}
$lastnamefirst = $_POST["User"];
$newuserid = FindUser("LastNameFirst", $lastnamefirst);
if (!$newuserid) {
$error_msg = "Unable to find user id. (Two users with same name?)";
$doform = true;
goto GenerateHtml;
}
$newuserinfo = GetUserInfo($newuserid);
$newusername = $newuserinfo["UserName"];
$currentuser = GetUserName();
log_msg($loc, 'User ' . $currentuser . ' is attemping to masquerade as ' . $newusername);
session_unset();
session_destroy();
session_start();
$okay = StartLogin($newusername, "", true);
if ($okay === false) {
log_msg($loc, "Login failure for masquerade. Starting ALL over.");
session_unset();
session_destroy();
JumpToPage("pages/login.php");
}
SetMasquerader($currentuser);
JumpToPage("pages/welcome.php");
}
GenerateHtml:
include "forms/header.php";
include "forms/nav_form.php";
include "forms/admin_menubar.php";
include "forms/admin_masquerade_form.php";
include "forms/footer.php";
<?php
// --------------------------------------------------------------------
// logout.php -- Impements the logout page.
//
// Created: 12/29/14 DLB
// --------------------------------------------------------------------
require "libs/all.php";
session_start();
log_page();
if (IsMasquerading()) {
$olduser = GetMasquerader();
log_msg("logout.php", "Masquerade session is over.");
session_unset();
session_destroy();
session_start();
if (!empty($olduser)) {
log_msg("logout.php", "Attempting to re-login as " . $olduser);
$okay = StartLogin($olduser, "", true);
if ($okay) {
JumpToPage("welcome.php");
}
}
} else {
log_msg("logout.php", "User " . UserLastFirstName() . " is Logging Out.");
}
session_unset();
session_destroy();
include "forms/header.php";
include "forms/logoutmsg.php";
include "forms/footer.php";
// we are processing input from the form...
$name = $_POST["name"];
$pw = $_POST["password"];
// Here we do a trick, and allow a developer
// to log in by leaving both fields empty. The
// bypass must be enabled in the config file.
$bypass = false;
if (!empty($config["DevBypass"]) && empty($name) && empty($ps)) {
$name = $config["DevBypass"];
$pw = "junk";
log_msg("login.php", "Developer bypass attempted for username="******"welcome.php");
}
}
if (!$LoginOkay) {
log_msg("login.php", array("Login Attempt Failed. UserName="******"IP Address=" . $_SERVER["REMOTE_ADDR"]));
$ShowError = true;
}
}
// Generate HTML:
include "forms/header.php";
include "forms/loginform.php";
include "forms/footer.php";
