|
|
|
|
|
|
by MartinCron
6029 days ago
|
|
|
If it's properly secured and leaves an audit trail (sounds like yours wasn't) an "impersonate user" feature is pretty much a must have for debugging problems on any site has content or behavior that varies per-user. I worked at a company that had properly encrypted passwords, but the customer support people would just ask the user for their username/password and login through the front door. Once I found out about that, I implemented a simple yet secured impersonate system and it has served us very well. |
|
|
The way I set it up is that the user must first log in to an administrator-level account before they can impersonate another user by entering a username or ID.