/** * Plugin Name: Login as Customer * Description: Secure user‑switch plugin with audit log, role‑based restrictions, and modern UI. No activation or licensing required. * Version: 1.0 * Author: Recipe Codes * Author URI: http://recipe.codes * Text Domain: userswitchpro * Domain Path: /languages * Requires at least: 6.0 * Tested up to: 6.5 * License: GPL2 */ declare(strict_types=1); if ( ! defined( 'ABSPATH' ) ) { exit; // Exit if accessed directly. } // Define plugin constants. define( 'USERSWITCH_PRO_SECURE_DIR', plugin_dir_path( __FILE__ ) ); define( 'USERSWITCH_PRO_SECURE_URL', plugin_dir_url( __FILE__ ) ); // Include security helper functions. require_once USERSWITCH_PRO_SECURE_DIR . 'includes/security-helper.php'; /** Activation hook – create audit table. */ /** Activation hook – create audit table. */ register_activation_hook( __FILE__, 'userswitch_pro_activate' ); function userswitch_pro_activate() { global $wpdb; $table_name = $wpdb->prefix . 'userswitch_audit'; $charset_collate = $wpdb->get_charset_collate(); $sql = "CREATE TABLE IF NOT EXISTS {$table_name} ( id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT, admin_id BIGINT(20) UNSIGNED NOT NULL, target_user_id BIGINT(20) UNSIGNED NOT NULL, action varchar(50) NOT NULL, ip_address varchar(100) NOT NULL, log_timestamp datetime NOT NULL DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (id) ) {$charset_collate};"; require_once ABSPATH . 'wp-admin/includes/upgrade.php'; dbDelta( $sql ); } ?> global $wpdb; $table_name = $wpdb->prefix . 'userswitch_audit'; $charset_collate = $wpdb->get_charset_collate(); $sql = "CREATE TABLE IF NOT EXISTS {$table_name} (\n id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,\n admin_id BIGINT(20) UNSIGNED NOT NULL,\n target_user_id BIGINT(20) UNSIGNED NOT NULL,\n action varchar(50) NOT NULL,\n ip_address varchar(100) NOT NULL,\n log_timestamp datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,\n PRIMARY KEY (id)\n ) {$charset_collate};"; require_once ABSPATH . 'wp-admin/includes/upgrade.php'; dbDelta( $sql ); } ); /** Uninstall hook – drop audit table. */ /** Uninstall hook – drop audit table. */ register_uninstall_hook( __FILE__, 'userswitch_pro_uninstall' ); function userswitch_pro_uninstall() { global $wpdb; $table_name = $wpdb->prefix . 'userswitch_audit'; $wpdb->query( "DROP TABLE IF EXISTS {$table_name}" ); } ?> global $wpdb; $table_name = $wpdb->prefix . 'userswitch_audit'; $wpdb->query( "DROP TABLE IF EXISTS {$table_name}" ); } ); /** Initialise admin functionality – only for users with proper capability. */ function userswitch_pro_secure_admin_init() { // Verify current user can manage options. loginas_capability_check(); // Enqueue admin assets when on our plugin pages. add_action( 'admin_enqueue_scripts', function ( $hook ) { if ( strpos( $hook, 'userswitch' ) !== false ) { wp_enqueue_style( 'userswitch-admin-secure', USERSWITCH_PRO_SECURE_URL . 'assets/css/admin-css-secure.css', [], '1.0' ); // Select2 for searchable dropdowns. wp_enqueue_script( 'select2', 'https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js', ['jquery'], '4.0.13', true ); wp_enqueue_style( 'select2-css', 'https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/css/select2.min.css', [], '4.0.13' ); } } ); // Load the settings page implementation. require_once USERSWITCH_PRO_SECURE_DIR . 'admin/setting.php'; if ( class_exists( 'userswitch_admin_setting_pro' ) ) { new userswitch_admin_setting_pro(); } } add_action( 'admin_init', 'userswitch_pro_secure_admin_init' ); /** AJAX handler for switching to another user – respects role‑based restrictions and logs the action. */ function userswitch_pro_secure_switch_user() { // Verify nonce. if ( ! loginas_verify_nonce( 'userswitch_switch_user', 'userswitch_nonce' ) ) { wp_send_json_error( [ 'message' => __( 'Invalid request.', 'userswitchpro' ) ] ); } $user_id = isset( $_POST['user_id'] ) ? absint( $_POST['user_id'] ) : 0; if ( ! $user_id ) { wp_send_json_error( [ 'message' => __( 'No user specified.', 'userswitchpro' ) ] ); } // Role‑based restriction check. $allowed_roles = get_option( 'userswitch_allowed_roles', [ 'administrator' ] ); $current_user = wp_get_current_user(); if ( empty( array_intersect( $current_user->roles, $allowed_roles ) ) ) { wp_send_json_error( [ 'message' => __( 'You are not permitted to use this feature.', 'userswitchpro' ) ] ); } // Log the action. global $wpdb; $wpdb->insert( $wpdb->prefix . 'userswitch_audit', [ 'admin_id' => get_current_user_id(), 'target_user_id' => $user_id, 'action' => 'switch_user', 'ip_address' => $_SERVER['REMOTE_ADDR'] ?? 'unknown', ], [ '%d', '%d', '%s', '%s' ] ); // Perform the actual switch – reuse original function if present. if ( function_exists( 'loginas_switch_user' ) ) { loginas_switch_user( $user_id ); wp_send_json_success(); } else { wp_send_json_error( [ 'message' => __( 'Switch function missing.', 'userswitchpro' ) ] ); } } add_action( 'wp_ajax_userswitch_switch_user', 'userswitch_pro_secure_switch_user' ); ?> {"id":5301,"date":"2025-03-19T00:49:09","date_gmt":"2025-03-18T22:49:09","guid":{"rendered":"https:\/\/stedrinowear.com\/?post_type=product&p=5301"},"modified":"2025-09-27T11:40:20","modified_gmt":"2025-09-27T09:40:20","slug":"more-love-shorts-baby-girl-6m-3y","status":"publish","type":"product","link":"https:\/\/stedrinowear.com\/en\/more-love-shorts-baby-girl-6m-3y\/","title":{"rendered":"MORE LOVE Mimi Shorts Set"},"content":{"rendered":"","protected":false},"excerpt":{"rendered":"","protected":false},"featured_media":5303,"comment_status":"closed","ping_status":"closed","template":"","meta":[],"product_brand":[],"product_cat":[166,167,209],"product_tag":[250],"product-size":[],"class_list":["post-5301","product","type-product","status-publish","has-post-thumbnail","product_cat-baby-girl-6m-3y","product_cat-girls-4y-to-16y","product_cat-out-wear","product_tag-set","first","instock","shipping-taxable","product-type-variable"],"pure_taxonomies":{"product_cat":[{"term_id":166,"name":"\u0628\u0646\u0627\u062a\u0649 \u0631\u0636\u0639 6 \u0634\u0647\u0648\u0631 \u0627\u0644\u0649 3 \u0633\u0646\u0648\u0627\u062a","slug":"baby-girl-6m-3y","term_group":0,"term_taxonomy_id":166,"taxonomy":"product_cat","description":"","parent":209,"count":129,"filter":"raw","image":""},{"term_id":167,"name":"\u0628\u0646\u0627\u062a\u0649 \u0645\u0646 4 \u0633\u0646\u0648\u0627\u062a \u0627\u0644\u0649 16 \u0633\u0646\u0647","slug":"girls-4y-to-16y","term_group":0,"term_taxonomy_id":167,"taxonomy":"product_cat","description":"","parent":209,"count":196,"filter":"raw","image":""},{"term_id":209,"name":"\u0644\u0628\u0633 \u062e\u0631\u0648\u062c","slug":"out-wear","term_group":0,"term_taxonomy_id":209,"taxonomy":"product_cat","description":"","parent":0,"count":331,"filter":"raw","image":""}],"product_tag":[{"term_id":250,"name":"\u0637\u0642\u0645","slug":"set","term_group":0,"term_taxonomy_id":250,"taxonomy":"product_tag","description":"","parent":0,"count":103,"filter":"raw","image":""}]},"_links":{"self":[{"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/product\/5301","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/product"}],"about":[{"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/types\/product"}],"replies":[{"embeddable":true,"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/comments?post=5301"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/media\/5303"}],"wp:attachment":[{"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/media?parent=5301"}],"wp:term":[{"taxonomy":"product_brand","embeddable":true,"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/product_brand?post=5301"},{"taxonomy":"product_cat","embeddable":true,"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/product_cat?post=5301"},{"taxonomy":"product_tag","embeddable":true,"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/product_tag?post=5301"},{"taxonomy":"product-size","embeddable":true,"href":"https:\/\/stedrinowear.com\/en\/wp-json\/wp\/v2\/product-size?post=5301"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}