from-user.php
См. документацию.
1 <?php
2 
3 /**
4  * @file
5  * @brief обрабочик гостевого входа в систему из под другого пользователя
6  */
7 
8 isset($user) or require $_SERVER['DOCUMENT_ROOT'] . '/page/404.php';
9 
10 header("Content-type: application/json");
11 
12 array_walk_recursive($_POST, function (&$item) {
13  $item = trim(htmlspecialchars($item, ENT_QUOTES));
14 });
15 
16 if (!($row = Wrong\Models\Users::find($_POST['id']))) {
17  exit(json_encode(['error' => 'Ошибка']));
18 }
19 
20 if ($row->id == $user->id) {
21  exit(json_encode(['error' => 'Нельзя зайти из под самого себя']));
22 }
23 
24 if (!$user->access()->write($row)) {
25  exit(json_encode(['error' => 'Недостаточно прав!']));
26 }
27 
28 $uid = Wrong\Auth\Crypt::idEncrypt($row->id);
29 setcookie('FROM_UID', $uid, [
30  'expires' => time() + 31536000,
31  'path' => '/',
32  'domain' => $_SERVER['HTTP_HOST'],
33  'secure' => Wrong\Start\Env::$e->IS_SECURE,
34  'httponly' => false,
35  'samesite' => Wrong\Start\Env::$e->IS_SECURE ? 'None' : 'Lax'
36 ]) or setcookie('FROM_UID', $uid, time() + 31536000, '/', $_SERVER['HTTP_HOST'], Wrong\Start\Env::$e->IS_SECURE);
37 
38 $user = new Wrong\Auth\User($row->id);
39 if ($user->access()->page('/system')) {
40  Wrong\Task\Stackjs::add('location.href="/system";', 0, 'location');
41 } else {
42  Wrong\Task\Stackjs::add('location.href="/";', 0, 'location');
43 }
44 
45 exit(json_encode(['result' => 'ok']));
$_POST
$_POST['groups']
Definition: add-action.php:16
Wrong\Auth\Crypt\idEncrypt
static idEncrypt($id)
Definition: Crypt.php:28
Wrong\Task\Stackjs\add
static add($code, $timeout=0, $key='')
Definition: Stackjs.php:25
time
setcookie('FROM_UID', $uid, [ 'expires'=> time()+31536000, 'path'=> '/', 'domain'=> $_SERVER['HTTP_HOST'], 'secure'=> Wrong\Start\Env::$e->IS_SECURE, 'httponly'=> false, 'samesite'=> Wrong\Start\Env::$e->IS_SECURE ? 'None' :'Lax']) or setcookie('FROM_UID' time()+31536000
Definition: from-user.php:36
IS_SECURE
setcookie('FROM_UID', $uid, [ 'expires'=> time()+31536000, 'path'=> '/', 'domain'=> $_SERVER['HTTP_HOST'], 'secure'=> Wrong\Start\Env::$e->IS_SECURE, 'httponly'=> false, 'samesite'=> Wrong\Start\Env::$e->IS_SECURE ? 'None' :'Lax']) or setcookie('FROM_UID' Wrong Start Env::$e IS_SECURE
Definition: from-user.php:36
$user
$user
Definition: from-user.php:38
$uid
if(!($row=Wrong\Models\Users::find($_POST['id']))) if($row->id==$user->id) if(! $user->access() ->write($row)) $uid
Definition: from-user.php:28
$_SERVER
setcookie('FROM_UID', $uid, [ 'expires'=> time()+31536000, 'path'=> '/', 'domain'=> $_SERVER['HTTP_HOST'], 'secure'=> Wrong\Start\Env::$e->IS_SECURE, 'httponly'=> false, 'samesite'=> Wrong\Start\Env::$e->IS_SECURE ? 'None' :'Lax']) or setcookie('FROM_UID' $_SERVER['HTTP_HOST']
Definition: from-user.php:36
exit
if(($dbh=Connect::getInstance(true) ->dbh) && $dbh->query("SHOW TABLES") ->fetchAll() && $dbh->query("SELECT COUNT(*) FROM `users`") ->fetchColumn()) if(!empty($_POST)) exit
Definition: install.php:198
if
if(preg_match('#//#', $request)) if($request !='/' &&preg_match('#/$#', $request)) if(preg_match('#index\.(php|html)$#', $request)) if(Wrong\Start\Env::$e->SYSTEM_CLOSED && $user->main_group_id !=1) if(preg_match('#^/api/(modal|action|select)/[a-z0-9\-]+#', $request, $matches)) if(isset($_GET['FROM_UID'])) if($request=='/' &&Wrong\Start\Env::$e->RETURN_TO_REQUEST && $user->id && $request !=$user->request && $user->request &&!isset($_GET['main'])) if(preg_match('#^/remind/([0-9]+)/([a-z0-9]+)#i', $request, $matches) &&Wrong\Auth\User::is_remind($matches[1], $matches[2])) if(preg_match('#^/email-confirm/([0-9]+)/([a-z0-9]+)#i', $request, $matches) &&Wrong\Auth\User::is_confirm($matches[1], $matches[2]) &&! $user->email_confirmed) if(Wrong\Start\Env::$e->EMAIL_CONFIRMATION && $user->id &&! $user->email_confirmed) if( $arr=Wrong\Models\Pages::all( $request, 'request'))
Definition: uri-router.php:129