If you're logged in as a client, stay that way

When following a link from an email, if you are already signed in to the help desk as a client, you should just be redirected to the new ticket.

If you're logged in as a client, stay that way
bda2e422 · Jared Hancock · 30f91280 · bda2e422 · bda2e422
Commit bda2e422 authored 11 years ago by Jared Hancock
--- a/include/class.client.php
+++ b/include/class.client.php
@@ -149,6 +149,10 @@ abstract class TicketUser {
        return $this->_guest;
    }
+    function getUserId() {
+        return $this->user->getId();
+    }
    abstract function getTicketId();
    abstract function getTicket();
 }

--- a/view.php
+++ b/view.php
@@ -16,14 +16,23 @@
 **********************************************************************/
 require_once('client.inc.php');
+$errors = array();
+// Check if the client is already signed in. Don't corrupt their session!
+if ($_GET['auth']
+        && $thisclient
+        && ($u = TicketUser::lookupByToken($_GET['auth']))
+        && ($u->getUserId() == $thisclient->getId())
+) {
+    Http::redirect('tickets.php?id='.$u->getTicketId());
+}
 // Try autologin the user
 // Authenticated user can be of type ticket owner or collaborator
-$errors = array();
+elseif (isset($_GET['auth']) || isset($_GET['t'])) {
-if (isset($_GET['auth']) || isset($_GET['t']))
    // TODO: Consider receiving an AccessDenied object
    $user =  UserAuthenticationBackend::processSignOn($errors, false);
+}
-if ($user && $user->getTicketId())
+if (@$user && is_object($user) && $user->getTicketId())
    Http::redirect('tickets.php?id='.$user->getTicketId());
 $nav = new UserNav();