static function doShadowUser()
{
global $zdbh;
global $controller;
runtime_csfr::Protect();
$currentuser = ctrl_users::GetUserDetail();
if ($currentuser['username'] == 'zadmin') {
$sql = "SELECT * FROM x_accounts WHERE ac_deleted_ts IS NULL ORDER BY ac_user_vc";
$numrows = $zdbh->prepare($sql);
} else {
$sql = "SELECT * FROM x_accounts WHERE ac_reseller_fk = :userid AND ac_deleted_ts IS NULL";
$numrows = $zdbh->prepare($sql);
$numrows->bindParam(':userid', $currentuser['userid']);
}
if ($numrows->execute()) {
if ($numrows->fetchColumn() != 0) {
$sql = $zdbh->prepare($sql);
if ($currentuser['username'] == 'zadmin') {
//no bind needed
} else {
//bind the username
$sql->bindParam(':userid', $currentuser['userid']);
}
$sql->execute();
while ($rowclients = $sql->fetch()) {
if (!fs_director::CheckForEmptyValue($controller->GetControllerRequest('FORM', 'inShadow_' . $rowclients['ac_id_pk']))) {
ctrl_auth::KillCookies();
ctrl_auth::SetSession('ruid', $currentuser['userid']);
ctrl_auth::SetUserSession($rowclients['ac_id_pk'], runtime_sessionsecurity::getSessionSecurityEnabled());
header("location: /");
exit;
}
}
}
}
}
