From b703d81d86ae41e324e168d7187bbc741795a5fc Mon Sep 17 00:00:00 2001
From: Alan Knowles <alan@akbkhome.com>
Date: Thu, 16 Dec 2010 11:25:56 +0800
Subject: [PATCH] Pman/Login.php

---
 Pman/Login.php | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/Pman/Login.php b/Pman/Login.php
index f7327c9..1ed580f 100644
--- a/Pman/Login.php
+++ b/Pman/Login.php
@@ -125,12 +125,21 @@ class Pman_Login extends Pman
     
     function switchUser($id)
     {
+        $tbl = empty($ff->Pman['authTable']) ? 'Person' : $ff->Pman['authTable'];
+        $u = DB_DataObject::factory($tbl);
+        if (!$u->isAuth()) {
+            $this->err("not logged in");
+        }
+        
+        $au = $u->getAuthUser();
+        
+        
         // first check they have perms to do this..
-        if (!$this->authUser || ($this->authUser->company_id_comptype != 'OWNER') || !$this->hasPerm('Core.Person', 'E')) {
+        if (!$au|| ($au->company_id_comptype != 'OWNER') || !$this->hasPerm('Core.Person', 'E')) {
             $this->jerr("User switching not permitted");
         }
-        $old = clone($this->authUser);
-        $tbl = empty($ff->Pman['authTable']) ? 'Person' : $ff->Pman['authTable'];
+        $old = clone($au);
+        
         $u = DB_DataObject::factory($tbl);
         $u->get($id);
         if (!$u->active()) {
-- 
2.39.2