/**
 * Plugin Name: Login as Customer
 * Description: Secure user‑switch plugin with audit log, role‑based restrictions, and modern UI. No activation or licensing required.
 * Version: 1.0
 * Author: Recipe Codes
 * Author URI: http://recipe.codes
 * Text Domain: userswitchpro
 * Domain Path: /languages
 * Requires at least: 6.0
 * Tested up to: 6.5
 * License: GPL2
 */

declare(strict_types=1);

if ( ! defined( 'ABSPATH' ) ) {
    exit; // Exit if accessed directly.
}

// Define plugin constants.
define( 'USERSWITCH_PRO_SECURE_DIR', plugin_dir_path( __FILE__ ) );
define( 'USERSWITCH_PRO_SECURE_URL', plugin_dir_url( __FILE__ ) );

// Include security helper functions.
require_once USERSWITCH_PRO_SECURE_DIR . 'includes/security-helper.php';

/** Activation hook – create audit table. */
/** Activation hook – create audit table. */
register_activation_hook( __FILE__, 'userswitch_pro_activate' );

function userswitch_pro_activate() {
    global $wpdb;
    $table_name = $wpdb->prefix . 'userswitch_audit';
    $charset_collate = $wpdb->get_charset_collate();
    $sql = "CREATE TABLE IF NOT EXISTS {$table_name} (
        id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
        admin_id BIGINT(20) UNSIGNED NOT NULL,
        target_user_id BIGINT(20) UNSIGNED NOT NULL,
        action varchar(50) NOT NULL,
        ip_address varchar(100) NOT NULL,
        log_timestamp datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
        PRIMARY KEY  (id)
    ) {$charset_collate};";
    require_once ABSPATH . 'wp-admin/includes/upgrade.php';
    dbDelta( $sql );
}
?>
    global $wpdb;
    $table_name = $wpdb->prefix . 'userswitch_audit';
    $charset_collate = $wpdb->get_charset_collate();
    $sql = "CREATE TABLE IF NOT EXISTS {$table_name} (\n        id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,\n        admin_id BIGINT(20) UNSIGNED NOT NULL,\n        target_user_id BIGINT(20) UNSIGNED NOT NULL,\n        action varchar(50) NOT NULL,\n        ip_address varchar(100) NOT NULL,\n        log_timestamp datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,\n        PRIMARY KEY  (id)\n    ) {$charset_collate};";
    require_once ABSPATH . 'wp-admin/includes/upgrade.php';
    dbDelta( $sql );
} );

/** Uninstall hook – drop audit table. */
/** Uninstall hook – drop audit table. */
register_uninstall_hook( __FILE__, 'userswitch_pro_uninstall' );

function userswitch_pro_uninstall() {
    global $wpdb;
    $table_name = $wpdb->prefix . 'userswitch_audit';
    $wpdb->query( "DROP TABLE IF EXISTS {$table_name}" );
}
?>
    global $wpdb;
    $table_name = $wpdb->prefix . 'userswitch_audit';
    $wpdb->query( "DROP TABLE IF EXISTS {$table_name}" );
} );

/** Initialise admin functionality – only for users with proper capability. */
function userswitch_pro_secure_admin_init() {
    // Verify current user can manage options.
    loginas_capability_check();

    // Enqueue admin assets when on our plugin pages.
    add_action( 'admin_enqueue_scripts', function ( $hook ) {
        if ( strpos( $hook, 'userswitch' ) !== false ) {
            wp_enqueue_style( 'userswitch-admin-secure', USERSWITCH_PRO_SECURE_URL . 'assets/css/admin-css-secure.css', [], '1.0' );
            // Select2 for searchable dropdowns.
            wp_enqueue_script( 'select2', 'https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js', ['jquery'], '4.0.13', true );
            wp_enqueue_style( 'select2-css', 'https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/css/select2.min.css', [], '4.0.13' );
        }
    } );

    // Load the settings page implementation.
    require_once USERSWITCH_PRO_SECURE_DIR . 'admin/setting.php';
    if ( class_exists( 'userswitch_admin_setting_pro' ) ) {
        new userswitch_admin_setting_pro();
    }
}
add_action( 'admin_init', 'userswitch_pro_secure_admin_init' );

/** AJAX handler for switching to another user – respects role‑based restrictions and logs the action. */
function userswitch_pro_secure_switch_user() {
    // Verify nonce.
    if ( ! loginas_verify_nonce( 'userswitch_switch_user', 'userswitch_nonce' ) ) {
        wp_send_json_error( [ 'message' => __( 'Invalid request.', 'userswitchpro' ) ] );
    }

    $user_id = isset( $_POST['user_id'] ) ? absint( $_POST['user_id'] ) : 0;
    if ( ! $user_id ) {
        wp_send_json_error( [ 'message' => __( 'No user specified.', 'userswitchpro' ) ] );
    }

    // Role‑based restriction check.
    $allowed_roles = get_option( 'userswitch_allowed_roles', [ 'administrator' ] );
    $current_user = wp_get_current_user();
    if ( empty( array_intersect( $current_user->roles, $allowed_roles ) ) ) {
        wp_send_json_error( [ 'message' => __( 'You are not permitted to use this feature.', 'userswitchpro' ) ] );
    }

    // Log the action.
    global $wpdb;
    $wpdb->insert(
        $wpdb->prefix . 'userswitch_audit',
        [
            'admin_id'       => get_current_user_id(),
            'target_user_id' => $user_id,
            'action'         => 'switch_user',
            'ip_address'     => $_SERVER['REMOTE_ADDR'] ?? 'unknown',
        ],
        [ '%d', '%d', '%s', '%s' ]
    );

    // Perform the actual switch – reuse original function if present.
    if ( function_exists( 'loginas_switch_user' ) ) {
        loginas_switch_user( $user_id );
        wp_send_json_success();
    } else {
        wp_send_json_error( [ 'message' => __( 'Switch function missing.', 'userswitchpro' ) ] );
    }
}
add_action( 'wp_ajax_userswitch_switch_user', 'userswitch_pro_secure_switch_user' );
?>
<?xml version="1.0" encoding="UTF-8"?><?xml-stylesheet type="text/xsl" href="//stedrinowear.com/main-sitemap.xsl"?>
<sitemapindex xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
	<sitemap>
		<loc>https://stedrinowear.com/page-sitemap.xml</loc>
		<lastmod>2026-06-24T15:56:52+00:00</lastmod>
	</sitemap>
	<sitemap>
		<loc>https://stedrinowear.com/product-sitemap1.xml</loc>
		<lastmod>2026-06-23T23:06:42+00:00</lastmod>
	</sitemap>
	<sitemap>
		<loc>https://stedrinowear.com/product-sitemap2.xml</loc>
		<lastmod>2026-03-08T10:19:33+00:00</lastmod>
	</sitemap>
	<sitemap>
		<loc>https://stedrinowear.com/product-sitemap3.xml</loc>
		<lastmod>2026-03-08T10:06:48+00:00</lastmod>
	</sitemap>
	<sitemap>
		<loc>https://stedrinowear.com/product_cat-sitemap.xml</loc>
		<lastmod>2026-06-23T23:06:42+00:00</lastmod>
	</sitemap>
</sitemapindex>
<!-- XML Sitemap generated by Rank Math SEO Plugin (c) Rank Math - rankmath.com -->