Important Notice from AspDotNetStorefront
It is with dismay that we report that we have been forced, through the action of hackers, to shut off write-access to this forum. We are keen to leave the wealth of material available to you for research. We have opened a new forum from which our community of users can seek help, support and advice from us and from each other. To post a new question to our community, please visit: http://forums.vortx.com
Results 1 to 4 of 4

Thread: Impersonation Check

  1. 01-07-2010, 12:47 PM #1
    hjavaher is offline Member
    Join Date
    May 2009
    Posts
    34

    Default Impersonation Check

    Hi,
    How can I check to see if the customer is being impersonated by an admin, and if so, which one (Admin ID number)

    Thank you,
    Hiva Javaher
  2. 01-07-2010, 03:17 PM #2
    hjavaher is offline Member
    Join Date
    May 2009
    Posts
    34

    Default

    The Reason I am asking this question is that I need to differentiate between Phone Orders and regular online order that customers are placing themselves. Any help would be greatly appreciated.

    Thank you,
    Hiva
  3. 01-07-2010, 04:19 PM #3
    Jao is offline Senior Member
    Join Date
    Oct 2008
    Posts
    1,132

    Default

    Anyone who has an Admin right can impersonate a customer. As of now, the store doesn't have the notification if the customer is being impersonated. Although, the store uses a form authentication, to verify if another session of that customer is being generated on another computer...
  4. 05-19-2010, 06:28 AM #4
    parrothead is offline Member
    Join Date
    Mar 2008
    Posts
    32

    Default Here's what I did in the PhoneOrder.aspx.vb

    Private Sub SetToImpersonationPageContext(ByVal CustomerID As Integer, ByVal PageName As String, ByVal UseEmptyTemplate As Boolean)
    Dim IGD As String = String.Empty
    Dim rs As IDataReader = DB.GetRS("Select CustomerGUID from Customer " & DB.GetNoLock() & " where deleted=0 and IsAdmin=0 and CustomerID=" & CustomerID.ToString())
    If rs.Read() Then
    IGD = DB.RSFieldGUID(rs, "CustomerGUID").ToString()
    End If
    rs.Close()
    'LDR - MOD Use session variable to hold Inside Salesperson's Name for use in checkoutreview.aspx
    Session.Add("Impersonator", ThisCustomer.FirstName.ToUpper.Trim)
    Dim Url As String = PageName & CommonLogic.IIF(PageName.IndexOf("?") = -1, "?", "&") & "IGD=" & IGD.ToString()
    SetFramePage("ImpersonationFrame", Url)
    End Sub
    Parrothead
    "I'd rather die while I'm livin' than live while I'm dead."