Change hooks to use login context

web/inc/main.php

@@ -129,7 +129,8 @@ function render_page($user, $TAB, $page) {
     extract($GLOBALS, EXTR_SKIP);
 
     // Body
-    if (($_SESSION['user'] !== 'admin') && (@include($__template_dir . "user/$page.html"))) {
+    // if (($_SESSION['user'] !== 'admin') && (@include($__template_dir . "user/$page.html"))) {
+    if (($_SESSION['loginContext'] == 'admin') && (@include($__template_dir . "user/$page.html"))) {
         // User page loaded
     } else {
         // Not admin or user page doesn't exist

web/list/server/index.php

@@ -6,7 +6,7 @@ $TAB = 'SERVER';
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
 // Check user
-if ($_SESSION['user'] != 'admin') {
+if ($_SESSION['userContext'] !== "admin") {
     header("Location: /list/user");
     exit;
 }

web/list/user/index.php

@@ -6,7 +6,7 @@ $TAB = 'USER';
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
 // Data
-if ($user == 'admin') {
+if ($_SESSION['loginContext'] == 'admin') {
     exec (HESTIA_CMD . "v-list-users json", $output, $return_var);
 } else {
     exec (HESTIA_CMD . "v-list-user ".$user." json", $output, $return_var);

web/login/index.php

@@ -124,6 +124,10 @@ function authenticate_user($user, $password, $twofa = ''){
                  //   exec (HESTIA_CMD . "v-list-user admin json", $output, $return_var);
                  //   $data = json_decode(implode('', $output), true);
                  //   unset($output);
+
+                    $_SESSION['userContext'] = 'admin';
+                } else {
+                    $_SESSION['userContext'] = 'user';
                 }
                 // Define session user
                 $_SESSION['user'] = key($data);

web/restart/service/index.php

@@ -1,8 +1,6 @@
 <?php
 // Init
 error_reporting(NULL);
-ob_start();
-session_start();
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
 // Check token
@@ -11,7 +9,7 @@ if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
     exit();
 }
 
-if ($_SESSION['user'] == 'admin') {
+if ($_SESSION['userContext'] == "admin") {
     if (!empty($_GET['srv'])) {
         if ($_GET['srv'] == 'iptables') {
             exec (HESTIA_CMD."v-update-firewall", $output, $return_var);

web/start/service/index.php

@@ -11,7 +11,7 @@ if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
     exit();
 }
 
-if ($_SESSION['user'] == 'admin') {
+if ($_SESSION['userContext'] == "admin") {
     if (!empty($_GET['srv'])) {
         if ($_GET['srv'] == 'iptables') {
             exec (HESTIA_CMD."v-update-firewall", $output, $return_var);

web/stop/service/index.php

@@ -11,7 +11,7 @@ if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
     exit();
 }
 
-if ($_SESSION['user'] == 'admin') {
+if ($_SESSION['userContext'] == "admin") {
     if (!empty($_GET['srv'])) {
         if ($_GET['srv'] == 'iptables') {
             exec (HESTIA_CMD."v-stop-firewall", $output, $return_var);

web/update/hestia/index.php

@@ -11,7 +11,7 @@ if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
     exit();
 }
 
-if ($_SESSION['user'] == 'admin') {
+if ($_SESSION['userContext'] == "admin") {
     if (!empty($_GET['pkg'])) {
         $v_pkg = escapeshellarg($_GET['pkg']);
         exec (HESTIA_CMD."v-update-sys-hestia ".$v_pkg, $output, $return_var);