if (!$thisstaff->getId() || !$thisstaff->isValid()) { if (isset($_SESSION['_staff']['auth']['msg'])) { $msg = $_SESSION['_staff']['auth']['msg']; unset($_SESSION['_staff']['auth']['msg']); } elseif (isset($_SESSION['_staff']['userID']) && !$thisstaff->isValid()) { $msg = 'Session timed out due to inactivity'; } else { $msg = 'Authentication Required'; } staffLoginPage($msg); exit; } //2) if not super admin..check system status and group status if (!$thisstaff->isAdmin()) { //Check for disabled staff or group! if (!$thisstaff->isactive() || !$thisstaff->isGroupActive()) { staffLoginPage('Access Denied. Contact Admin'); exit; } //Staff are not allowed to login in offline mode!! if (!$ost->isSystemOnline() || $ost->isUpgradePending()) { staffLoginPage('System Offline'); exit; } } //Keep the session activity alive $thisstaff->refreshSession(); /******* CSRF Protectin *************/ // Enforce CSRF protection for POSTS if ($_POST && !$ost->checkCSRFToken()) { Http::response(400, 'Valid CSRF Token Required');