AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Redirect/show techs to technical dashboard on login/navbar

This commit is contained in:
Marcus Hill 2023-01-01 13:41:29 +00:00
parent 4ec88257d7
commit 07986954f5
2 changed files with 263 additions and 231 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

153
login.php
View File

@ -17,7 +17,7 @@ ini_set("session.cookie_httponly", True);
// Tell client to only send cookie(s) over HTTPS
if($config_https_only){
ini_set("session.cookie_secure", True);
ini_set("session.cookie_secure", True);
}
// Handle POST login request
@ -28,22 +28,22 @@ if(isset($_POST['login'])){
// Check recent failed login attempts for this IP (more than 10 failed logins in 5 mins)
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT(log_id) AS failed_login_count FROM logs WHERE log_ip = '$ip' AND log_type = 'Login' AND log_action = 'Failed' AND log_created_at > (NOW() - INTERVAL 5 MINUTE)"));
$failed_login_count = $row['failed_login_count'];
// Login brute force check
if($failed_login_count >= 10){
// Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Failed', log_description = 'Failed login attempt due to IP lockout', log_ip = '$ip', log_user_agent = '$user_agent'");
// Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Failed', log_description = 'Failed login attempt due to IP lockout', log_ip = '$ip', log_user_agent = '$user_agent'");
// Send an alert only count hits 10 to reduce flooding alerts (using 1 as "default" company)
if($failed_login_count == 10){
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Lockout', notification = '$ip was locked out for repeated failed login attempts.', notification_timestamp = NOW() company_id = '1'");
}
// Send an alert only count hits 10 to reduce flooding alerts (using 1 as "default" company)
if($failed_login_count == 10){
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Lockout', notification = '$ip was locked out for repeated failed login attempts.', notification_timestamp = NOW() company_id = '1'");
}
// Inform user
$response = '<div class=\'alert alert-danger\'>IP Lockout - Please try again later.<button class=\'close\' data-dismiss=\'alert\'>&times;</button></div>';
// Inform user
$response = '<div class=\'alert alert-danger\'>IP Lockout - Please try again later.<button class=\'close\' data-dismiss=\'alert\'>&times;</button></div>';
}
// Passed login brute force check
@ -74,24 +74,34 @@ if(isset($_POST['login'])){
$site_encryption_master_key = decryptUserSpecificKey($user_encryption_ciphertext, $password);
generateUserSessionKey($site_encryption_master_key);
// Setup extension
// Setup extension
if (isset($row['user_extension_key']) && !empty($row['user_extension_key'])) {
// Extension cookie
// Note: Browsers don't accept cookies with SameSite None if they are not HTTPS.
setcookie("user_extension_key", "$row[user_extension_key]", ['path' => '/', 'secure' => true, 'httponly' => true, 'samesite' => 'None']);
// Extension cookie
// Note: Browsers don't accept cookies with SameSite None if they are not HTTPS.
setcookie("user_extension_key", "$row[user_extension_key]", ['path' => '/', 'secure' => true, 'httponly' => true, 'samesite' => 'None']);
// Set PHP session in DB so we can access the session encryption data (above)
$user_php_session = session_id();
mysqli_query($mysqli, "UPDATE users SET user_php_session = '$user_php_session' WHERE user_id = '$user_id'");
// Set PHP session in DB so we can access the session encryption data (above)
$user_php_session = session_id();
mysqli_query($mysqli, "UPDATE users SET user_php_session = '$user_php_session' WHERE user_id = '$user_id'");
}
}
if (empty($token)) {
// Full Login successful
$_SESSION['logged'] = TRUE;
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Success', log_description = '$user_name successfully logged in', log_ip = '$ip', log_user_agent = '$user_agent', log_user_id = $user_id");
header("Location: dashboard_financial.php");
// Show start page/dashboard depending on role
if ($row['user_role'] == 2) {
header("Location: dashboard_technical.php");
} else {
header("Location: dashboard_financial.php");
}
} else {
// Prompt for MFA
$token_field = "<div class='input-group mb-3'>
<input type='text' class='form-control' placeholder='Token' name='current_code' autofocus>
<div class='input-group-append'>
@ -104,10 +114,17 @@ if(isset($_POST['login'])){
require_once("rfc6238.php");
if (TokenAuth6238::verify($token, $current_code)) {
// Full login (with MFA) successful
$_SESSION['logged'] = TRUE;
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login 2FA', log_action = 'Success', log_description = '$user_name successfully logged in using 2FA', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_user_id = $user_id");
//header("Location: $config_start_page");
header("Location: dashboard_financial.php");
// Show start page/dashboard depending on role
if ($row['user_role'] == 2) {
header("Location: dashboard_technical.php");
} else {
header("Location: dashboard_financial.php");
}
} else {
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = '2FA Failed', log_description = '$user_name failed 2FA', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_user_id = $user_id");
@ -138,60 +155,60 @@ if(isset($_POST['login'])){
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title><?php echo $config_app_name; ?> | Login</title>
<!-- Tell the browser to be responsive to screen width -->
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="robots" content="noindex">
<!-- Font Awesome -->
<link rel="stylesheet" href="plugins/fontawesome-free/css/all.min.css">
<!-- Theme style -->
<link rel="stylesheet" href="dist/css/adminlte.min.css">
<!-- Google Font: Source Sans Pro -->
<link href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700" rel="stylesheet">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title><?php echo $config_app_name; ?> | Login</title>
<!-- Tell the browser to be responsive to screen width -->
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="robots" content="noindex">
<!-- Font Awesome -->
<link rel="stylesheet" href="plugins/fontawesome-free/css/all.min.css">
<!-- Theme style -->
<link rel="stylesheet" href="dist/css/adminlte.min.css">
<!-- Google Font: Source Sans Pro -->
<link href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700" rel="stylesheet">
</head>
<body class="hold-transition login-page">
<div class="login-box">
<div class="login-logo">
<b>IT</b>Flow
</div>
<!-- /.login-logo -->
<div class="card">
<div class="card-body login-card-body">
<p class="login-box-msg"><?php if(isset($response)) { echo $response; } ?></p>
<form method="post">
<div class="input-group mb-3">
<input type="text" class="form-control" placeholder="Agent Email" name="email" value="<?php if(!empty($token_field)){ echo $email; }?>" required <?php if(empty($token_field)){ echo "autofocus"; } ?> >
<div class="input-group-append">
<div class="input-group-text">
<span class="fas fa-envelope"></span>
</div>
</div>
</div>
<div class="input-group mb-3">
<input type="password" class="form-control" placeholder="Agent Password" name="password" value="<?php if(!empty($token_field)){ echo $password; } ?>" required>
<div class="input-group-append">
<div class="input-group-text">
<span class="fas fa-lock"></span>
</div>
</div>
</div>
<?php if(!empty($token_field)){ echo $token_field; } ?>
<button type="submit" class="btn btn-primary btn-block mb-3" name="login">Sign In</button>
<hr><br>
<h4>Looking for the <a href="portal">Client Portal?<a/></h4>
</form>
<div class="login-logo">
<b>IT</b>Flow
</div>
<!-- /.login-logo -->
<div class="card">
<div class="card-body login-card-body">
<p class="login-box-msg"><?php if(isset($response)) { echo $response; } ?></p>
<form method="post">
<div class="input-group mb-3">
<input type="text" class="form-control" placeholder="Agent Email" name="email" value="<?php if(!empty($token_field)){ echo $email; }?>" required <?php if(empty($token_field)){ echo "autofocus"; } ?> >
<div class="input-group-append">
<div class="input-group-text">
<span class="fas fa-envelope"></span>
</div>
</div>
</div>
<!-- /.login-card-body -->
<div class="input-group mb-3">
<input type="password" class="form-control" placeholder="Agent Password" name="password" value="<?php if(!empty($token_field)){ echo $password; } ?>" required>
<div class="input-group-append">
<div class="input-group-text">
<span class="fas fa-lock"></span>
</div>
</div>
</div>
<?php if(!empty($token_field)){ echo $token_field; } ?>
<button type="submit" class="btn btn-primary btn-block mb-3" name="login">Sign In</button>
<hr><br>
<h4>Looking for the <a href="portal">Client Portal?<a/></h4>
</form>
</div>
<!-- /.login-card-body -->
</div>
</div>
<!-- /.login-box -->

341
side_nav.php
View File

@ -1,195 +1,210 @@
<!-- Main Sidebar Container -->
<aside class="main-sidebar sidebar-dark-primary elevation-3 d-print-none">
<!-- Sidebar -->
<div class="sidebar">
<!-- Sidebar -->
<div class="sidebar">
<!-- Sidebar Menu -->
<nav class="">
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id IN ($session_user_company_access)");
if(mysqli_num_rows($sql) > 1){
<!-- Sidebar Menu -->
<nav class="">
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id IN ($session_user_company_access)");
?>
if(mysqli_num_rows($sql) > 1){
<div class="dropdown brand-link">
<a class="" href="#" data-toggle="dropdown">
<h3 class="brand-text text-light mb-0"><?php echo htmlentities($session_company_name); ?> <small><i class="fa fa-caret-down"></i></small></h3>
</a>
?>
<ul class="dropdown-menu">
<?php
while($row = mysqli_fetch_array($sql)){
<div class="dropdown brand-link">
<a class="" href="#" data-toggle="dropdown">
<h3 class="brand-text text-light mb-0"><?php echo htmlentities($session_company_name); ?> <small><i class="fa fa-caret-down"></i></small></h3>
</a>
$company_id = $row['company_id'];
$company_name = htmlentities($row['company_name']);
<ul class="dropdown-menu">
?>
<li><a class="dropdown-item text-dark" href="post.php?switch_company=<?php echo $company_id; ?>"><?php echo $company_name; ?><?php if($company_id == $session_company_id){ echo "<i class='fa fa-check text-secondary ml-2'></i>"; } ?></a></li>
<?php
<?php
while($row = mysqli_fetch_array($sql)){
}
?>
$company_id = $row['company_id'];
$company_name = htmlentities($row['company_name']);
</ul>
</div>
?>
<?php }else{ ?>
<li><a class="dropdown-item text-dark" href="post.php?switch_company=<?php echo $company_id; ?>"><?php echo $company_name; ?><?php if($company_id == $session_company_id){ echo "<i class='fa fa-check text-secondary ml-2'></i>"; } ?></a></li>
<h2 class="brand-text text-light my-3"><i class="fas fa-cloud"></i> <?php echo htmlentities($session_company_name); ?></h2>
<?php
<?php } ?>
}
<form class="form-inline mb-3" action="global_search.php">
<div class="input-group">
<input class="form-control form-control-sidebar" type="search" placeholder="Search" name="query" value="<?php if(isset($_GET['query'])){ echo htmlentities($_GET['query']); } ?>">
<div class="input-group-append">
<button class="btn btn-sidebar" type="submit">
<i class="fas fa-search"></i>
</button>
</div>
</div>
</form>
?>
</ul>
</div>
<?php }else{ ?>
<h2 class="brand-text text-light my-3"><i class="fas fa-cloud"></i> <?php echo htmlentities($session_company_name); ?></h2>
<?php } ?>
<form class="form-inline mb-3" action="global_search.php">
<div class="input-group">
<input class="form-control form-control-sidebar" type="search" placeholder="Search" name="query" value="<?php if(isset($_GET['query'])){ echo htmlentities($_GET['query']); } ?>">
<div class="input-group-append">
<button class="btn btn-sidebar" type="submit">
<i class="fas fa-search"></i>
</button>
</div>
</div>
</form>
<ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" data-accordion="false">
<ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" data-accordion="false">
<li class="nav-item">
<a href="dashboard_financial.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "dashboard_financial.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-tachometer-alt"></i>
<p>Dashboard</p>
</a>
</li>
<li class="nav-item">
<a href="clients.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "clients.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-users"></i>
<p>Clients</p>
</a>
</li>
<?php if($session_user_role >= 2 && $config_module_enable_ticketing == 1){ ?>
<!-- Dashboard item (tech/financial) -->
<?php if ($session_user_role == 2){ ?>
<li class="nav-header mt-3">SUPPORT</li>
<li class="nav-item">
<a href="tickets.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "tickets.php" || basename($_SERVER["PHP_SELF"]) == "ticket.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-life-ring"></i>
<p>Tickets</p>
</a>
</li>
<li class="nav-item">
<a href="scheduled_tickets.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "scheduled_tickets.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-sync"></i>
<p>Scheduled Tickets</p>
</a>
</li>
<li class="nav-item">
<a href="calendar_events.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "calendar_events.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-calendar"></i>
<p>Calendar</p>
</a>
</li>
<li class="nav-item">
<a href="dashboard_technical.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "dashboard_technical.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-tachometer-alt"></i>
<p>Dashboard</p>
</a>
</li>
<?php } ?>
<?php } else { ?>
<li class="nav-header mt-3">SALES</li>
<li class="nav-item">
<a href="quotes.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "quotes.php" || basename($_SERVER["PHP_SELF"]) == "quote.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file-invoice"></i>
<p>Quotes</p>
</a>
</li>
<li class="nav-item">
<a href="invoices.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "invoices.php" || basename($_SERVER["PHP_SELF"]) == "invoice.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file-invoice-dollar"></i>
<p>Invoices</p>
</a>
</li>
<li class="nav-item">
<a href="revenues.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "revenues.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-credit-card"></i>
<p>Revenues</p>
</a>
</li>
<li class="nav-item">
<a href="recurring_invoices.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "recurring_invoices.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-sync-alt"></i>
<p>Recurring</p>
</a>
</li>
<li class="nav-item">
<a href="products.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "products.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-box"></i>
<p>Products</p>
</a>
</li>
<li class="nav-item">
<a href="dashboard_financial.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "dashboard_financial.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-tachometer-alt"></i>
<p>Dashboard</p>
</a>
</li>
<?php if($session_user_role == 1 OR $session_user_role == 3 && $config_module_enable_accounting == 1){ ?>
<?php } ?>
<!-- End dashboard item (tech/financial) -->
<li class="nav-header mt-3">ACCOUNTING</li>
<li class="nav-item">
<a href="payments.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "payments.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-credit-card"></i>
<p>Payments</p>
</a>
</li>
<li class="nav-item">
<a href="vendors.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "vendors.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-building"></i>
<p>Vendors</p>
</a>
</li>
<li class="nav-item">
<a href="expenses.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "expenses.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-shopping-cart"></i>
<p>Expenses</p>
</a>
</li>
<li class="nav-item">
<a href="trips.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "trips.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-route"></i>
<p>Trips</p>
</a>
</li>
<li class="nav-item">
<a href="transfers.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "transfers.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-exchange-alt"></i>
<p>Transfers</p>
</a>
</li>
<li class="nav-item">
<a href="clients.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "clients.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-users"></i>
<p>Clients</p>
</a>
</li>
<li class="nav-item">
<a href="report_income_summary.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "report_income_summary.php") { echo "active"; } ?>">
<i class="fas fa-chart-bar nav-icon"></i>
<p>Reports</p>
<i class="fas fa-angle-right nav-icon float-right"></i>
</a>
</li>
<?php if($session_user_role >= 2 && $config_module_enable_ticketing == 1){ ?>
<?php } ?>
<li class="nav-header mt-3">SUPPORT</li>
<li class="nav-item">
<a href="tickets.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "tickets.php" || basename($_SERVER["PHP_SELF"]) == "ticket.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-life-ring"></i>
<p>Tickets</p>
</a>
</li>
<li class="nav-item">
<a href="scheduled_tickets.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "scheduled_tickets.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-sync"></i>
<p>Scheduled Tickets</p>
</a>
</li>
<li class="nav-item">
<a href="calendar_events.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "calendar_events.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-calendar"></i>
<p>Calendar</p>
</a>
</li>
<?php if($session_user_role == 3){ ?>
<?php } ?>
<li class="nav-item mt-3">
<a href="users.php" class="nav-link">
<i class="nav-icon fas fa-cog"></i>
<p>Settings</p>
<i class="fas fa-angle-right nav-icon float-right"></i>
</a>
</li>
<li class="nav-header mt-3">SALES</li>
<li class="nav-item">
<a href="quotes.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "quotes.php" || basename($_SERVER["PHP_SELF"]) == "quote.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file-invoice"></i>
<p>Quotes</p>
</a>
</li>
<li class="nav-item">
<a href="invoices.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "invoices.php" || basename($_SERVER["PHP_SELF"]) == "invoice.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file-invoice-dollar"></i>
<p>Invoices</p>
</a>
</li>
<li class="nav-item">
<a href="revenues.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "revenues.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-credit-card"></i>
<p>Revenues</p>
</a>
</li>
<li class="nav-item">
<a href="recurring_invoices.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "recurring_invoices.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-sync-alt"></i>
<p>Recurring</p>
</a>
</li>
<li class="nav-item">
<a href="products.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "products.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-box"></i>
<p>Products</p>
</a>
</li>
<?php } ?>
<?php if($session_user_role == 1 OR $session_user_role == 3 && $config_module_enable_accounting == 1){ ?>
</ul>
</nav>
<!-- /.sidebar-menu -->
</div>
<!-- /.sidebar -->
<li class="nav-header mt-3">ACCOUNTING</li>
<li class="nav-item">
<a href="payments.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "payments.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-credit-card"></i>
<p>Payments</p>
</a>
</li>
<li class="nav-item">
<a href="vendors.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "vendors.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-building"></i>
<p>Vendors</p>
</a>
</li>
<li class="nav-item">
<a href="expenses.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "expenses.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-shopping-cart"></i>
<p>Expenses</p>
</a>
</li>
<li class="nav-item">
<a href="trips.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "trips.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-route"></i>
<p>Trips</p>
</a>
</li>
<li class="nav-item">
<a href="transfers.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "transfers.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-exchange-alt"></i>
<p>Transfers</p>
</a>
</li>
<li class="nav-item">
<a href="report_income_summary.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "report_income_summary.php") { echo "active"; } ?>">
<i class="fas fa-chart-bar nav-icon"></i>
<p>Reports</p>
<i class="fas fa-angle-right nav-icon float-right"></i>
</a>
</li>
<?php } ?>
<?php if($session_user_role == 3){ ?>
<li class="nav-item mt-3">
<a href="users.php" class="nav-link">
<i class="nav-icon fas fa-cog"></i>
<p>Settings</p>
<i class="fas fa-angle-right nav-icon float-right"></i>
</a>
</li>
<?php } ?>
</ul>
</nav>
<!-- /.sidebar-menu -->
</div>
<!-- /.sidebar -->
</aside>