Download

User Switching

Af John Blackbourn & contributors

Beskrivelse

Dette plugin giver dig mulighed for hurtigt at skifte mellem brugerkonti i WordPress ved et klik på en knap. Du bliver straks logget ud og logget ind som din ønskede bruger. Dette er praktisk i testmiljøer, hvor du regelmæssigt logger af og på mellem forskellige konti, eller for administratorer, der har brug for at skifte mellem flere konti.

Features

  • Skift bruger: Skift straks til en hvilken som helst brugerkonto fra Brugere .
  • Skift tilbage: Skift straks tilbage til din oprindelige konto.
  • Sluk: Log af din konto, men bevar muligheden for øjeblikkeligt at skifte tilbage igen.
  • Switching between users is secure (see the Sikkerhed section below).
  • Compatible with WordPress, WordPress Multisite, WooCommerce, BuddyPress, bbPress, and most two-factor authentication plugins.

Sikkerhed

  • Kun brugere med mulighed for at redigere andre brugere kan skifte brugerkonti. Dette er som standard kun administratorer på installationer med et enkelt websted og super administratorer på Multisite installationer.
  • Passwords er ikke (og kan ikke blive) vist.
  • Bruger cookie-autentificerings systemet i WordPress, når den husker den eller de konti, du har skiftet fra, og når du skifter tilbage.
  • Implementerer nonce sikkerhedssystem i WordPress, hvilket betyder, at kun dem, der har til hensigt at skifte brugere kan skifte.
  • Fuld understøttelse af validering af brugersessioner, hvor det er relevant.
  • Fuld understøttelse af administration via SSL (hvis relevant).

Brug

  1. Besøg menuen Brugere i WordPress, og du vil se et Skift til link på listen over handlingslinks for hver bruger.
  2. Klik på dette, og du vil straks skifte til denne brugerkonto.
  3. Du kan skifte tilbage til din oprindelige konto via Skift tilbage link på hver administrationsvisning eller i din Profilmenu i WordPress værktøjslinje.

Se FAQ for at få oplysninger om funktionen Sluk.

Other Plugins

I maintain several other plugins for developers. Check them out:

  • Query Monitor is the developer tools panel for WordPress
  • WP Crontrol lets you view and control what’s happening in the WP-Cron system

Erklæring om beskyttelse af personlige oplysninger

Brugerskift bruger browser-cookies til at give brugerne mulighed for at skifte til en anden konto. Dens cookies fungere ved hjælp af den samme mekanisme som autentificering cookies i WordPress kerne, derfor indeholder deres værdier brugerens user_login felt i almindelig tekst, som bør behandles som potentielt personligt identificerbare oplysninger. Navnene på de cookies er:

  • wordpress_user_sw_{COOKIEHASH}
  • wordpress_user_sw_secure_{COOKIEHASH}
  • wordpress_user_sw_olduser_{COOKIEHASH}

Brugerskift sender ikke data til nogen tredjepart, og det omfatter heller ikke tredjepartsressourcer, og det vil det aldrig komme til at gøre.

See also the FAQ for some questions relating to privacy and safety when switching between users.

Ethical Open Source

User Switching is considered Ethical Open Source because it meets all of the criteria of The Ethical Source Definition (ESD):

  1. It benefits the commons.
  2. It is created in the open.
  3. Its community is welcoming and just.
  4. It puts accessibility first.
  5. It prioritizes user safety.
  6. It protects user privacy.
  7. It encourages fair compensation.

Skærmbilleder

  • The Switch To link on the Users screen

  • The Switch To link on a user's profile

FAQ

Does this plugin work with PHP 8?

Yes.

Hvad betyder “Sluk”?

Hvis du skifter tilbage logger du ud af din konto, men bevarer dit bruger-id i en godkendelses cookie, så du kan skifte direkte tilbage uden at skulle logge ind igen manuelt. Det er beslægtet med at skifte til ingen bruger, og være i stand til at skifte tilbage.

The Switch Off link can be found in your profile menu in the WordPress toolbar. Once you’ve switched off you’ll see a Switch back link on the Log In screen and in the footer of your site.

Virker dette plugin med WordPress Multisite?

Ja, og du vil også kunne skifte brugere fra Brugerlisten i netværksadministrator.

Virker dette plugin med BuddyPress?

Ja, og du vil også kunne skifte brugere fra medlemsprofiler og medlemslister.

Virker dette plugin med bbPress?

Ja, og du vil også kunne skifte brugere fra medlemsprofiler.

Virker dette plugin med WooCommerce?

Yes. For maximum compatibility you should use WooCommerce version 3.6 or later.

Virker dette plugin, selvom mit websted benytter en to-faktor godkendelse?

Ja, for det meste.

En undtagelse jeg er kender til, er Duo Security. Hvis du bruger dette plugin, skal du installere User Switching for Duo Security add-on plugin, som vil forhindre, at to-faktor godkendelsesprompt vises, når du skifter mellem brugere.

Hvilken egenskab har en bruger brug for at kunne skifte konto?

En bruger skal have edit_users egenskab for at skifte brugerkonto. Som standard har kun administratorer denne mulighed, og med Multisite aktiveret har kun super admins denne mulighed.

Kan muligheden for at skifte konto gives til andre brugere eller roller?

Ja. switch_usersmeta-funktionen kan gives eksplicit til en bruger eller en rolle for at give dem mulighed for at skifte brugere, uanset om de har edit_users egenskaben eller ej. Af praktiske årsager, vil brugeren eller rolle vil også have brug for list_users kapacitet, så de kan få adgang til brugere menuen i WordPress admin område.

Can the ability to switch accounts be denied from users?

Yes. User capabilities in WordPress can be set to false to deny them from a user. Denying the switch_users capability prevents the user from switching users, even if they have the edit_users capability.

add_filter( 'user_has_cap', function( $allcaps, $caps, $args, $user ) {
    if ( 'switch_to_user' === $args[0] ) {
        if ( my_condition() ) {
            $allcaps['switch_users'] = false;
        }
    }
    return $allcaps;
}, 9, 4 );

Note that this needs to happen before User Switching’s own capability filtering, hence the priority of 9.

Can I add a custom “Switch To” link to my own plugin or theme?

Yes. Use the user_switching::maybe_switch_url() method for this. It takes care of authentication and returns a nonce-protected URL for the current user to switch into the provided user account.

if ( method_exists( 'user_switching', 'maybe_switch_url' ) ) {
    $url = user_switching::maybe_switch_url( $target_user );
    if ( $url ) {
        printf(
            '<a href="%1$s">Switch to %2$s</a>',
            esc_url( $url ),
            esc_html( $target_user->display_name )
        );
    }
}

This link also works for switching back to the original user, but if you want an explicit link for this you can use the following code:

if ( method_exists( 'user_switching', 'get_old_user' ) ) {
    $old_user = user_switching::get_old_user();
    if ( $old_user ) {
        printf(
            '<a href="%1$s">Switch back to %2$s</a>',
            esc_url( user_switching::switch_back_url( $old_user ) ),
            esc_html( $old_user->display_name )
        );
    }
}

Can I determine whether the current user switched into their account?

Yes. Use the current_user_switched() function for this.

if ( function_exists( 'current_user_switched' ) ) {
    $switched_user = current_user_switched();
    if ( $switched_user ) {
        // User is logged in and has switched into their account.
        // $switched_user is the WP_User object for their originating user.
    }
}

Does this plugin allow a user to frame another user for an action?

Potentially yes, but User Switching includes some safety protections for this and there are further precautions you can take as a site administrator:

  • User Switching stores the ID of the originating user in the new session for the user they switch to. Although this session does not persist by default when they subsequently switch back, there will be a record of this ID if your MySQL server has query logging enabled.
  • User Switching stores the login name of the originating user in an authentication cookie (see the Privacy Statement for more information). If your server access logs store cookie data, there will be a record of this login name (along with the IP address) for each access request.
  • You can install an audit trail plugin such as Simple History, WP Activity Log, or Stream, all of which have built-in support for User Switching and all of which log an entry when a user switches into another account.
  • User Switching triggers an action when a user switches account, switches off, or switches back (see below). You can use these actions to perform additional logging for safety purposes depending on your requirements.

One or more of the above should allow you to correlate an action with the originating user when a user switches account, should you need to.

Bear in mind that even without the User Switching plugin in use, any user who has the ability to edit another user can still frame another user for an action by, for example, changing their password and manually logging into that account. If you are concerned about users abusing others, you should take great care when granting users administrative rights.

Kan almindelige administratorer på installationer med flere lokationer skifte konto?

Nej. Dette kan dog aktiveres ved at installere User Switching for Regular Admins plugin.

Kan jeg skifte brugere direkte fra admin-værktøjslinjen?

Ja, der er en tredjepart add-on plugin til dette: Admin Bar User Switching.

Kaldes nogen plugin actions, når en bruger skifter konto?

Ja. Når en bruger skifter til en anden konto, kaldes webhooken switch_to_user:

/**
 * Fires when a user switches to another user account.
 *
 * @since 0.6.0
 * @since 1.4.0 The `$new_token` and `$old_token` parameters were added.
 *
 * @param int    $user_id     The ID of the user being switched to.
 * @param int    $old_user_id The ID of the user being switched from.
 * @param string $new_token   The token of the session of the user being switched to. Can be an empty string
 *                            or a token for a session that may or may not still be valid.
 * @param string $old_token   The token of the session of the user being switched from.
 */
do_action( 'switch_to_user', $user_id, $old_user_id, $new_token, $old_token );

Når en bruger skifter tilbage til deres oprindelige konto, kaldes webhooken switch_back_user:

/**
 * Fires when a user switches back to their originating account.
 *
 * @since 0.6.0
 * @since 1.4.0 The `$new_token` and `$old_token` parameters were added.
 *
 * @param int       $user_id     The ID of the user being switched back to.
 * @param int|false $old_user_id The ID of the user being switched from, or false if the user is switching back
 *                               after having been switched off.
 * @param string    $new_token   The token of the session of the user being switched to. Can be an empty string
 *                               or a token for a session that may or may not still be valid.
 * @param string    $old_token   The token of the session of the user being switched from.
 */
do_action( 'switch_back_user', $user_id, $old_user_id, $new_token, $old_token );

Når en bruger slukker, kaldes webhooken switch_off_user:

/**
 * Fires when a user switches off.
 *
 * @since 0.6.0
 * @since 1.4.0 The `$old_token` parameter was added.
 *
 * @param int    $old_user_id The ID of the user switching off.
 * @param string $old_token   The token of the session of the user switching off.
 */
do_action( 'switch_off_user', $old_user_id, $old_token );

Desuden respekterer brugerskift følgende filtre fra WordPress kerne, når det er relevant:

  • login_redirect når der skiftes til en anden bruger.
  • logout_redirect når du skifter tilbage.

Do you accept donations?

I am accepting sponsorships via the GitHub Sponsors program and any support you can give will help me maintain this plugin and keep it free for everyone.

Anmeldelser

A Life-Saver For Admins to Help Customers

15. september, 2021
I use this to temporarily switch to Woocommerce customer accounts and help them checkout their shopping carts when problems prevent them from doing it themselves. This is essential because I don't have to rely on explaining multiple steps to old folks who hate computers. I can simply jump in and do it for them (without trying to login on another browser as a them while they can't remember login passwords and have to reset it and then they can't get to their email, and so on). This also works in a limited way for editor-role users such as staff members who I don't want to have admin-level access to WordPress. Love it!

Very helpful

28. juli, 2021
This plugin is very helpful to solve issues related to roles and capabilities. Highly recommended for any WP installation with non-admin users.
Read all 196 reviews

Contributors & Developers

“User Switching” is open source software. The following people have contributed to this plugin.

Bidragsydere

“User Switching” er blevet oversat til 44 lokalområder. Thank you to the translators for their contributions.

Translate “User Switching” into your language.

Interesseret i udvikling?

Gennemse koden, tjek SVN repository, eller abonner på udviklerloggen via RSS.

Ændringslog

1.5.8

  • Avoid a fatal if the interim-login query parameter is present on a page other than wp-login.php.

1.5.7

  • Fix some issues that could lead to PHP errors given a malformed cookie.
  • Fix documentation.

1.5.6

  • Add a class to the table row on the user edit screen.
  • Updated docs.

1.5.5

  • Added the user_switching_in_footer filter to disable output in footer on front end.
  • Documentation additions and improvements.

1.5.4

  • Fix a cookie issue caused by Jetpack 8.1.1 which prevented switching back to the original user.

1.5.3

  • Remove usage of a method that’s been deprecated in WordPress 5.3

1.5.2

  • Set the correct lang attribute on User Switching’s admin notice.
  • Move the WooCommerce session forgetting to an action callback so it can be unhooked if necessary.

1.5.1

  • Add appropriate HTTP response codes to the error states.
  • Display User Switching’s messages in the original user’s locale.
  • Increase the priority of the hook that sets up the cookie constants. See #40.
  • Don’t attempt to output the ‘Switch To’ link on author archives when the queried object isn’t a user. See #39.

1.5.0

  • Add support for forgetting WooCommerce sessions when switching between users. Requires WooCommerce 3.6+.

1.4.2

  • Don’t attempt to add the Switch To link to the admin toolbar when viewing an author archive in the admin area. This prevents a fatal error occurring when filtering custom post type listing screens by authors in the admin area.

1.4.1

  • Add a Switch To link to the Edit User admin toolbar menu when viewing an author archive.
  • Add a Switch back link to the Edit User admin toolbar menu when viewing an author archive and you’re already switched.

1.4.0

  • Add support for user session retention, reuse, and destruction when switching to and back from other user accounts.
  • Add support for the switch_users meta capability for fine grained control over the ability to switch user accounts.
  • More code and documentation quality improvements.

1.3.1

  • Add support for the X-Redirect-By header in WordPress 5.0.
  • Allow User Switching’s admin notices to be dismissed.
  • Introduce a privacy statement.

1.3.0

  • Update the BuddyPress compatibility.
  • Various code and inline docs improvements.

1.2.0

  • Improve the Switch Back functionality when the interim login window is shown.
  • Always show the Switch Back link in the Meta widget if it’s present.

1.1.0

  • Introduce a user_switching_switched_message filter to allow customisation of the message displayed to switched users in the admin area.
  • Switch to safe redirects for extra paranoid hardening.
  • Docblock improvements.
  • Coding standards improvements.

0.5.2

  • Farsi (Persian) translation by Amin Ab.
  • Display switch back links in Network Admin and login screen.
  • Avoid a BuddyPress bug preventing Switch To buttons from appearing.

0.5.1

  • Toolbar tweaks for WordPress 3.3.

0.5.1.1

  • Chinese Simplified translation by Sparanoid.

0.5.1.2

  • German translation by Ralph Stenzel.

0.5

  • New “Switch off” function: Log out and log instantly back in again when needed (see the FAQ).

0.4.1

  • Support for upcoming changes to the admin bar in WordPress 3.3.

0.4

  • Add some extended support for BuddyPress.
  • Add some extended support for Multisite.
  • Fix a permissions problem for users with no privileges.
  • Fix a PHP warning when used as a mu-plugin (thanks Scribu).

0.3.2

  • Fix the ‘Switch back to’ menu item in the WordPress admin bar (WordPress 3.1+).
  • Fix a formatting issue on the user profile page.

0.3.1

  • Prevent admins switching to multisite super admin accounts.

0.3

  • Adds an admin bar menu item (WordPress 3.1+) for switching back to the user you switched from.

0.2.2

  • Respect the current ‘Remember me’ setting when switching users.
  • Redirect to home page instead of admin screen if the user you’re switching to has no privileges.

0.2.1

  • Edge case bugfix to prevent ‘Switch back to…’ message appearing when it shouldn’t.

0.2

  • Functionality for switching back to user you switched from.

0.1

  • Initial release.

Meta

Bedømmelser

Vis alle
Log ind for at give en anmeldelse.

Bidragsydere

Support

Issues resolved in last two months:

6 out of 10

Vis supportforum

Donér

Would you like to support the advancement of this plugin?

Donér til dette plugin