The following warnings occurred:
Warning [2] Undefined variable $unreadreports - Line: 26 - File: global.php(961) : eval()'d code PHP 8.1.2-1ubuntu2.14 (Linux)
File Line Function
/global.php(961) : eval()'d code 26 errorHandler->error
/global.php 961 eval
/showthread.php 28 require_once





× This forum is read only. As of July 23, 2019, the UserSpice forums have been closed. To receive support, please join our Discord by clicking here. Thank you!

  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
View As User
#1
Hey there!

I have an idea for a new feature in my system so the Administrators can view as Users. Basically, I want any System Administrator to access a page, we'll call it
Code:
usersc/userview.php
. On this page, they can select a user from the user list, which will redirect them to a page with the general navigation bar, their name, etc. and then an IFRAME or something of the system again, but viewing as the user they selected on the previous page. So, in a sense, they will see everything they would see on any page, including the navigation, but as that user within the IFRAME window.

Maybe IFRAME is not the best method for this, but that is why I'm turning to you guys for help in turning this into an actual script. The reason for this system is to see the users current alerts, remove items specific to their user, and modify stuff within their account. My system has many different tables, all linked to the custom pages I have created, but every table is linked with a column called
Code:
user_id
which only allows the current user to see their database rows in each table. This is why I need this feature to view things as a specific user.

Thanks in advance!
  Reply
#2
I've kicked around a few thoughts on this. I think the best way to implement this would be this:

If the page detects someone is an admin (user group 2), then a button appears that says view as user.

If they click it, it refreshes the page to with something like ?view=1 after the url.

Then I would check Input::get('view') and if that === 1, then I would put up a button to view as admin which would refresh the page and pull off the get variable.
  Reply
#3
mudmin,

Your idea sounds excellent. I'm going to tweak it in the following manner so we can continue:
Code:
admin_users.php
page will have a column that says "view as user" which will go to
Code:
usersc/functions.php?view=1&uid=$uid
(
Code:
$uid
variable I would set).

How can I have the system check if there is a view value of 1 on EVERY page?
How can I get the system to recognize this UID and resemble permissions (e.g. won't show Admin Dashboard link when in user view)?

For my own notes:
-I can use an if value around my
Code:
$userid
variable to set the
Code:
$userid
to either the admin users UID, or if there is a view value of 1, to be that UID.

^I'm wondering, if I do this, could I also do this to get the system to recognize the current UID vs the admin UID?

I think I'm on to something...hmmm...I will play with this when I get home because I'm cranky so that means I get to code for the night lol.
  Reply
#4
Question:

I am making these modifications in the navigation. So far I am putting in this:
<pre>
Code:
if(isset($_GET['view'])) {
    $view = $_GET['view'];
}
</pre>


Which should identify if or if not there is a view. If there is, we will do blah blah blah, if not, blah blah. You know what I mean.

My issue is, the navigation, and everything else uses
Code:
$user->data() ->
and whatever the value is here. How can I override the value of
Code:
$user
to be the information of user with the
Code:
$uid
. If I just change it to
Code:
$uid
the function is going to fail, because it has no idea what to do with that information.

Thanks.
  Reply
#5
You don't need to use things like $user->data()->id

You can put any id there...even something like

checkMenu(4,1))

Would work.

Personally, I would show and hide menu options with just a simple if statement. Do the query you want to do and write an if statement.
  Reply
#6
mudmin,

Are you recommending instead of using my
Code:
$user->data() ->
I just put
Code:
$uid
which is captured using GET?

Thank you.
  Reply
#7
That would work. The only downside is realize that if you're passing that through as a get variable, someone could change it and access something they're not supposed to.

Note that the checkMenu function sees if a person has a particular access level (by default it's 1 for user and 2 for admin), but the checkMenu function respects whether or not someone has MORE THAN one access level...so I think it does what you already need it to do...unless I'm missing something.
  Reply
#8
This view as user feature will only be available for Administrators. So they already have full access. Managers, User Management, etc. will not have access. Only Administrators. I will work on ensuring that it checks this information when it processes this.
  Reply
#9
Yeah so if you do

Code:
if(checkMenu(2,$user->data()->id)){
Code:
//your stuff goes here
Code:
}

Then anyone who is an admin will have whatever goes between the {}
  Reply
#10
Mudmin,

I am trying to change the
Code:
$user->data()->fname
to represent the current
Code:
$uid
first name. Does the
Code:
$user
variable check based on ID, or another piece of information?

Thank you.
  Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)