From 118cc108046a1500ba34187bd81ad529b7c12c8c Mon Sep 17 00:00:00 2001
From: johnnyq <johnny@pittpc.com>
Date: Fri, 30 Jan 2026 13:36:18 -0500
Subject: [PATCH] During load user session check if user is archived and 
 active, prevents users from making further actions if they are disabled or
 archived but are still logged in

---
 includes/load_user_session.php | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/includes/load_user_session.php b/includes/load_user_session.php
index 4f40503a..e6f04fc2 100644
--- a/includes/load_user_session.php
+++ b/includes/load_user_session.php
@@ -19,6 +19,8 @@ $session_email = $row['user_email'];
 $session_avatar = $row['user_avatar'];
 $session_token = $row['user_token'];
 $session_user_type = intval($row['user_type']);
+$session_user_archived_at = $row['user_archived_at'];
+$session_user_status = intval($row['user_status']);
 $session_user_role = intval($row['user_role_id']);
 $session_user_role_display = sanitizeInput($row['role_name']);
 $session_is_admin = isset($row['role_is_admin']) && $row['role_is_admin'] == 1;
@@ -26,10 +28,25 @@ $session_user_config_force_mfa = intval($row['user_config_force_mfa']);
 $user_config_records_per_page = intval($row['user_config_records_per_page']);
 $user_config_theme_dark = intval($row['user_config_theme_dark']);
 
+// Check user type is agent aka 1
 if ($session_user_type !== 1) {
     session_unset();
     session_destroy();
-    redirect("/client/login.php");
+    redirect("/login.php");
+}
+
+// Check User is active
+if ($session_user_status !== 1) {
+    session_unset();
+    session_destroy();
+    redirect("/login.php");
+}
+
+// Check User is archived
+if ($session_user_archived_at !== null) {
+    session_unset();
+    session_destroy();
+    redirect("/login.php");
 }
 
 // Load user client permissions