Redirect/show techs to technical dashboard on login/navbar

2023-01-01 13:41:29 +00:00
parent 4ec88257d7
commit 07986954f5
2 changed files with 263 additions and 231 deletions
@@ -87,11 +87,21 @@ if(isset($_POST['login'])){
            }

            if (empty($token)) {
+                // Full Login successful
+
                $_SESSION['logged'] = TRUE;
                mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = 'Success', log_description = '$user_name successfully logged in', log_ip = '$ip', log_user_agent = '$user_agent', log_user_id = $user_id");

-                header("Location: dashboard_financial.php");
+                // Show start page/dashboard depending on role
+                if ($row['user_role'] == 2) {
+                    header("Location: dashboard_technical.php");
                } else {
+                    header("Location: dashboard_financial.php");
+                }
+
+            } else {
+                // Prompt for MFA
+
                $token_field = "<div class='input-group mb-3'>
                <input type='text' class='form-control' placeholder='Token' name='current_code' autofocus>
                <div class='input-group-append'>
@@ -104,10 +114,17 @@ if(isset($_POST['login'])){
                require_once("rfc6238.php");

                if (TokenAuth6238::verify($token, $current_code)) {
+                    // Full login (with MFA) successful
                    $_SESSION['logged'] = TRUE;
                    mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login 2FA', log_action = 'Success', log_description = '$user_name successfully logged in using 2FA', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_user_id = $user_id");
-                    //header("Location: $config_start_page");
+
+                    // Show start page/dashboard depending on role
+                    if ($row['user_role'] == 2) {
+                        header("Location: dashboard_technical.php");
+                    } else {
                        header("Location: dashboard_financial.php");
+                    }
+
                } else {
                    mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Login', log_action = '2FA Failed', log_description = '$user_name failed 2FA', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_user_id = $user_id");

@@ -60,6 +60,18 @@

            <ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" data-accordion="false">

+                <!-- Dashboard item (tech/financial) -->
+                <?php if ($session_user_role == 2){ ?>
+
+                    <li class="nav-item">
+                        <a href="dashboard_technical.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "dashboard_technical.php") { echo "active"; } ?>">
+                            <i class="nav-icon fas fa-tachometer-alt"></i>
+                            <p>Dashboard</p>
+                        </a>
+                    </li>
+
+                <?php } else { ?>
+
                    <li class="nav-item">
                        <a href="dashboard_financial.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "dashboard_financial.php") { echo "active"; } ?>">
                            <i class="nav-icon fas fa-tachometer-alt"></i>
@@ -67,6 +79,9 @@
                        </a>
                    </li>

+                <?php } ?>
+                <!-- End dashboard item (tech/financial) -->
+
                <li class="nav-item">
                    <a href="clients.php" class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "clients.php") { echo "active"; } ?>">
                        <i class="nav-icon fas fa-users"></i>