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']);
        SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
        PLG_loginUser ($_USER['uid']);

        // Now that we handled session cookies, handle longterm cookie
        if (!isset($_COOKIE[$_CONF['cookie_name']]) || !isset($_COOKIE['password'])) {
            // Either their cookie expired or they are new
            $cooktime = COM_getUserCookieTimeout();
            if ($VERBOSE) {
                COM_errorLog("Trying to set permanent cookie with time of $cooktime",1);
            }
            if ($cooktime > 0) {
                // They want their cookie to persist for some amount of time so set it now
                if ($VERBOSE) {
                    COM_errorLog('Trying to set permanent cookie',1);
                }
                setcookie ($_CONF['cookie_name'], $_USER['uid'],
                           time() + $cooktime, $_CONF['cookie_path'],
                           $_CONF['cookiedomain'], $_CONF['cookiesecure']);
                setcookie ($_CONF['cookie_password'], md5 ($passwd),
                           time() + $cooktime, $_CONF['cookie_path'],
                           $_CONF['cookiedomain'], $_CONF['cookiesecure']);
            }
        } else {
            $userid = $_COOKIE[$_CONF['cookie_name']];
            if (empty ($userid) || ($userid == 'deleted')) {
                unset ($userid);
            } else {
                $userid = COM_applyFilter ($userid, true);
                if ($userid > 1) {
                    if ($VERBOSE) {
                        COM_errorLog ('NOW trying to set permanent cookie',1);
                        COM_errorLog ('Got '.$userid.' from perm cookie in users.php',1);
                    }
                    // Create new session
                    $userdata = SESS_getUserDataFromId ($userid);
                    $_USER = $userdata;
                    if ($VERBOSE) {
                        COM_errorLog ('Got '.$_USER['username'].' for the username in user.php',1);
                    }
                }
            }
        }

        // Now that we have users data see if their theme cookie is set.
        // If not set it
        setcookie ($_CONF['cookie_theme'], $_USER['theme'], time() + 31536000,
                   $_CONF['cookie_path'], $_CONF['cookiedomain'],
                   $_CONF['cookiesecure']);

        if (!empty ($_SERVER['HTTP_REFERER']) && (strstr ($_SERVER['HTTP_REFERER'], '/users.php') === false)) {
            $indexMsg = $_CONF['site_url'] . '/index.php?msg=';
            if (substr ($_SERVER['HTTP_REFERER'], 0, strlen ($indexMsg)) == $indexMsg) {
                $display .= COM_refresh ($_CONF['site_url'] . '/index.php');
            } else {
                // If user is trying to login - force redirect to index.php




                if (strstr ($_SERVER['HTTP_REFERER'], 'mode=login') === false) {
                    $display .= COM_refresh ($_SERVER['HTTP_REFERER']);
                } else {
                    $display .= COM_refresh ($_CONF['site_url'] . '/index.php');
                }
            }
        } else {
            $display .= COM_refresh ($_CONF['site_url'] . '/index.php');
        }
    } else {
        $tmp = $LANG01[32] . ": '$username'";
        COM_errorLog( $tmp, 1 );
        echo $tmp;
    }
}
個人用ツール