} else { $msg = 'Authentication Required'; } staffLoginPage($msg); exit; } //2) if not super admin..check system status and group status if (!$thisstaff->isAdmin()) { //Check for disabled staff or group! if (!$thisstaff->isactive() || !$thisstaff->isGroupActive()) { staffLoginPage('Access Denied. Contact Admin'); exit; } //Staff are not allowed to login in offline mode!! if (!$ost->isSystemOnline() || $ost->isUpgradePending()) { staffLoginPage('System Offline'); exit; } } //Keep the session activity alive $thisstaff->refreshSession(); /******* CSRF Protectin *************/ // Enforce CSRF protection for POSTS if ($_POST && !$ost->checkCSRFToken()) { Http::response(400, 'Valid CSRF Token Required'); exit; } //Add token to the header - used on ajax calls [DO NOT CHANGE THE NAME] $ost->addExtraHeader('<meta name="csrf_token" content="' . $ost->getCSRFToken() . '" />'); /******* SET STAFF DEFAULTS **********/ //Set staff's timezone offset.
} else { $msg = __('Ingresar usuario y contraseña'); } staffLoginPage($msg); exit; } //2) if not super admin..check system status and group status if (!$thisstaff->isAdmin()) { //Check for disabled staff or group! if (!$thisstaff->isactive() || !$thisstaff->isGroupActive()) { staffLoginPage(__('Access Denied. Contact Admin')); exit; } //Staff are not allowed to login in offline mode!! if (!$ost->isSystemOnline() || $ost->isUpgradePending()) { staffLoginPage(__('System Offline')); exit; } } //Keep the session activity alive $thisstaff->refreshSession(); /******* CSRF Protectin *************/ // Enforce CSRF protection for POSTS if ($_POST && !$ost->checkCSRFToken()) { Http::response(400, __('Valid CSRF Token Required')); exit; } //Add token to the header - used on ajax calls [DO NOT CHANGE THE NAME] $ost->addExtraHeader('<meta name="csrf_token" content="' . $ost->getCSRFToken() . '" />'); /******* SET STAFF DEFAULTS **********/ //Set staff's timezone offset.
$thisuser = new StaffSession($_SESSION['_staff']['userID']); /* always reload??? */ //1) is the user Logged in for real && is staff. if (!is_object($thisuser) || !$thisuser->getId() || !$thisuser->isValid()) { $msg = !$thisuser || !$thisuser->isValid() ? _('Authentication Required') : _('Session timed out due to inactivity'); staffLoginPage($msg); exit; } //2) if not super admin..check system and role status if (!$thisuser->isadmin()) { if ($cfg->isHelpDeskOffline()) { staffLoginPage(_('System Offline')); exit; } if (!$thisuser->isactive() || !$thisuser->isRoleActive()) { staffLoginPage(_('Access Disabled. Contact Admin')); exit; } } //Keep the session activity alive $thisuser->refreshSession(); //Set staff's timezone offset. $_SESSION['TZ_OFFSET'] = $thisuser->getTZoffset(); $_SESSION['daylight'] = $thisuser->observeDaylight(); define('AUTO_REFRESH_RATE', $thisuser->getRefreshRate() * 60); //Clear some vars. we use in all pages. $errors = array(); $msg = $warn = $sysnotice = ''; $tabs = array(); $submenu = array(); if (defined('THIS_VERSION') && strcasecmp($cfg->getVersion(), substr(THIS_VERSION, 0, strripos(THIS_VERSION, '.')))) {
//1) is the user Logged in for real && is staff. if (!$thisstaff || !is_object($thisstaff) || !$thisstaff->getId() || !$thisstaff->isValid()) { $msg = !$thisstaff || !$thisstaff->isValid() ? 'Authentication Required' : 'Session timed out due to inactivity'; staffLoginPage($msg); exit; } //2) if not super admin..check system status and group status if (!$thisstaff->isadmin()) { //Staff are not allowed to login in offline mode!! if ($cfg->isHelpDeskOffline()) { staffLoginPage('System Offline'); exit; } //Check for disabled staff or group! if (!$thisstaff->isactive() || !$thisstaff->isGroupActive()) { staffLoginPage('Access Denied. Contact Admin'); exit; } } //Keep the session activity alive $thisstaff->refreshSession(); //Set staff's timezone offset. $_SESSION['TZ_OFFSET'] = $thisstaff->getTZoffset(); $_SESSION['daylight'] = $thisstaff->observeDaylight(); define('AUTO_REFRESH_RATE', $thisstaff->getRefreshRate() * 60); //Clear some vars. we use in all pages. $errors = array(); $msg = $warn = $sysnotice = ''; $tabs = array(); $submenu = array(); if (defined('THIS_VERSION') && strcasecmp($cfg->getVersion(), THIS_VERSION)) {
$thisuser = new StaffSession($_SESSION['_staff']['userID']); /*always reload???*/ //1) is the user Logged in for real && is staff. if (!is_object($thisuser) || !$thisuser->getId() || !$thisuser->isValid()) { $msg = !$thisuser || !$thisuser->isValid() ? 'Se requiere autenticación' : 'Se a desconectado por inactividad'; staffLoginPage($msg); exit; } //2) if not super admin..check system and group status if (!$thisuser->isadmin()) { if ($cfg->isHelpDeskOffline()) { staffLoginPage('Sistema Deshabilitado'); exit; } if (!$thisuser->isactive() || !$thisuser->isGroupActive()) { staffLoginPage('Acceso Denegado. Contacta al Administrador.'); exit; } } //Keep the session activity alive $thisuser->refreshSession(); //Set staff's timezone offset. $_SESSION['TZ_OFFSET'] = $thisuser->getTZoffset(); $_SESSION['daylight'] = $thisuser->observeDaylight(); define('AUTO_REFRESH_RATE', $thisuser->getRefreshRate() * 60); //Clear some vars. we use in all pages. $errors = array(); $msg = $warn = $sysnotice = ''; $tabs = array(); $submenu = array(); if (defined('THIS_VERSION') && strcasecmp($cfg->getVersion(), THIS_VERSION)) {
$thisuser = new StaffSession($_SESSION['_staff']['userID']); /*always reload???*/ //1) is the user Logged in for real && is staff. if (!is_object($thisuser) || !$thisuser->getId() || !$thisuser->isValid()) { $msg = !$thisuser || !$thisuser->isValid() ? 'Autenticação necessária' : 'Sessão expirada devido a inatividade.'; staffLoginPage($msg); exit; } //2) if not super admin..check system and group status if (!$thisuser->isadmin()) { if ($cfg->isHelpDeskOffline()) { staffLoginPage('Sistema offline.'); exit; } if (!$thisuser->isactive() || !$thisuser->isGroupActive()) { staffLoginPage('Acesso negado. Contate os administradores.'); exit; } } //Keep the session activity alive $thisuser->refreshSession(); //Set staff's timezone offset. $_SESSION['TZ_OFFSET'] = $thisuser->getTZoffset(); $_SESSION['daylight'] = $thisuser->observeDaylight(); define('AUTO_REFRESH_RATE', $thisuser->getRefreshRate() * 60); //Clear some vars. we use in all pages. $errors = array(); $msg = $warn = $sysnotice = ''; $tabs = array(); $submenu = array(); if (defined('THIS_VERSION') && strcasecmp($cfg->getVersion(), THIS_VERSION)) {