Ticket View. Peter Rotich <*****@*****.**> Copyright (c) 2006-2010 osTicket http://www.osticket.com Released under the GNU General Public License WITHOUT ANY WARRANTY. See LICENSE.TXT for details. vim: expandtab sw=4 ts=4 sts=4: $Id: $ **********************************************************************/ require_once 'client.inc.php'; $errors = array(); // Check if the client is already signed in. Don't corrupt their session! if ($_GET['auth'] && $thisclient && ($u = TicketUser::lookupByToken($_GET['auth'])) && $u->getUserId() == $thisclient->getId()) { // Switch auth keys ? (Otherwise the user can never use links for two // different tickets) if (($bk = $thisclient->getAuthBackend()) instanceof AuthTokenAuthentication) { $bk->setAuthKey($u, $bk); } Http::redirect('tickets.php?id=' . $u->getTicketId()); } elseif (isset($_GET['auth']) || isset($_GET['t'])) { // TODO: Consider receiving an AccessDenied object $user = UserAuthenticationBackend::processSignOn($errors, false); } if (@$user && is_object($user) && $user->getTicketId()) { Http::redirect('tickets.php?id=' . $user->getTicketId()); } $nav = new UserNav(); $nav->setActiveNav('status');
function signOn() { $user = null; if ($_GET['auth']) { if ($u = TicketUser::lookupByToken($_GET['auth'])) { $user = new ClientSession($u); } } elseif ($_GET['t'] && $_GET['e'] && $_GET['a']) { if (($ticket = Ticket::lookupByNumber($_GET['t'], $_GET['e'])) && !strcasecmp($_GET['a'], md5($ticket->getId() . $_GET['e'] . SECRET_SALT)) && ($owner = $ticket->getOwner())) { $user = new ClientSession($owner); } } return $user; }
Copyright (c) 2006-2010 osTicket http://www.osticket.com Released under the GNU General Public License WITHOUT ANY WARRANTY. See LICENSE.TXT for details. vim: expandtab sw=4 ts=4 sts=4: $Id: $ **********************************************************************/ require_once('client.inc.php'); $errors = array(); // Check if the client is already signed in. Don't corrupt their session! if ($_GET['auth'] && $thisclient && ($u = TicketUser::lookupByToken($_GET['auth'])) && ($u->getUserId() == $thisclient->getId()) ) { // Switch auth keys ? (Otherwise the user can never use links for two // different tickets) if (($bk = $thisclient->getAuthBackend()) instanceof AuthTokenAuthentication) { $bk->setAuthKey($u, $bk); } Http::redirect('tickets.php?id='.$u->getTicketId()); } // Try autologin the user // Authenticated user can be of type ticket owner or collaborator elseif (isset($_GET['auth']) || isset($_GET['t'])) { // TODO: Consider receiving an AccessDenied object $user = UserAuthenticationBackend::processSignOn($errors, false); }