Based largely on http://stackoverflow.com/questions/6491356/cakephp-admin-login-as-user-onclick, I created a method that will log an admin into their app as a specified user, and provide a way back to their admin account.
http://pastebin.com/BpCjAMME It works, in both directions, but my question is, is it secure? Can someone spoof the session data to have a session key of Auth.Admin.id = an admin id and then get logged in as admin? LaNcE -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
