0

I am building a method for impersonating a certain user on my website, similar to how Facebook now does it on the profiles with the "View As" button.

The goal here is to be able to append the user id of the person that I would like to impersonate to the query string like so: viewas=1234. Upon seeing that, the site would allow me (as an admin) to "impersonate" that user.

However, the problem comes with carrying the "impersonation" state between page loads. Each link that I click on will need to be adjusted to carry the viewas=1234.

For example, a link that would typically look like this...

<a href='http://www.example.com/profile?profileid=5678'>My Profile</a>

...would have to dynamically know to turn into...

<a href='http://www.example.com/profile?profileid=5678&viewas=1234'>My Profile</a>

...whenever I would like to impersonate the user with the id 1234. And this would have to happen site wide.

Is the best way to somehow do this with JS after the load, with PHP on the server side, or something else?

Improve this question
3
  • 1
    Would it also need to take care of an already existing query string? Commented Oct 18, 2011 at 16:50
  • Yes...i'll update with a between example...good question :) Commented Oct 18, 2011 at 16:51
  • look there many exemples of building links php.net/manual/en/function.http-build-query.php Commented Oct 18, 2011 at 18:48

3 Answers 3

Reset to default
2

jQuery is ideal for this sort of thing; create a selector for all 'a' tags, and append the query string to the href property.

For example,

$('a').each(function () {
  var href = $(this).attr('href');
  href += '?viewas=1234';
  $(this).attr('href',href);
});
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

makes sense...it'd have to be slightly more involved i think, because there might sometimes be GET values in the url already...but i get whatcha sayin ;)
1

Not sure whether this is the answer you'd be looking for, however here it goes. I recently had to implement a similar set of functionality. I went with storing the value of "viewas" in the session variable. This way, there is no need to modify HTML, javascript, etc. - only your code (which you already are modifying anyway to handle the query string) - in the code check the session variable instead.

You can then unset this variable when the admin "logs out" from impersonation.

Improve this answer

1 Comment

hmm thats not a bad option either. i could add a toolbar at the top of the page to manage the impersonation state
1

You should detect if it has been set, if so, append it for each link.

Something like:

if (isset($_GET['viewas'])){
   $linkurl .= '&viewas='.$_GET['viewas'];
}

of course you should not do the check for every link, but make it a set variable. Also do some security checks so you know for sure it is an valid viewas.

Improve this answer

1 Comment

That makes sense and seems simple until I have many links on a page that need to be adjusted. would you suggest simply packaging this as a function or something?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.