AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 02:44:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

During load user session check if user is archived and active, prevents users from making further actions if they are disabled or archived but are still logged in

Browse Source
This commit is contained in:
johnnyq
2026-01-30 13:36:18 -05:00
parent ae3386f2d5
commit 118cc10804
1 changed files with 18 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
includes/load_user_session.php
View File

@@ -19,6 +19,8 @@ $session_email = $row['user_email'];
$session_avatar = $row['user_avatar'];
$session_token = $row['user_token'];
$session_user_type = intval($row['user_type']);
$session_user_archived_at = $row['user_archived_at'];
$session_user_status = intval($row['user_status']);
$session_user_role = intval($row['user_role_id']);
$session_user_role_display = sanitizeInput($row['role_name']);
$session_is_admin = isset($row['role_is_admin']) && $row['role_is_admin'] == 1;
@@ -26,10 +28,25 @@ $session_user_config_force_mfa = intval($row['user_config_force_mfa']);
$user_config_records_per_page = intval($row['user_config_records_per_page']);
$user_config_theme_dark = intval($row['user_config_theme_dark']);
// Check user type is agent aka 1
if ($session_user_type !== 1) {
session_unset();
session_destroy();
redirect("/client/login.php");
redirect("/login.php");
}
// Check User is active
if ($session_user_status !== 1) {
session_unset();
session_destroy();
redirect("/login.php");
}
// Check User is archived
if ($session_user_archived_at !== null) {
session_unset();
session_destroy();
redirect("/login.php");
}
// Load user client permissions