Convert to 4 spaces; General tidy
This commit is contained in:
Marcus Hill
@@ -1,36 +1,36 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
if (!isset($_SESSION)) {
|
if (!isset($_SESSION)) {
|
||||||
// HTTP Only cookies
|
// HTTP Only cookies
|
||||||
ini_set("session.cookie_httponly", True);
|
ini_set("session.cookie_httponly", true);
|
||||||
if ($config_https_only) {
|
if ($config_https_only) {
|
||||||
// Tell client to only send cookie(s) over HTTPS
|
// Tell client to only send cookie(s) over HTTPS
|
||||||
ini_set("session.cookie_secure", True);
|
ini_set("session.cookie_secure", true);
|
||||||
}
|
}
|
||||||
session_start();
|
session_start();
|
||||||
}
|
}
|
||||||
|
|
||||||
//Check to see if setup is enabled
|
//Check to see if setup is enabled
|
||||||
if (!isset($config_enable_setup) || $config_enable_setup == 1) {
|
if (!isset($config_enable_setup) || $config_enable_setup == 1) {
|
||||||
header("Location: setup.php");
|
header("Location: setup.php");
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check user is logged in with a valid session
|
// Check user is logged in with a valid session
|
||||||
if (!isset($_SESSION['logged']) || !$_SESSION['logged']) {
|
if (!isset($_SESSION['logged']) || !$_SESSION['logged']) {
|
||||||
header("Location: login.php");
|
header("Location: login.php");
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
// SESSION FINGERPRINT
|
// SESSION FINGERPRINT
|
||||||
$session_ip = strip_tags(mysqli_real_escape_string($mysqli,getIP()));
|
$session_ip = strip_tags(mysqli_real_escape_string($mysqli, getIP()));
|
||||||
|
|
||||||
// User agent
|
// User agent
|
||||||
$session_user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
|
$session_user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
|
||||||
|
|
||||||
$session_user_id = $_SESSION['user_id'];
|
$session_user_id = $_SESSION['user_id'];
|
||||||
|
|
||||||
$sql = mysqli_query($mysqli,"SELECT * FROM users, user_settings WHERE users.user_id = user_settings.user_id AND users.user_id = $session_user_id");
|
$sql = mysqli_query($mysqli, "SELECT * FROM users, user_settings WHERE users.user_id = user_settings.user_id AND users.user_id = $session_user_id");
|
||||||
$row = mysqli_fetch_array($sql);
|
$row = mysqli_fetch_array($sql);
|
||||||
$session_name = mysqli_real_escape_string($mysqli, $row['user_name']);
|
$session_name = mysqli_real_escape_string($mysqli, $row['user_name']);
|
||||||
$session_email = $row['user_email'];
|
$session_email = $row['user_email'];
|
||||||
@@ -39,29 +39,29 @@ $session_token = $row['user_token'];
|
|||||||
$session_company_id = $row['user_default_company'];
|
$session_company_id = $row['user_default_company'];
|
||||||
$session_user_role = $row['user_role'];
|
$session_user_role = $row['user_role'];
|
||||||
if ($session_user_role == 3) {
|
if ($session_user_role == 3) {
|
||||||
$session_user_role_display = "Administrator";
|
$session_user_role_display = "Administrator";
|
||||||
}elseif ($session_user_role == 2) {
|
} elseif ($session_user_role == 2) {
|
||||||
$session_user_role_display = "Technician";
|
$session_user_role_display = "Technician";
|
||||||
}else{
|
} else {
|
||||||
$session_user_role_display = "Accountant";
|
$session_user_role_display = "Accountant";
|
||||||
}
|
}
|
||||||
|
|
||||||
//LOAD USER COMPANY ACCESS PERMISSIONS
|
//LOAD USER COMPANY ACCESS PERMISSIONS
|
||||||
$session_user_company_access_sql = mysqli_query($mysqli,"SELECT company_id FROM user_companies WHERE user_id = $session_user_id");
|
$session_user_company_access_sql = mysqli_query($mysqli, "SELECT company_id FROM user_companies WHERE user_id = $session_user_id");
|
||||||
$session_user_company_access_array = array();
|
$session_user_company_access_array = array();
|
||||||
while ($row = mysqli_fetch_array($session_user_company_access_sql)) {
|
while ($row = mysqli_fetch_array($session_user_company_access_sql)) {
|
||||||
$session_user_company_access_array[] = $row['company_id'];
|
$session_user_company_access_array[] = $row['company_id'];
|
||||||
}
|
}
|
||||||
$session_user_company_access = implode(',',$session_user_company_access_array);
|
$session_user_company_access = implode(',', $session_user_company_access_array);
|
||||||
|
|
||||||
//Check to see if user has rights to company Prevents User from access a company he is not allowed to have access to.
|
//Check to see if user has rights to company Prevents User from access a company he is not allowed to have access to.
|
||||||
if (!in_array($session_company_id,$session_user_company_access_array)) {
|
if (!in_array($session_company_id, $session_user_company_access_array)) {
|
||||||
session_start();
|
session_start();
|
||||||
session_destroy();
|
session_destroy();
|
||||||
header('Location: login.php');
|
header('Location: login.php');
|
||||||
}
|
}
|
||||||
|
|
||||||
$sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = $session_company_id");
|
$sql = mysqli_query($mysqli, "SELECT * FROM companies WHERE company_id = $session_company_id");
|
||||||
$row = mysqli_fetch_array($sql);
|
$row = mysqli_fetch_array($sql);
|
||||||
|
|
||||||
$session_company_name = $row['company_name'];
|
$session_company_name = $row['company_name'];
|
||||||
@@ -69,21 +69,21 @@ $session_company_country = $row['company_country'];
|
|||||||
$session_company_locale = $row['company_locale'];
|
$session_company_locale = $row['company_locale'];
|
||||||
$session_company_currency = $row['company_currency'];
|
$session_company_currency = $row['company_currency'];
|
||||||
|
|
||||||
include("get_settings.php");
|
require_once("get_settings.php");
|
||||||
|
|
||||||
//Detects if using an Apple device and uses Apple Maps instead of google
|
//Detects if using an Apple device and uses Apple Maps instead of google
|
||||||
$iPod = stripos($_SERVER['HTTP_USER_AGENT'],"iPod");
|
$iPod = stripos($_SERVER['HTTP_USER_AGENT'], "iPod");
|
||||||
$iPhone = stripos($_SERVER['HTTP_USER_AGENT'],"iPhone");
|
$iPhone = stripos($_SERVER['HTTP_USER_AGENT'], "iPhone");
|
||||||
$iPad = stripos($_SERVER['HTTP_USER_AGENT'],"iPad");
|
$iPad = stripos($_SERVER['HTTP_USER_AGENT'], "iPad");
|
||||||
|
|
||||||
if ($iPod || $iPhone || $iPad) {
|
if ($iPod || $iPhone || $iPad) {
|
||||||
$session_map_source = "apple";
|
$session_map_source = "apple";
|
||||||
}else{
|
} else {
|
||||||
$session_map_source = "google";
|
$session_map_source = "google";
|
||||||
}
|
}
|
||||||
|
|
||||||
//Get Notification Count for the badge on the top nav
|
//Get Notification Count for the badge on the top nav
|
||||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('notification_id') AS num FROM notifications WHERE (notification_user_id = $session_user_id OR notification_user_id = 0) AND notification_dismissed_at IS NULL AND company_id = $session_company_id"));
|
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('notification_id') AS num FROM notifications WHERE (notification_user_id = $session_user_id OR notification_user_id = 0) AND notification_dismissed_at IS NULL AND company_id = $session_company_id"));
|
||||||
$num_notifications = $row['num'];
|
$num_notifications = $row['num'];
|
||||||
|
|
||||||
//Set Currency Format
|
//Set Currency Format
|
||||||
|
|||||||
Reference in New Issue
Block a user