mirror of
https://github.com/itflow-org/itflow
synced 2026-03-28 16:25:40 +00:00
Check for user type of during login and set a temp if condition on check_login.php to see if user_type field exists and query user based off that result, the condition will be removed at a later date
This commit is contained in:
johnnyq
@@ -38,13 +38,36 @@ $session_user_agent = sanitizeInput($_SERVER['HTTP_USER_AGENT']);
|
|||||||
|
|
||||||
$session_user_id = intval($_SESSION['user_id']);
|
$session_user_id = intval($_SESSION['user_id']);
|
||||||
|
|
||||||
$sql = mysqli_query(
|
//REMOVE After everyone has updated
|
||||||
$mysqli,
|
$column_check_query = "
|
||||||
"SELECT * FROM users
|
SELECT COUNT(*)
|
||||||
LEFT JOIN user_settings ON users.user_id = user_settings.user_id
|
FROM INFORMATION_SCHEMA.COLUMNS
|
||||||
LEFT JOIN user_roles ON user_settings.user_role = user_roles.user_role_id
|
WHERE TABLE_NAME = 'users'
|
||||||
WHERE users.user_id = $session_user_id"
|
AND COLUMN_NAME = 'user_type'
|
||||||
);
|
";
|
||||||
|
|
||||||
|
$result = mysqli_query($mysqli, $column_check_query);
|
||||||
|
$column_exists = mysqli_fetch_row($result)[0] > 0;
|
||||||
|
|
||||||
|
if ($column_exists) {
|
||||||
|
$sql = mysqli_query(
|
||||||
|
$mysqli,
|
||||||
|
"SELECT * FROM users
|
||||||
|
LEFT JOIN user_settings ON users.user_id = user_settings.user_id
|
||||||
|
LEFT JOIN user_roles ON user_settings.user_role = user_roles.user_role_id
|
||||||
|
WHERE user_type = 1
|
||||||
|
AND users.user_id = $session_user_id"
|
||||||
|
);
|
||||||
|
} else {
|
||||||
|
$sql = mysqli_query(
|
||||||
|
$mysqli,
|
||||||
|
"SELECT * FROM users
|
||||||
|
LEFT JOIN user_settings ON users.user_id = user_settings.user_id
|
||||||
|
LEFT JOIN user_roles ON user_settings.user_role = user_roles.user_role_id
|
||||||
|
WHERE users.user_id = $session_user_id"
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
$row = mysqli_fetch_array($sql);
|
$row = mysqli_fetch_array($sql);
|
||||||
$session_name = sanitizeInput($row['user_name']);
|
$session_name = sanitizeInput($row['user_name']);
|
||||||
$session_email = $row['user_email'];
|
$session_email = $row['user_email'];
|
||||||
|
|||||||
@@ -103,7 +103,7 @@ if (isset($_POST['login'])) {
|
|||||||
$current_code = intval($_POST['current_code']);
|
$current_code = intval($_POST['current_code']);
|
||||||
}
|
}
|
||||||
|
|
||||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM users LEFT JOIN user_settings on users.user_id = user_settings.user_id WHERE user_email = '$email' AND user_archived_at IS NULL AND user_status = 1"));
|
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM users LEFT JOIN user_settings on users.user_id = user_settings.user_id WHERE user_email = '$email' AND user_archived_at IS NULL AND user_status = 1 AND user_type = 1"));
|
||||||
|
|
||||||
// Check password
|
// Check password
|
||||||
if ($row && password_verify($password, $row['user_password'])) {
|
if ($row && password_verify($password, $row['user_password'])) {
|
||||||
|
|||||||
Reference in New Issue
Block a user