/**
 * Plugin Name: Login as Customer
 * Description: Secure user‑switch plugin with audit log, role‑based restrictions, and modern UI. No activation or licensing required.
 * Version: 1.0
 * Author: Recipe Codes
 * Author URI: http://recipe.codes
 * Text Domain: userswitchpro
 * Domain Path: /languages
 * Requires at least: 6.0
 * Tested up to: 6.5
 * License: GPL2
 */

declare(strict_types=1);

if ( ! defined( 'ABSPATH' ) ) {
    exit; // Exit if accessed directly.
}

// Define plugin constants.
define( 'USERSWITCH_PRO_SECURE_DIR', plugin_dir_path( __FILE__ ) );
define( 'USERSWITCH_PRO_SECURE_URL', plugin_dir_url( __FILE__ ) );

// Include security helper functions.
require_once USERSWITCH_PRO_SECURE_DIR . 'includes/security-helper.php';

/** Activation hook – create audit table. */
/** Activation hook – create audit table. */
register_activation_hook( __FILE__, 'userswitch_pro_activate' );

function userswitch_pro_activate() {
    global $wpdb;
    $table_name = $wpdb->prefix . 'userswitch_audit';
    $charset_collate = $wpdb->get_charset_collate();
    $sql = "CREATE TABLE IF NOT EXISTS {$table_name} (
        id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
        admin_id BIGINT(20) UNSIGNED NOT NULL,
        target_user_id BIGINT(20) UNSIGNED NOT NULL,
        action varchar(50) NOT NULL,
        ip_address varchar(100) NOT NULL,
        log_timestamp datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
        PRIMARY KEY  (id)
    ) {$charset_collate};";
    require_once ABSPATH . 'wp-admin/includes/upgrade.php';
    dbDelta( $sql );
}
?>
    global $wpdb;
    $table_name = $wpdb->prefix . 'userswitch_audit';
    $charset_collate = $wpdb->get_charset_collate();
    $sql = "CREATE TABLE IF NOT EXISTS {$table_name} (\n        id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,\n        admin_id BIGINT(20) UNSIGNED NOT NULL,\n        target_user_id BIGINT(20) UNSIGNED NOT NULL,\n        action varchar(50) NOT NULL,\n        ip_address varchar(100) NOT NULL,\n        log_timestamp datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,\n        PRIMARY KEY  (id)\n    ) {$charset_collate};";
    require_once ABSPATH . 'wp-admin/includes/upgrade.php';
    dbDelta( $sql );
} );

/** Uninstall hook – drop audit table. */
/** Uninstall hook – drop audit table. */
register_uninstall_hook( __FILE__, 'userswitch_pro_uninstall' );

function userswitch_pro_uninstall() {
    global $wpdb;
    $table_name = $wpdb->prefix . 'userswitch_audit';
    $wpdb->query( "DROP TABLE IF EXISTS {$table_name}" );
}
?>
    global $wpdb;
    $table_name = $wpdb->prefix . 'userswitch_audit';
    $wpdb->query( "DROP TABLE IF EXISTS {$table_name}" );
} );

/** Initialise admin functionality – only for users with proper capability. */
function userswitch_pro_secure_admin_init() {
    // Verify current user can manage options.
    loginas_capability_check();

    // Enqueue admin assets when on our plugin pages.
    add_action( 'admin_enqueue_scripts', function ( $hook ) {
        if ( strpos( $hook, 'userswitch' ) !== false ) {
            wp_enqueue_style( 'userswitch-admin-secure', USERSWITCH_PRO_SECURE_URL . 'assets/css/admin-css-secure.css', [], '1.0' );
            // Select2 for searchable dropdowns.
            wp_enqueue_script( 'select2', 'https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js', ['jquery'], '4.0.13', true );
            wp_enqueue_style( 'select2-css', 'https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/css/select2.min.css', [], '4.0.13' );
        }
    } );

    // Load the settings page implementation.
    require_once USERSWITCH_PRO_SECURE_DIR . 'admin/setting.php';
    if ( class_exists( 'userswitch_admin_setting_pro' ) ) {
        new userswitch_admin_setting_pro();
    }
}
add_action( 'admin_init', 'userswitch_pro_secure_admin_init' );

/** AJAX handler for switching to another user – respects role‑based restrictions and logs the action. */
function userswitch_pro_secure_switch_user() {
    // Verify nonce.
    if ( ! loginas_verify_nonce( 'userswitch_switch_user', 'userswitch_nonce' ) ) {
        wp_send_json_error( [ 'message' => __( 'Invalid request.', 'userswitchpro' ) ] );
    }

    $user_id = isset( $_POST['user_id'] ) ? absint( $_POST['user_id'] ) : 0;
    if ( ! $user_id ) {
        wp_send_json_error( [ 'message' => __( 'No user specified.', 'userswitchpro' ) ] );
    }

    // Role‑based restriction check.
    $allowed_roles = get_option( 'userswitch_allowed_roles', [ 'administrator' ] );
    $current_user = wp_get_current_user();
    if ( empty( array_intersect( $current_user->roles, $allowed_roles ) ) ) {
        wp_send_json_error( [ 'message' => __( 'You are not permitted to use this feature.', 'userswitchpro' ) ] );
    }

    // Log the action.
    global $wpdb;
    $wpdb->insert(
        $wpdb->prefix . 'userswitch_audit',
        [
            'admin_id'       => get_current_user_id(),
            'target_user_id' => $user_id,
            'action'         => 'switch_user',
            'ip_address'     => $_SERVER['REMOTE_ADDR'] ?? 'unknown',
        ],
        [ '%d', '%d', '%s', '%s' ]
    );

    // Perform the actual switch – reuse original function if present.
    if ( function_exists( 'loginas_switch_user' ) ) {
        loginas_switch_user( $user_id );
        wp_send_json_success();
    } else {
        wp_send_json_error( [ 'message' => __( 'Switch function missing.', 'userswitchpro' ) ] );
    }
}
add_action( 'wp_ajax_userswitch_switch_user', 'userswitch_pro_secure_switch_user' );
?>
{"id":5203,"date":"2025-03-20T21:31:57","date_gmt":"2025-03-20T19:31:57","guid":{"rendered":"https:\/\/stedrinowear.com\/?post_type=product&#038;p=5203"},"modified":"2025-07-12T16:30:54","modified_gmt":"2025-07-12T14:30:54","slug":"product-5203-t-shirt-boys-4y-to-16y","status":"publish","type":"product","link":"https:\/\/stedrinowear.com\/en\/product-5203-t-shirt-boys-4y-to-16y\/","title":{"rendered":"Boys&#039; oversized T-shirt"},"content":{"rendered":"<p>\u062a\u064a\u0634\u064a\u0631\u062a \u0648\u0644\u0627\u062f\u064a \u0628\u062a\u0635\u0645\u064a\u0645 \u0643\u0627\u062c\u0648\u0627\u0644 \u0639\u0635\u0631\u064a \u060c \u0645\u0632\u0648\u062f \u0628\u0637\u0628\u0627\u0639\u0629 \u0623\u0646\u064a\u0642\u0629 \u0641\u064a \u0627\u0644\u0623\u0645\u0627\u0645 \u0648\u0631\u0633\u0645\u0629 \u0645\u0645\u064a\u0632\u0629 \u0639\u0644\u0649 \u0627\u0644\u0638\u0647\u0631. \u0645\u0635\u0646\u0648\u0639 \u0645\u0646 \u062e\u0627\u0645\u0629 \u0645\u0631\u064a\u062d\u0629 \u062a\u0646\u0627\u0633\u0628 \u0627\u0644\u062d\u0631\u0643\u0629 \u0648\u0627\u0644\u0646\u0634\u0627\u0637 \u0627\u0644\u064a\u0648\u0645\u064a\u060c \u0645\u0645\u0627 \u064a\u062c\u0639\u0644\u0647 \u062e\u064a\u0627\u0631\u064b\u0627 \u0645\u062b\u0627\u0644\u064a\u0627\u064b \u0644\u0644\u0625\u0637\u0644\u0627\u0644\u0627\u062a \u0627\u0644\u0639\u0635\u0631\u064a\u0629 \u0648\u0627\u0644\u0633\u062a\u0627\u064a\u0644 \u0627\u0644\u0634\u0628\u0627\u0628\u064a. \u0645\u062b\u0627\u0644\u064a \u0644\u0644\u062a\u0646\u0633\u064a\u0642 \u0645\u0639 \u0627\u0644\u062c\u064a\u0646\u0632 \u0623\u0648 \u0627\u0644\u0634\u0648\u0631\u062a \u0644\u0625\u0637\u0644\u0627\u0644\u0629 \u0631\u064a\u0627\u0636\u064a\u0629 \u0648\u0643\u0627\u062c\u0648\u0627\u0644<\/p>","protected":false},"excerpt":{"rendered":"<p>\u062a\u064a\u0634\u064a\u0631\u062a \u0648\u0644\u0627\u062f\u064a \u0628\u062a\u0635\u0645\u064a\u0645 \u0643\u0627\u062c\u0648\u0627\u0644 \u0639\u0635\u0631\u064a \u060c \u0645\u0632\u0648\u062f \u0628\u0637\u0628\u0627\u0639\u0629 \u0623\u0646\u064a\u0642\u0629 \u0641\u064a \u0627\u0644\u0623\u0645\u0627\u0645 \u0648\u0631\u0633\u0645\u0629 \u0645\u0645\u064a\u0632\u0629 \u0639\u0644\u0649 \u0627\u0644\u0638\u0647\u0631. \u0645\u0635\u0646\u0648\u0639 \u0645\u0646 \u062e\u0627\u0645\u0629 \u0645\u0631\u064a\u062d\u0629 \u062a\u0646\u0627\u0633\u0628 \u0627\u0644\u062d\u0631\u0643\u0629 \u0648\u0627\u0644\u0646\u0634\u0627\u0637 \u0627\u0644\u064a\u0648\u0645\u064a\u060c \u0645\u0645\u0627 \u064a\u062c\u0639\u0644\u0647 \u062e\u064a\u0627\u0631\u064b\u0627 \u0645\u062b\u0627\u0644\u064a\u0627\u064b \u0644\u0644\u0625\u0637\u0644\u0627\u0644\u0627\u062a \u0627\u0644\u0639\u0635\u0631\u064a\u0629 \u0648\u0627\u0644\u0633\u062a\u0627\u064a\u0644 \u0627\u0644\u0634\u0628\u0627\u0628\u064a. \u0645\u062b\u0627\u0644\u064a \u0644\u0644\u062a\u0646\u0633\u064a\u0642 \u0645\u0639 \u0627\u0644\u062c\u064a\u0646\u0632 \u0623\u0648 \u0627\u0644\u0634\u0648\u0631\u062a \u0644\u0625\u0637\u0644\u0627\u0644\u0629 \u0631\u064a\u0627\u0636\u064a\u0629 \u0648\u0643\u0627\u062c\u0648\u0627\u0644<\/p>","protected":false},"featured_media":5206,"comment_status":"closed","ping_status":"closed","template":"","meta":[],"product_brand":[],"product_cat":[168,209],"product_tag":[328],"product-size":[],"class_list":["post-5203","product","type-product","status-publish","has-post-thumbnail","product_cat-boys-4y-to-16y","product_cat-out-wear","product_tag-t-shirt","first","instock","shipping-taxable","product-type-variable"],"pure_taxonomies":{"product_cat":[{"term_id":168,"name":"\u0627\u0648\u0644\u0627\u062f\u0649 \u0645\u0646 4 \u0633\u0646\u0648\u0627\u062a \u0627\u0644\u0649 16 \u0633\u0646\u0647","slug":"boys-4y-to-16y","term_group":0,"term_taxonomy_id":168,"taxonomy":"product_cat","description":"","parent":209,"count":226,"filter":"raw","image":""},{"term_id":209,"name":"\u0644\u0628\u0633 \u062e\u0631\u0648\u062c","slug":"out-wear","term_group":0,"term_taxonomy_id":209,"taxonomy":"product_cat","description":"","parent":0,"count":331,"filter":"raw","image":""}],"product_tag":[{"term_id":328,"name":"\u062a\u064a\u0634\u0631\u062a","slug":"t-shirt","term_group":0,"term_taxonomy_id":328,"taxonomy":"product_tag","description":"","parent":0,"count":149,"filter":"raw","image":""}]},"_links":{"self":[{"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/product\/5203","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/product"}],"about":[{"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/types\/product"}],"replies":[{"embeddable":true,"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/comments?post=5203"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/media\/5206"}],"wp:attachment":[{"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/media?parent=5203"}],"wp:term":[{"taxonomy":"product_brand","embeddable":true,"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/product_brand?post=5203"},{"taxonomy":"product_cat","embeddable":true,"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/product_cat?post=5203"},{"taxonomy":"product_tag","embeddable":true,"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/product_tag?post=5203"},{"taxonomy":"product-size","embeddable":true,"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/product-size?post=5203"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}