User Switching - Version 1.0.6

Version Description

  • Correct the values passed to the switch_back_user action when a user switches back.

=

Download this release

Release Info

Developer johnbillion
Plugin Icon 128x128 User Switching
Version 1.0.6
Comparing to
See all releases

Code changes from version 1.0.5 to 1.0.6

Files changed (3) hide show
  1. composer.json +14 -2
  2. readme.txt +128 -124
  3. user-switching.php +27 -32
composer.json CHANGED
@@ -18,7 +18,19 @@
18
  "require": {
19
  "composer/installers": "~1.0"
20
  },
21
- "require-dev": {
22
- "phpunit/phpunit": ">=3.7"
 
 
 
 
 
 
 
 
 
 
 
 
23
  }
24
  }
18
  "require": {
19
  "composer/installers": "~1.0"
20
  },
21
+ "require-dev" : {
22
+ "behat/behat": "~3.0",
23
+ "behat/mink-extension": "~2.0",
24
+ "behat/mink-goutte-driver": "~1.1",
25
+ "johnbillion/wordpress-behat-extension": "0.1.1",
26
+ "johnpbloch/wordpress": ">=4.1.0@stable",
27
+ "phpunit/phpunit": ">=3.7@stable"
28
+ },
29
+ "minimum-stability": "dev",
30
+ "config": {
31
+ "bin-dir": "bin/"
32
+ },
33
+ "extra": {
34
+ "wordpress-install-dir": "vendor/wordpress"
35
  }
36
  }
readme.txt CHANGED
@@ -1,133 +1,137 @@
1
- === User Switching ===
2
-
3
- Contributors: johnbillion
4
- Tags: users, profiles, user switching, fast user switching, multisite, buddypress, bbpress, become, user management, developer
5
- Requires at least: 3.1
6
- Tested up to: 4.1.1
7
- Stable tag: 1.0.5
8
- License: GPL v2 or later
9
-
10
- Instant switching between user accounts in WordPress.
11
-
12
- == Description ==
13
-
14
- This plugin allows you to quickly swap between user accounts in WordPress at the click of a button. You'll be instantly logged out and logged in as your desired user. This is handy for test environments where you regularly log out and in between different accounts, or for adminstrators who need to switch between multiple accounts.
15
-
16
- = Features =
17
-
18
- * Switch user: Instantly switch to any user account from the *Users* screen.
19
- * Switch back: Instantly switch back to your originating account.
20
- * Switch off: Log out of your account but retain the ability to instantly switch back in again.
21
- * It's completely secure (see the *Security* section below).
22
- * Compatible with WordPress, WordPress Multisite, BuddyPress and bbPress.
23
-
24
- = Security =
25
-
26
- * Only users with the ability to edit other users can switch user accounts. By default this is only Administrators on single site installs, and Super Admins on Multisite installs.
27
- * Passwords are not (and cannot be) revealed.
28
- * Uses the cookie authentication system in WordPress when remembering the account(s) you've switched from and when switching back.
29
- * Implements the nonce security system in WordPress, meaning only those who intend to switch users can switch.
30
- * Full support for administration over SSL (if applicable).
31
-
32
- = Usage =
33
-
34
- 1. Visit the *Users* menu in WordPress and you'll see a *Switch To* link next to each user.
35
- 2. Click this and you will immediately switch into that user account.
36
- 3. You can switch back to your originating account via the *Switch back* link on each dashboard screen or in your profile menu in the WordPress toolbar.
37
-
38
- See the [FAQ](https://wordpress.org/plugins/user-switching/faq/) for information about the *Switch Off* feature.
39
-
40
- = Translations Included =
41
-
42
- * العربية (Arabic)
43
- * Български (Bulgarian)
44
- * 中文 (Chinese Simplified)
45
- * Hrvatski (Croatian)
46
- * Nederlands (Dutch)
47
- * Suomi (Finnish)
48
- * Français (French)
49
- * Deutsch (German)
50
- * Ελληνικά (Greek)
51
- * עִבְרִית (Hebrew)
52
- * Bahasa Indonesia (Indonesian)
53
- * Italiano (Italian)
54
- * 日本語 (Japanese)
55
- * Lietuvių kalba (Lithuanian)
56
- * Norsk bokmål (Norwegian)
57
- * فارسی (Persian)
58
- * Polski (Polish)
59
- * Português do Brasil (Brazilian Portuguese)
60
- * Română (Romanian)
61
- * Русский (Russian)
62
- * Slovenčina (Slovak)
63
- * Español (Spanish)
64
- * Türkçe (Turkish)
65
-
66
- Thanks to translations by Hassan Hisham, Tunghsiao Liu, Francois-Xavier Bénard, Ralph Stenzel, Rami Y, Yusuke Hayasaki, Tommixoft, Amin Ab, Bartosz Arendt, Raphael Mendonça, R J, Max Samael, Eko Ikhyar, Marcelo Pedra, Abdullah Pazarbasi, ArianServ, SilverXp, Evi Giannakou, Petya Raykovska, Martin Sauter, Yaser Tallo, Enrique Errando, Sami Keijonen, Kalina Michocka, Alessandro Curci, Alessandro Tesoro, Ante Sepic, and Per Søderlind!
67
-
68
- == Screenshots ==
69
-
70
- 1. ![The *Switch To* link on the Users screen](https://raw.github.com/johnbillion/user-switching/master/assets-wp-repo/screenshot-1.png)
71
- 2. ![The *Switch To* link on a user's profile](https://raw.github.com/johnbillion/user-switching/master/assets-wp-repo/screenshot-2.png)
72
-
73
- == Installation ==
74
-
75
- If you have the [WordPress Developer plugin](https://wordpress.org/plugins/developer/) installed then User Switching is a one-click install from the Tools -> Developer screen.
76
-
77
- Alternatively, you can install this plugin directly from your WordPress dashboard:
78
-
79
- 1. Go to the *Plugins* menu and click *Add New*.
80
- 2. Search for *User Switching*.
81
- 3. Click *Install Now* next to the *User Switching* plugin.
82
- 4. Activate the plugin.
83
-
84
- == Frequently Asked Questions ==
85
-
86
- = What does "Switch off" mean? =
87
-
88
- Switching off logs you out of your account but retains your user ID in an authentication cookie so you can switch straight back without having to log in again manually. It's akin to switching to no user, and being able to switch back.
89
-
90
- The *Switch Off* link can be found in your profile menu in the WordPress toolbar. Once you've switched off you'll see a *Switch back* link in the footer of your site.
91
-
92
- = Does this plugin work with WordPress Multisite? =
93
-
94
- Yes, and you'll also be able to switch users from the Users screen in Network Admin.
95
-
96
- = Does this plugin work with BuddyPress? =
97
-
98
- Yes, and you'll also be able to switch users from member profile screens and the member listing screen.
99
-
100
- = Does this plugin work with bbPress? =
101
-
102
- Yes, and you'll also be able to switch users from member profile screens.
103
-
104
- = Does this work as a mu-plugin? =
105
-
106
- Yes, but you'll need to install `user-switching.php` into the root of your `mu-plugins` directory, not in the `user-switching` subdirectory. This is a restriction of WordPress.
107
-
108
- = What capability does a user need in order to switch accounts? =
109
-
110
- A user needs the `edit_users` capability in order to switch user accounts. By default only Administrators have this capability, and with Multisite enabled only Super Admins have this capability.
111
-
112
- = Can regular admins on Multisite installs switch accounts? =
113
-
114
- No. This can be enabled though by installing the [User Switching for Regular Admins](https://github.com/johnbillion/user-switching-for-regular-admins) plugin.
115
-
116
- = Are any plugin hooks called when users switch accounts? =
117
-
118
- Yes. When a user switches to another account, the `switch_to_user` hook is called with the new and old user IDs passed as parameters.
119
-
120
- When a user switches back to their original account, the `switch_back_user` hook is called with the new (original) and old user IDs passed as parameters. Note that the old user ID can be boolean false if the user is switching back after they've been switched off.
121
-
122
- When a user switches off, the `switch_off_user` hook is called with the old user ID as a parameter.
123
 
124
  == Upgrade Notice ==
125
 
126
- = 1.0.5 =
127
- * Norwegian translation by Per Søderlind.
128
 
129
  == Changelog ==
130
 
 
 
 
 
131
  = 1.0.5 =
132
  * Norwegian translation by Per Søderlind.
133
  * Code standards tweaks.
1
+ === User Switching ===
2
+
3
+ Contributors: johnbillion
4
+ Tags: users, profiles, user switching, fast user switching, multisite, buddypress, bbpress, become, user management, developer
5
+ Requires at least: 3.1
6
+ Tested up to: 4.3
7
+ Stable tag: 1.0.6
8
+ License: GPL v2 or later
9
+
10
+ Instant switching between user accounts in WordPress.
11
+
12
+ == Description ==
13
+
14
+ This plugin allows you to quickly swap between user accounts in WordPress at the click of a button. You'll be instantly logged out and logged in as your desired user. This is handy for test environments where you regularly log out and in between different accounts, or for administrators who need to switch between multiple accounts.
15
+
16
+ = Features =
17
+
18
+ * Switch user: Instantly switch to any user account from the *Users* screen.
19
+ * Switch back: Instantly switch back to your originating account.
20
+ * Switch off: Log out of your account but retain the ability to instantly switch back in again.
21
+ * It's completely secure (see the *Security* section below).
22
+ * Compatible with WordPress, WordPress Multisite, BuddyPress and bbPress.
23
+
24
+ = Security =
25
+
26
+ * Only users with the ability to edit other users can switch user accounts. By default this is only Administrators on single site installs, and Super Admins on Multisite installs.
27
+ * Passwords are not (and cannot be) revealed.
28
+ * Uses the cookie authentication system in WordPress when remembering the account(s) you've switched from and when switching back.
29
+ * Implements the nonce security system in WordPress, meaning only those who intend to switch users can switch.
30
+ * Full support for administration over SSL (if applicable).
31
+
32
+ = Usage =
33
+
34
+ 1. Visit the *Users* menu in WordPress and you'll see a *Switch To* link next to each user.
35
+ 2. Click this and you will immediately switch into that user account.
36
+ 3. You can switch back to your originating account via the *Switch back* link on each dashboard screen or in your profile menu in the WordPress toolbar.
37
+
38
+ See the [FAQ](https://wordpress.org/plugins/user-switching/faq/) for information about the *Switch Off* feature.
39
+
40
+ = Translations Included =
41
+
42
+ * العربية (Arabic)
43
+ * Български (Bulgarian)
44
+ * 中文 (Chinese Simplified)
45
+ * Hrvatski (Croatian)
46
+ * Nederlands (Dutch)
47
+ * Suomi (Finnish)
48
+ * Français (French)
49
+ * Deutsch (German)
50
+ * Ελληνικά (Greek)
51
+ * עִבְרִית (Hebrew)
52
+ * Bahasa Indonesia (Indonesian)
53
+ * Italiano (Italian)
54
+ * 日本語 (Japanese)
55
+ * Lietuvių kalba (Lithuanian)
56
+ * Norsk bokmål (Norwegian)
57
+ * فارسی (Persian)
58
+ * Polski (Polish)
59
+ * Português do Brasil (Brazilian Portuguese)
60
+ * Română (Romanian)
61
+ * Русский (Russian)
62
+ * Slovenčina (Slovak)
63
+ * Español (Spanish)
64
+ * Türkçe (Turkish)
65
+
66
+ Thanks to translations by Hassan Hisham, Tunghsiao Liu, Francois-Xavier Bénard, Ralph Stenzel, Rami Y, Yusuke Hayasaki, Tommixoft, Amin Ab, Bartosz Arendt, Raphael Mendonça, R J, Max Samael, Eko Ikhyar, Marcelo Pedra, Abdullah Pazarbasi, ArianServ, SilverXp, Evi Giannakou, Petya Raykovska, Martin Sauter, Yaser Tallo, Enrique Errando, Sami Keijonen, Kalina Michocka, Alessandro Curci, Alessandro Tesoro, Ante Sepic, and Per Søderlind!
67
+
68
+ == Screenshots ==
69
+
70
+ 1. ![The *Switch To* link on the Users screen](https://raw.github.com/johnbillion/user-switching/master/assets-wp-repo/screenshot-1.png)
71
+ 2. ![The *Switch To* link on a user's profile](https://raw.github.com/johnbillion/user-switching/master/assets-wp-repo/screenshot-2.png)
72
+
73
+ == Installation ==
74
+
75
+ If you have the [WordPress Developer plugin](https://wordpress.org/plugins/developer/) installed then User Switching is a one-click install from the Tools -> Developer screen.
76
+
77
+ Alternatively, you can install this plugin directly from your WordPress dashboard:
78
+
79
+ 1. Go to the *Plugins* menu and click *Add New*.
80
+ 2. Search for *User Switching*.
81
+ 3. Click *Install Now* next to the *User Switching* plugin.
82
+ 4. Activate the plugin.
83
+
84
+ == Frequently Asked Questions ==
85
+
86
+ = What does "Switch off" mean? =
87
+
88
+ Switching off logs you out of your account but retains your user ID in an authentication cookie so you can switch straight back without having to log in again manually. It's akin to switching to no user, and being able to switch back.
89
+
90
+ The *Switch Off* link can be found in your profile menu in the WordPress toolbar. Once you've switched off you'll see a *Switch back* link in the footer of your site.
91
+
92
+ = Does this plugin work with WordPress Multisite? =
93
+
94
+ Yes, and you'll also be able to switch users from the Users screen in Network Admin.
95
+
96
+ = Does this plugin work with BuddyPress? =
97
+
98
+ Yes, and you'll also be able to switch users from member profile screens and the member listing screen.
99
+
100
+ = Does this plugin work with bbPress? =
101
+
102
+ Yes, and you'll also be able to switch users from member profile screens.
103
+
104
+ = Does this work as a mu-plugin? =
105
+
106
+ Yes, but you'll need to install `user-switching.php` into the root of your `mu-plugins` directory, not in the `user-switching` subdirectory. This is a restriction of WordPress.
107
+
108
+ = What capability does a user need in order to switch accounts? =
109
+
110
+ A user needs the `edit_users` capability in order to switch user accounts. By default only Administrators have this capability, and with Multisite enabled only Super Admins have this capability.
111
+
112
+ = Can regular admins on Multisite installs switch accounts? =
113
+
114
+ No. This can be enabled though by installing the [User Switching for Regular Admins](https://github.com/johnbillion/user-switching-for-regular-admins) plugin.
115
+
116
+ = Are any plugin hooks called when users switch accounts? =
117
+
118
+ Yes. When a user switches to another account, the `switch_to_user` hook is called with the new and old user IDs passed as parameters.
119
+
120
+ When a user switches back to their original account, the `switch_back_user` hook is called with the new (original) and old user IDs passed as parameters. Note that the old user ID can be boolean false if the user is switching back after they've been switched off.
121
+
122
+ When a user switches off, the `switch_off_user` hook is called with the old user ID as a parameter.
123
 
124
  == Upgrade Notice ==
125
 
126
+ = 1.0.6 =
127
+ * Correct the values passed to the `switch_back_user` action when a user switches back.
128
 
129
  == Changelog ==
130
 
131
+ = 1.0.6 =
132
+ * Correct the values passed to the `switch_back_user` action when a user switches back.
133
+ * More code standards tweaks.
134
+
135
  = 1.0.5 =
136
  * Norwegian translation by Per Søderlind.
137
  * Code standards tweaks.
user-switching.php CHANGED
@@ -2,7 +2,7 @@
2
  /*
3
  Plugin Name: User Switching
4
  Description: Instant switching between user accounts in WordPress
5
- Version: 1.0.5
6
  Plugin URI: https://johnblackbourn.com/wordpress-plugin-user-switching/
7
  Author: John Blackbourn
8
  Author URI: https://johnblackbourn.com/
@@ -73,15 +73,7 @@ class user_switching {
73
 
74
  // User Switching's logged_in_cookie
75
  if ( ! defined( 'USER_SWITCHING_OLDUSER_COOKIE' ) ) {
76
- if ( defined( 'OLDUSER_COOKIE' ) ) {
77
- trigger_error( sprintf(
78
- 'The OLDUSER_COOKIE constant is deprecated. See <code>%s()</code>.',
79
- __METHOD__
80
- ), ( WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE ) );
81
- define( 'USER_SWITCHING_OLDUSER_COOKIE', OLDUSER_COOKIE );
82
- } else {
83
- define( 'USER_SWITCHING_OLDUSER_COOKIE', 'wordpress_user_sw_olduser_' . COOKIEHASH );
84
- }
85
  }
86
 
87
  }
@@ -243,7 +235,7 @@ class user_switching {
243
  */
244
  protected static function get_redirect( WP_User $new_user = null, WP_User $old_user = null ) {
245
 
246
- if ( isset( $_REQUEST['redirect_to'] ) and ! empty( $_REQUEST['redirect_to'] ) ) {
247
  $redirect_to = self::remove_query_args( $_REQUEST['redirect_to'] );
248
  $requested_redirect_to = $_REQUEST['redirect_to'];
249
  } else {
@@ -274,12 +266,12 @@ class user_switching {
274
  <p><span class="dashicons dashicons-admin-users" style="color:#56c234"></span>
275
  <?php
276
  if ( isset( $_GET['user_switched'] ) ) {
277
- printf( esc_html__( 'Switched to %1$s (%2$s).', 'user-switching' ), $user->display_name, $user->user_login );
278
  }
279
  $url = add_query_arg( array(
280
  'redirect_to' => urlencode( self::current_url() ),
281
  ), self::switch_back_url( $old_user ) );
282
- printf( ' <a href="%s">%s</a>.', esc_url( $url ), sprintf( esc_html__( 'Switch back to %1$s (%2$s)', 'user-switching' ), $old_user->display_name, $old_user->user_login ) );
283
  ?></p>
284
  </div>
285
  <?php
@@ -290,9 +282,9 @@ class user_switching {
290
  <div id="user_switching" class="updated">
291
  <p><?php
292
  if ( isset( $_GET['switched_back'] ) ) {
293
- printf( esc_html__( 'Switched back to %1$s (%2$s).', 'user-switching' ), $user->display_name, $user->user_login );
294
  } else {
295
- printf( esc_html__( 'Switched to %1$s (%2$s).', 'user-switching' ), $user->display_name, $user->user_login );
296
  }
297
  ?></p>
298
  </div>
@@ -332,7 +324,7 @@ class user_switching {
332
  $scheme = 'auth';
333
  }
334
  if ( $old_user_id = wp_validate_auth_cookie( end( $cookie ), $scheme ) ) {
335
- return ( $user->ID == $old_user_id );
336
  }
337
  }
338
  return false;
@@ -352,7 +344,7 @@ class user_switching {
352
  return;
353
  }
354
 
355
- if ( method_exists( $wp_admin_bar, 'get_node' ) and $wp_admin_bar->get_node( 'user-actions' ) ) {
356
  $parent = 'user-actions';
357
  } else if ( get_option( 'show_avatars' ) ) {
358
  $parent = 'my-account-with-avatar';
@@ -365,7 +357,7 @@ class user_switching {
365
  $wp_admin_bar->add_menu( array(
366
  'parent' => $parent,
367
  'id' => 'switch-back',
368
- 'title' => sprintf( esc_html__( 'Switch back to %1$s (%2$s)', 'user-switching' ), $old_user->display_name, $old_user->user_login ),
369
  'href' => add_query_arg( array(
370
  'redirect_to' => urlencode( self::current_url() ),
371
  ), self::switch_back_url( $old_user ) )
@@ -398,7 +390,7 @@ class user_switching {
398
  */
399
  public function action_wp_meta() {
400
 
401
- if ( ! is_admin_bar_showing() and $old_user = self::get_old_user() ) {
402
  $link = sprintf( __( 'Switch back to %1$s (%2$s)', 'user-switching' ), $old_user->display_name, $old_user->user_login );
403
  $url = add_query_arg( array(
404
  'redirect_to' => urlencode( self::current_url() )
@@ -413,7 +405,7 @@ class user_switching {
413
  */
414
  public function action_wp_footer() {
415
 
416
- if ( ! did_action( 'wp_meta' ) and ! is_admin_bar_showing() and $old_user = self::get_old_user() ) {
417
  $link = sprintf( __( 'Switch back to %1$s (%2$s)', 'user-switching' ), $old_user->display_name, $old_user->user_login );
418
  $url = add_query_arg( array(
419
  'redirect_to' => urlencode( self::current_url() )
@@ -434,7 +426,7 @@ class user_switching {
434
  if ( $old_user = self::get_old_user() ) {
435
  $link = sprintf( __( 'Switch back to %1$s (%2$s)', 'user-switching' ), $old_user->display_name, $old_user->user_login );
436
  $url = self::switch_back_url( $old_user );
437
- if ( isset( $_REQUEST['redirect_to'] ) and ! empty( $_REQUEST['redirect_to'] ) ) {
438
  $url = add_query_arg( array(
439
  'redirect_to' => urlencode( $_REQUEST['redirect_to'] )
440
  ), $url );
@@ -471,7 +463,7 @@ class user_switching {
471
 
472
  global $bp, $members_template;
473
 
474
- if ( ! empty( $members_template ) and empty( $bp->displayed_user->id ) ) {
475
  $user = get_userdata( $members_template->member->id );
476
  } else {
477
  $user = get_userdata( $bp->displayed_user->id );
@@ -496,12 +488,14 @@ class user_switching {
496
  $component = 'core';
497
  }
498
 
 
499
  echo bp_get_button( array(
500
  'id' => 'user_switching',
501
  'component' => $component,
502
  'link_href' => esc_url( $link ),
503
  'link_text' => esc_html__( 'Switch&nbsp;To', 'user-switching' ),
504
  ) );
 
505
 
506
  }
507
 
@@ -553,7 +547,7 @@ class user_switching {
553
 
554
  $old_user = self::get_old_user();
555
 
556
- if ( $old_user and ( $old_user->ID == $user->ID ) ) {
557
  return self::switch_back_url( $old_user );
558
  } else if ( current_user_can( 'switch_to_user', $user->ID ) ) {
559
  return self::switch_to_url( $user );
@@ -635,7 +629,7 @@ class user_switching {
635
  * @return bool Should the old user cookie be secure?
636
  */
637
  public static function secure_olduser_cookie() {
638
- return ( is_ssl() and ( 'https' === parse_url( home_url(), PHP_URL_SCHEME ) ) );
639
  }
640
 
641
  /**
@@ -646,7 +640,7 @@ class user_switching {
646
  * @return bool Should the auth cookie be secure?
647
  */
648
  public static function secure_auth_cookie() {
649
- return ( is_ssl() and ( 'https' === parse_url( wp_login_url(), PHP_URL_SCHEME ) ) );
650
  }
651
 
652
  /**
@@ -668,7 +662,7 @@ class user_switching {
668
  */
669
  public function filter_user_has_cap( array $user_caps, array $required_caps, array $args ) {
670
  if ( 'switch_to_user' === $args[0] ) {
671
- $user_caps['switch_to_user'] = ( user_can( $args[1], 'edit_user', $args[2] ) and ( $args[2] != $args[1] ) );
672
  } else if ( 'switch_off' === $args[0] ) {
673
  $user_caps['switch_off'] = user_can( $args[1], 'edit_users' );
674
  }
@@ -688,7 +682,7 @@ class user_switching {
688
  * @return array Required capabilities for the requested action.
689
  */
690
  public function filter_map_meta_cap( array $required_caps, $cap, $user_id, array $args ) {
691
- if ( ( 'switch_to_user' === $cap ) and ( $args[0] == $user_id ) ) {
692
  $required_caps[] = 'do_not_allow';
693
  }
694
  return $required_caps;
@@ -755,7 +749,7 @@ function user_switching_clear_olduser_cookie( $clear_all = true ) {
755
  if ( ! empty( $auth_cookie ) ) {
756
  array_pop( $auth_cookie );
757
  }
758
- if ( $clear_all or empty( $auth_cookie ) ) {
759
  $expire = time() - 31536000;
760
  setcookie( USER_SWITCHING_COOKIE, ' ', $expire, SITECOOKIEPATH, COOKIE_DOMAIN );
761
  setcookie( USER_SWITCHING_SECURE_COOKIE, ' ', $expire, SITECOOKIEPATH, COOKIE_DOMAIN );
@@ -806,7 +800,7 @@ function user_switching_get_auth_cookie() {
806
  if ( isset( $_COOKIE[ $auth_cookie_name ] ) ) {
807
  $cookie = json_decode( stripslashes( $_COOKIE[ $auth_cookie_name ] ) );
808
  }
809
- if ( ! isset( $cookie ) or ! is_array( $cookie ) ) {
810
  $cookie = array();
811
  }
812
  return $cookie;
@@ -827,11 +821,11 @@ function switch_to_user( $user_id, $remember = false, $set_old_user = true ) {
827
  return false;
828
  }
829
 
830
- if ( $set_old_user and is_user_logged_in() ) {
831
- $old_user_id = get_current_user_id();
 
832
  user_switching_set_olduser_cookie( $old_user_id );
833
  } else {
834
- $old_user_id = false;
835
  user_switching_clear_olduser_cookie( false );
836
  }
837
 
@@ -863,6 +857,7 @@ function switch_off_user() {
863
 
864
  user_switching_set_olduser_cookie( $old_user_id );
865
  wp_clear_auth_cookie();
 
866
 
867
  do_action( 'switch_off_user', $old_user_id );
868
 
2
  /*
3
  Plugin Name: User Switching
4
  Description: Instant switching between user accounts in WordPress
5
+ Version: 1.0.6
6
  Plugin URI: https://johnblackbourn.com/wordpress-plugin-user-switching/
7
  Author: John Blackbourn
8
  Author URI: https://johnblackbourn.com/
73
 
74
  // User Switching's logged_in_cookie
75
  if ( ! defined( 'USER_SWITCHING_OLDUSER_COOKIE' ) ) {
76
+ define( 'USER_SWITCHING_OLDUSER_COOKIE', 'wordpress_user_sw_olduser_' . COOKIEHASH );
 
 
 
 
 
 
 
 
77
  }
78
 
79
  }
235
  */
236
  protected static function get_redirect( WP_User $new_user = null, WP_User $old_user = null ) {
237
 
238
+ if ( isset( $_REQUEST['redirect_to'] ) && ! empty( $_REQUEST['redirect_to'] ) ) {
239
  $redirect_to = self::remove_query_args( $_REQUEST['redirect_to'] );
240
  $requested_redirect_to = $_REQUEST['redirect_to'];
241
  } else {
266
  <p><span class="dashicons dashicons-admin-users" style="color:#56c234"></span>
267
  <?php
268
  if ( isset( $_GET['user_switched'] ) ) {
269
+ echo esc_html( sprintf( __( 'Switched to %1$s (%2$s).', 'user-switching' ), $user->display_name, $user->user_login ) );
270
  }
271
  $url = add_query_arg( array(
272
  'redirect_to' => urlencode( self::current_url() ),
273
  ), self::switch_back_url( $old_user ) );
274
+ printf( ' <a href="%s">%s</a>.', esc_url( $url ), esc_html( sprintf( __( 'Switch back to %1$s (%2$s)', 'user-switching' ), $old_user->display_name, $old_user->user_login ) ) );
275
  ?></p>
276
  </div>
277
  <?php
282
  <div id="user_switching" class="updated">
283
  <p><?php
284
  if ( isset( $_GET['switched_back'] ) ) {
285
+ echo esc_html( sprintf( __( 'Switched back to %1$s (%2$s).', 'user-switching' ), $user->display_name, $user->user_login ) );
286
  } else {
287
+ echo esc_html( sprintf( __( 'Switched to %1$s (%2$s).', 'user-switching' ), $user->display_name, $user->user_login ) );
288
  }
289
  ?></p>
290
  </div>
324
  $scheme = 'auth';
325
  }
326
  if ( $old_user_id = wp_validate_auth_cookie( end( $cookie ), $scheme ) ) {
327
+ return ( $user->ID === $old_user_id );
328
  }
329
  }
330
  return false;
344
  return;
345
  }
346
 
347
+ if ( method_exists( $wp_admin_bar, 'get_node' ) && $wp_admin_bar->get_node( 'user-actions' ) ) {
348
  $parent = 'user-actions';
349
  } else if ( get_option( 'show_avatars' ) ) {
350
  $parent = 'my-account-with-avatar';
357
  $wp_admin_bar->add_menu( array(
358
  'parent' => $parent,
359
  'id' => 'switch-back',
360
+ 'title' => esc_html( sprintf( __( 'Switch back to %1$s (%2$s)', 'user-switching' ), $old_user->display_name, $old_user->user_login ) ),
361
  'href' => add_query_arg( array(
362
  'redirect_to' => urlencode( self::current_url() ),
363
  ), self::switch_back_url( $old_user ) )
390
  */
391
  public function action_wp_meta() {
392
 
393
+ if ( ! is_admin_bar_showing() && $old_user = self::get_old_user() ) {
394
  $link = sprintf( __( 'Switch back to %1$s (%2$s)', 'user-switching' ), $old_user->display_name, $old_user->user_login );
395
  $url = add_query_arg( array(
396
  'redirect_to' => urlencode( self::current_url() )
405
  */
406
  public function action_wp_footer() {
407
 
408
+ if ( ! did_action( 'wp_meta' ) && ! is_admin_bar_showing() && $old_user = self::get_old_user() ) {
409
  $link = sprintf( __( 'Switch back to %1$s (%2$s)', 'user-switching' ), $old_user->display_name, $old_user->user_login );
410
  $url = add_query_arg( array(
411
  'redirect_to' => urlencode( self::current_url() )
426
  if ( $old_user = self::get_old_user() ) {
427
  $link = sprintf( __( 'Switch back to %1$s (%2$s)', 'user-switching' ), $old_user->display_name, $old_user->user_login );
428
  $url = self::switch_back_url( $old_user );
429
+ if ( isset( $_REQUEST['redirect_to'] ) && ! empty( $_REQUEST['redirect_to'] ) ) {
430
  $url = add_query_arg( array(
431
  'redirect_to' => urlencode( $_REQUEST['redirect_to'] )
432
  ), $url );
463
 
464
  global $bp, $members_template;
465
 
466
+ if ( ! empty( $members_template ) && empty( $bp->displayed_user->id ) ) {
467
  $user = get_userdata( $members_template->member->id );
468
  } else {
469
  $user = get_userdata( $bp->displayed_user->id );
488
  $component = 'core';
489
  }
490
 
491
+ // @codingStandardsIgnoreStart
492
  echo bp_get_button( array(
493
  'id' => 'user_switching',
494
  'component' => $component,
495
  'link_href' => esc_url( $link ),
496
  'link_text' => esc_html__( 'Switch&nbsp;To', 'user-switching' ),
497
  ) );
498
+ // @codingStandardsIgnoreEnd
499
 
500
  }
501
 
547
 
548
  $old_user = self::get_old_user();
549
 
550
+ if ( $old_user && ( $old_user->ID === $user->ID ) ) {
551
  return self::switch_back_url( $old_user );
552
  } else if ( current_user_can( 'switch_to_user', $user->ID ) ) {
553
  return self::switch_to_url( $user );
629
  * @return bool Should the old user cookie be secure?
630
  */
631
  public static function secure_olduser_cookie() {
632
+ return ( is_ssl() && ( 'https' === parse_url( home_url(), PHP_URL_SCHEME ) ) );
633
  }
634
 
635
  /**
640
  * @return bool Should the auth cookie be secure?
641
  */
642
  public static function secure_auth_cookie() {
643
+ return ( is_ssl() && ( 'https' === parse_url( wp_login_url(), PHP_URL_SCHEME ) ) );
644
  }
645
 
646
  /**
662
  */
663
  public function filter_user_has_cap( array $user_caps, array $required_caps, array $args ) {
664
  if ( 'switch_to_user' === $args[0] ) {
665
+ $user_caps['switch_to_user'] = ( user_can( $args[1], 'edit_user', $args[2] ) && ( $args[2] != $args[1] ) );
666
  } else if ( 'switch_off' === $args[0] ) {
667
  $user_caps['switch_off'] = user_can( $args[1], 'edit_users' );
668
  }
682
  * @return array Required capabilities for the requested action.
683
  */
684
  public function filter_map_meta_cap( array $required_caps, $cap, $user_id, array $args ) {
685
+ if ( ( 'switch_to_user' === $cap ) && ( $args[0] == $user_id ) ) {
686
  $required_caps[] = 'do_not_allow';
687
  }
688
  return $required_caps;
749
  if ( ! empty( $auth_cookie ) ) {
750
  array_pop( $auth_cookie );
751
  }
752
+ if ( $clear_all || empty( $auth_cookie ) ) {
753
  $expire = time() - 31536000;
754
  setcookie( USER_SWITCHING_COOKIE, ' ', $expire, SITECOOKIEPATH, COOKIE_DOMAIN );
755
  setcookie( USER_SWITCHING_SECURE_COOKIE, ' ', $expire, SITECOOKIEPATH, COOKIE_DOMAIN );
800
  if ( isset( $_COOKIE[ $auth_cookie_name ] ) ) {
801
  $cookie = json_decode( stripslashes( $_COOKIE[ $auth_cookie_name ] ) );
802
  }
803
+ if ( ! isset( $cookie ) || ! is_array( $cookie ) ) {
804
  $cookie = array();
805
  }
806
  return $cookie;
821
  return false;
822
  }
823
 
824
+ $old_user_id = get_current_user_id();
825
+
826
+ if ( $set_old_user && $old_user_id ) {
827
  user_switching_set_olduser_cookie( $old_user_id );
828
  } else {
 
829
  user_switching_clear_olduser_cookie( false );
830
  }
831
 
857
 
858
  user_switching_set_olduser_cookie( $old_user_id );
859
  wp_clear_auth_cookie();
860
+ wp_set_current_user( 0 );
861
 
862
  do_action( 'switch_off_user', $old_user_id );
863