function hesk_isLoggedIn()
{
global $hesk_settings;
$referer = hesk_input($_SERVER['REQUEST_URI']);
$referer = str_replace('&', '&', $referer);
if (empty($_SESSION['id']) || empty($_SESSION['session_verify'])) {
if ($hesk_settings['autologin'] && hesk_autoLogin(1)) {
// Users online
if ($hesk_settings['online']) {
require HESK_PATH . 'inc/users_online.inc.php';
hesk_initOnline($_SESSION['id']);
}
return true;
}
hesk_session_stop();
$url = 'index.php?a=login¬ice=1&goto=' . urlencode($referer);
header('Location: ' . $url);
exit;
} else {
hesk_session_regenerate_id();
// Let's make sure access data is up-to-date
$res = hesk_dbQuery("SELECT `user`, `pass`, `isadmin`, `categories`, `heskprivileges` FROM `" . $hesk_settings['db_pfix'] . "users` WHERE `id` = '" . intval($_SESSION['id']) . "' LIMIT 1");
// Exit if user not found
if (hesk_dbNumRows($res) != 1) {
hesk_session_stop();
$url = 'index.php?a=login¬ice=1&goto=' . urlencode($referer);
header('Location: ' . $url);
exit;
}
// Fetch results from database
$me = hesk_dbFetchAssoc($res);
// Verify this session is still valid
if (!hesk_activeSessionValidate($me['user'], $me['pass'], $_SESSION['session_verify'])) {
hesk_session_stop();
$url = 'index.php?a=login¬ice=1&goto=' . urlencode($referer);
header('Location: ' . $url);
exit;
}
// Update session variables as needed
if ($me['isadmin'] == 1) {
$_SESSION['isadmin'] = 1;
} else {
$_SESSION['isadmin'] = 0;
$_SESSION['categories'] = explode(',', $me['categories']);
$_SESSION['heskprivileges'] = $me['heskprivileges'];
}
// Users online
if ($hesk_settings['online']) {
require HESK_PATH . 'inc/users_online.inc.php';
hesk_initOnline($_SESSION['id']);
}
return true;
}
}
function hesk_isLoggedIn()
{
global $hesk_settings;
$referer = hesk_input($_SERVER['REQUEST_URI']);
$referer = str_replace('&', '&', $referer);
if (empty($_SESSION['id'])) {
if ($hesk_settings['autologin'] && hesk_autoLogin(1)) {
// Users online
if ($hesk_settings['online']) {
require HESK_PATH . 'inc/users_online.inc.php';
hesk_initOnline($_SESSION['id']);
}
return true;
}
// Some pages cannot be redirected to
$modify_redirect = array('admin_reply_ticket.php' => 'admin_main.php', 'admin_settings_save.php' => 'admin_settings.php', 'delete_tickets.php' => 'admin_main.php', 'move_category.php' => 'admin_main.php', 'priority.php' => 'admin_main.php');
foreach ($modify_redirect as $from => $to) {
if (strpos($referer, $from) !== false) {
$referer = $to;
}
}
$url = 'index.php?a=login¬ice=1&goto=' . urlencode($referer);
header('Location: ' . $url);
exit;
} else {
hesk_session_regenerate_id();
// Need to update permissions?
if (empty($_SESSION['isadmin'])) {
$res = hesk_dbQuery("SELECT `isadmin`, `categories`, `heskprivileges` FROM `" . $hesk_settings['db_pfix'] . "users` WHERE `id` = '" . intval($_SESSION['id']) . "' LIMIT 1");
if (hesk_dbNumRows($res) == 1) {
$me = hesk_dbFetchAssoc($res);
foreach ($me as $k => $v) {
$_SESSION[$k] = $v;
}
// Get allowed categories
if (empty($_SESSION['isadmin'])) {
$_SESSION['categories'] = explode(',', $_SESSION['categories']);
}
} else {
hesk_session_stop();
$url = 'index.php?a=login¬ice=1&goto=' . urlencode($referer);
header('Location: ' . $url);
exit;
}
}
// Users online
if ($hesk_settings['online']) {
require HESK_PATH . 'inc/users_online.inc.php';
hesk_initOnline($_SESSION['id']);
}
return true;
}
}
