• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Ion Auth : Switching active users without an actual login

#1
[eluser]Unknown[/eluser]
In my application, there's a page wherein an authorised user can switch to the account of another, to enable them to investigate matters related to that user without a whole new backend to navigate and explore that data. I've coded this via re-setting the user's session to data drawn from the target user, eg the code looks something like the below:

Code:
$user = $this->db->query("select * from users where id=$user_id")->row_object();

$session_data = array(
'identity'             => $user->email,
'username'             => $user->username,
'email'                => $user->email,
'user_id'              => $user->id,
'old_last_login'       => $user->last_login
);

$this->session->set_userdata($session_data);

The issue, is that after about 5 minutes, the user is switched back to their original account. So far I'm labelling this bug as a 'feature' so have avoided backlash, but honestly, I can't see where it does it so I can fix it. The time seems to correlate to the session duration, however, a run through the Ion login code doesn't throw up anything that would suggest to me what might be going on here.

Would anyone be able to shed some light on the matter? Thanks in advance.


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.