Add User Type to session, along with user type check

check_login.php

@@ -27,6 +27,11 @@ if (!isset($_SESSION['logged']) || !$_SESSION['logged']) {
     exit;
 }
 
+// Check user type
+if ($_SESSION['user_type'] !== 1) {
+    header("Location: login.php");
+    exit();
+}
 
 // Set Timezone
 require_once "inc_set_timezone.php";

login.php

@@ -194,6 +194,7 @@ if (isset($_POST['login'])) {
             // Session info
             $_SESSION['user_id'] = $user_id;
             $_SESSION['user_name'] = $user_name;
+            $_SESSION['user_type'] = 1;
             $_SESSION['user_role'] = $user_role;
             $_SESSION['csrf_token'] = randomString(156);
             $_SESSION['logged'] = true;

portal/check_login.php

@@ -20,6 +20,12 @@ if (!isset($_SESSION['client_logged_in']) || !$_SESSION['client_logged_in']) {
     die;
 }
 
+// Check user type
+if ($_SESSION['user_type'] !== 2) {
+    header("Location: login.php");
+    exit();
+}
+
 // Set Timezone
 require_once "../inc_set_timezone.php";
 

portal/login.php

@@ -72,6 +72,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) {
                 $_SESSION['client_logged_in'] = true;
                 $_SESSION['client_id'] = $client_id;
                 $_SESSION['user_id'] = $user_id;
+                $_SESSION['user_type'] = 2;
                 $_SESSION['contact_id'] = $contact_id;
                 $_SESSION['login_method'] = "local";
 

portal/login_microsoft.php

@@ -114,6 +114,7 @@ if (isset($_POST['code']) && $_POST['state'] == session_id()) {
                 $_SESSION['client_logged_in'] = true;
                 $_SESSION['client_id'] = $client_id;
                 $_SESSION['user_id'] = $user_id;
+                $_SESSION['user_type'] = 2;
                 $_SESSION['contact_id'] = $contact_id;
                 $_SESSION['login_method'] = "azure";