From 7e55808a052914f4579c59de82666bc22cc5dfee Mon Sep 17 00:00:00 2001
From: johnnyq <johnny@pittpc.com>
Date: Mon, 4 Aug 2025 18:16:13 -0400
Subject: [PATCH] add some redirect to login.php, fix ticket post

---
 login.php            | 14 +++++---------
 user/post/ticket.php |  2 +-
 2 files changed, 6 insertions(+), 10 deletions(-)

diff --git a/login.php b/login.php
index 31ab4c01..c18c003f 100644
--- a/login.php
+++ b/login.php
@@ -4,8 +4,7 @@
 header("Content-Security-Policy: default-src 'self'");
 
 if (!file_exists('config.php')) {
-    header("Location: setup");
-    exit;
+    redirect("setup");
 }
 
 require_once "config.php";
@@ -31,11 +30,11 @@ $session_user_agent = sanitizeInput($_SERVER['HTTP_USER_AGENT']);
 // Block brute force password attacks - check recent failed login attempts for this IP
 //  Block access if more than 15 failed login attempts have happened in the last 10 minutes
 $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(log_id) AS failed_login_count FROM logs WHERE log_ip = '$session_ip' AND log_type = 'Login' AND log_action = 'Failed' AND log_created_at > (NOW() - INTERVAL 10 MINUTE)"));
+
 $failed_login_count = intval($row['failed_login_count']);
 
 if ($failed_login_count >= 15) {
 
-    // Logging
     logAction("Login", "Blocked", "$session_ip was blocked access to login due to IP lockout");
 
     // Inform user & quit processing page
@@ -75,8 +74,7 @@ $config_login_remember_me_expire = intval($row['config_login_remember_me_expire'
 //  If no/incorrect 'key' is supplied, send to client portal instead
 if ($config_login_key_required) {
     if (!isset($_GET['key']) || $_GET['key'] !== $config_login_key_secret) {
-        header("Location: client");
-        exit();
+        redirect("client");
     }
 }
 
@@ -188,7 +186,6 @@ if (isset($_POST['login'])) {
                 addToMailQueue($data);
             }
 
-            // Logging
             logAction("Login", "Success", "$user_name successfully logged in $extended_log", 0, $user_id);
 
             // Session info
@@ -219,9 +216,9 @@ if (isset($_POST['login'])) {
 
             }
             if (isset($_GET['last_visited'])) {
-                header("Location: ".$_SERVER["REQUEST_SCHEME"] . "://" . $config_base_url . base64_decode($_GET['last_visited']) );
+                redirect($_SERVER["REQUEST_SCHEME"] . "://" . $config_base_url . base64_decode($_GET['last_visited']) );
             } else {
-                header("Location: $config_start_page");
+                redirect("user/$config_start_page");
             }
         } else {
 
@@ -276,7 +273,6 @@ if (isset($_POST['login'])) {
 
         header("HTTP/1.1 401 Unauthorized");
 
-        // Logging
         logAction("Login", "Failed", "Failed login attempt using $email");
 
         $response = "
diff --git a/user/post/ticket.php b/user/post/ticket.php
index 0da93a27..e73be383 100644
--- a/user/post/ticket.php
+++ b/user/post/ticket.php
@@ -1188,7 +1188,7 @@ if (isset($_POST['bulk_resolve_tickets'])) {
     flash_alert("Resolved <strong>$ticket_count</strong> Tickets");
 
     if ($skipped_count > 0) {
-        flash_alert("Resolved <strong>$ticket_count</strong> Tickets <strong>$skipped_count</strong> ticket(s) could not be resolved because they have open tasks.", 'info';
+        flash_alert("Resolved <strong>$ticket_count</strong> Tickets <strong>$skipped_count</strong> ticket(s) could not be resolved because they have open tasks.", 'info');
     }
 
     redirect();